SlideShare ist ein Scribd-Unternehmen logo

APIs : Mapping the way

WSO2
WSO2
1 von 30
Downloaden Sie, um offline zu lesen
APIs   Mapping  the  Way   Paul  Fremantle   CTO,  WSO2   @pzfreo  #wso2   paul@wso2.com  
Mapping  the  Way   •  Looking  back  –  where  have  we  come  from   •  Current  state  of  the  world   •  Taking  a  look  to  the  future  
APIs   •  An  API  is  a  business  capability  delivered  over  the  Internet   to  internal  or  external  consumers   –  –  –  –  Network  accessible  funcLon     Available  using  standard  web  protocols   With  well-­‐defined  interfaces   Designed  for  access  by  third-­‐parLes     •  A  Managed  API  is:   –  –  –  –  AcLvely  adverLsed  and  subscribe-­‐able   Available  with  SLAs   Secured,  authenLcated,  authorized  and  protected   Monitored  and  moneLzed  with  analyLcs  
Web  API  History   •  The  earliest  APIs  were  various  XML  and  SOAP   services   –  Also  people  manipulaLng  web  applicaLons  and   parsing  HTML  
Authorize.net  (1998)  
Salesforce  
th  2000   Dec  6
Key  differenLators  in  the  evoluLon   •  Self-­‐signup  /  Portal  /  API  Store   •  A  clear  moneLzaLon  model   –  And  a  clear  value  model   •  Ecosystem  thinking   –  Hackathons   –  Forums*   –  Social  Media  integraLon   •  Monitoring   •  Simple  keys  to  OAuth  to  OAuth2     *  yes,  I  know  the  proper  LaLn  is  fora.  I’m  not  an  ancient  Roman  though    
REST  or  rest?   •  REST  –  RepresentaLonal  State  Transfer   –  From  Roy  Fielding’s  thesis  (hbp://freo.me/O9t4nj)     •  A  clear  shie  from  SOAP/HTTP  to  more  resful   JSON/HTTP   •  REST  is  a  good  thing  –  but  actually  quite  rare   amongst  many  APIs  
PrioriLzing  which  bits  of  REST   •  •  •  •  Proper  use  of  verbs   Caching  and  cache-­‐ability   Good  error  codes   Do  not  use  poorly  defined  aspects  of  the  HTTP   spec   –  E.g.  including  an  EnLty  Body  with  a  DELETE   •  Re-­‐usable  /  bookmark-­‐able  links  and  URIs   •  HATEAOS    
Versioning  
Versioning   •  There  are  some  who  say  that  APIs  should   NEVER  have  a  version  number  in  the  URI     •  I  disagree:   –  Versioning  properly  allows  for  evoluLon  and   agility   –  Clear  deprecaLon  and  well-­‐defined  support  for   old  versions    
hbp://www.pdt.com/news/688  
Minimum  Viable  API   •  Minimum  Viable  Product  has  just  enough   features  that  the  product  can  be  deployed  and   used  by  some  customers,  and  no  more.     –  Typically  this  is  a  small  subset  of  the  future   customer  base   •  “Minimum  Viable  API”  is  just  enough  API  that   it  can  be  used  by  some  partners   •  Highly  recommended  especially  in  evolving  an   API  strategy  
API  First   •  Start  with  the  API   –  Before  the  website  /  mobile  app  /  internal  app  /  …   •  Why?   –  Ensures  a  good  API     –  External  Developers  are  not  second  class  ciLzens   –  Inherently  “mobile-­‐first-­‐friendly”   –  Decoupled  development   –  Evolve-­‐ability   –  APIs  everywhere    
API  First  has  requirements   •  •  •  •    Excellent  access  control   Versioning  and  agile   Throbling   Metering  and  moneLzaLon  
OAuth2   •  OAuth2  has  widely  taken  over  from  simple  API   keys     –  E.g.  Google,  Github,  Twiber,  etc   •  Standard  model  from  the  IETF   •  Almost  the  same  as  a  simple  key   –  Well-­‐defined  place  to  put  into  headers   –  Refresh  semanLcs     –  If  you  offer  a  long-­‐lived  key  then  ignore  refresh  
OpenId  Connect  
What  is  OpenID  Connect   •  A  well-­‐defined  pabern  for  using  OAuth2  for   idenLty     –  A  pre-­‐defined  scope     –  A  well-­‐defined  REST  API  for  user  info   –  A  discovery  model   •  My  predicLon:   –  Widespread  adopLon  
hbps://www.flickr.com/photos/1stpix_diecast_dioramas/  
Ecosystems   •  Allow  smaller  organizaLons  to  compete   effecLvely   –  Be  more  agile,  nimble   •  Allow  larger  organizaLons  to  compete  more   effecLvely   –  By  working  with  smaller,  more  agile  partners!   •  Enable  “best-­‐of-­‐breed”  capabiliLes  to  conjoin  to   create  beber  soluLons   •  Take  advantage  of  APIs  and  promote  APIs   –  A  virtuous  circle  
The  wider  sense  of  virtualizaLon   Automation } Control Monitoring Import org.apache.x Agility Flexibility
APIs  and  PaaS   •  APIs  are  the  virtualizaLon  of  funcLon   •  PaaS  is  the  virtualizaLon  of  applicaLon   deployment   •  App  Factory  is  the  virtualizaLon  of   development   •  Together  this  is  basis  for  the  virtualizaLon  of   an  ecosystem  
Summary   •  Build  an  API  strategy  that  revolves  around:   –  CreaLng  or  parLcipaLng  in  an  ecosystem   –  Giving  API  consumers  the  tools  and  capabiliLes   they  need   –  By  being  agile  and  responsive   –  And  using  the  right  technologies  
QuesLons?   hbp://wso2.com/contact  

Empfohlen

Open API Initiative: Six months and counting
Open API Initiative: Six months and countingOpen API Initiative: Six months and counting
Open API Initiative: Six months and counting
Open API Initiative (OAI)
 
9 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 15
9 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 159 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 15
9 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 15
Open API Initiative (OAI)
 
Your API is Bad and You Should Feel Bad
Your API is Bad and You Should Feel BadYour API is Bad and You Should Feel Bad
Your API is Bad and You Should Feel Bad
Amanda Folson
 
API Workshop Amsterdam presented by API Architect Ronnie Mitra
API Workshop Amsterdam presented by API Architect Ronnie MitraAPI Workshop Amsterdam presented by API Architect Ronnie Mitra
API Workshop Amsterdam presented by API Architect Ronnie Mitra
CA API Management
 
Building Your API for Longevity
Building Your API for LongevityBuilding Your API for Longevity
Building Your API for Longevity
MuleSoft
 
Public API
Public APIPublic API
Public API
Amir Zuker
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API Manager
WSO2
 
Best practices for cloud hosted api management
Best practices for cloud hosted api managementBest practices for cloud hosted api management
Best practices for cloud hosted api management
sflynn073
 

Empfohlen

Open API Initiative: Six months and counting
Open API Initiative: Six months and countingOpen API Initiative: Six months and counting
Open API Initiative: Six months and counting
Open API Initiative (OAI)
 
9 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 15
9 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 159 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 15
9 Months and Counting with Jeff Borek of IBM OpenAPI Meetup 2016 09 15
Open API Initiative (OAI)
 
Your API is Bad and You Should Feel Bad
Your API is Bad and You Should Feel BadYour API is Bad and You Should Feel Bad
Your API is Bad and You Should Feel Bad
Amanda Folson
 
API Workshop Amsterdam presented by API Architect Ronnie Mitra
API Workshop Amsterdam presented by API Architect Ronnie MitraAPI Workshop Amsterdam presented by API Architect Ronnie Mitra
API Workshop Amsterdam presented by API Architect Ronnie Mitra
CA API Management
 
Building Your API for Longevity
Building Your API for LongevityBuilding Your API for Longevity
Building Your API for Longevity
MuleSoft
 
Public API
Public APIPublic API
Public API
Amir Zuker
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API Manager
WSO2
 
Best practices for cloud hosted api management
Best practices for cloud hosted api managementBest practices for cloud hosted api management
Best practices for cloud hosted api management
sflynn073
 
Powering Internal API Communities
Powering Internal API CommunitiesPowering Internal API Communities
Powering Internal API Communities
Akana
 
API Description Languages: Which is the Right One for Me?
API Description Languages: Which is the Right One for Me?API Description Languages: Which is the Right One for Me?
API Description Languages: Which is the Right One for Me?
Akana
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
Nadeesha Gamage
 
API Design Collaboration
API Design CollaborationAPI Design Collaboration
API Design Collaboration
Uchit Vyas ☁
 
US census Bureau - Platform Modernization
US census Bureau - Platform ModernizationUS census Bureau - Platform Modernization
US census Bureau - Platform Modernization
Ram Lakshmanan
 
API first approach for frontend developers
API first approach for frontend developersAPI first approach for frontend developers
API first approach for frontend developers
FDConf
 
Entity Linking and REST Patterns in SOA
Entity Linking and REST Patterns in SOA Entity Linking and REST Patterns in SOA
Entity Linking and REST Patterns in SOA
WSO2
 
Why APIs are Different Than Integration
Why APIs are Different Than IntegrationWhy APIs are Different Than Integration
Why APIs are Different Than Integration
Apigee | Google Cloud
 
Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management Strategy
WSO2
 
Swagger & OpenAPI Spec #openapi
Swagger & OpenAPI Spec #openapiSwagger & OpenAPI Spec #openapi
Swagger & OpenAPI Spec #openapi
Muhammad Siddiqi
 
Workshop: API Management
Workshop: API ManagementWorkshop: API Management
Workshop: API Management
WSO2
 
SOA and API Convergence Strategy and Tactics
SOA and API Convergence Strategy and TacticsSOA and API Convergence Strategy and Tactics
SOA and API Convergence Strategy and Tactics
Chris Haddad
 
apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...
apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...
apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...
apidays
 
API Athens Meetup - API standards 25-6-2014
API Athens Meetup - API standards 25-6-2014API Athens Meetup - API standards 25-6-2014
API Athens Meetup - API standards 25-6-2014
Michael Petychakis
 
API Best Practices
API Best PracticesAPI Best Practices
API Best Practices
Sai Koppala
 
INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...
INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...
INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...
apidays
 
Enterprise API Adoption Patterns
Enterprise API Adoption PatternsEnterprise API Adoption Patterns
Enterprise API Adoption Patterns
Akana
 
SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services
Apigee | Google Cloud
 
Proliferating OpenAPI at Google
Proliferating OpenAPI at GoogleProliferating OpenAPI at Google
Proliferating OpenAPI at Google
Open API Initiative (OAI)
 
Presentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab SummitPresentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab Summit
Open API Initiative (OAI)
 
The Role of Governance in Connecting Businesses
The Role of Governance in Connecting BusinessesThe Role of Governance in Connecting Businesses
The Role of Governance in Connecting Businesses
WSO2
 
WSO2 Governance Registry – Customizing Governance for Your Needs
WSO2 Governance Registry – Customizing Governance for Your NeedsWSO2 Governance Registry – Customizing Governance for Your Needs
WSO2 Governance Registry – Customizing Governance for Your Needs
WSO2
 

Weitere ähnliche Inhalte

Was ist angesagt?

Powering Internal API Communities
Powering Internal API CommunitiesPowering Internal API Communities
Powering Internal API Communities
Akana
 
Entity Linking and REST Patterns in SOA
Entity Linking and REST Patterns in SOA Entity Linking and REST Patterns in SOA
Entity Linking and REST Patterns in SOA
WSO2
 
Why APIs are Different Than Integration
Why APIs are Different Than IntegrationWhy APIs are Different Than Integration
Why APIs are Different Than Integration
Apigee | Google Cloud
 
API Athens Meetup - API standards 25-6-2014
API Athens Meetup - API standards 25-6-2014API Athens Meetup - API standards 25-6-2014
API Athens Meetup - API standards 25-6-2014
Michael Petychakis
 
SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services
Apigee | Google Cloud
 

Was ist angesagt? (20)

Powering Internal API Communities
Powering Internal API CommunitiesPowering Internal API Communities
Powering Internal API Communities
 
API Description Languages: Which is the Right One for Me?
API Description Languages: Which is the Right One for Me?API Description Languages: Which is the Right One for Me?
API Description Languages: Which is the Right One for Me?
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
API Design Collaboration
API Design CollaborationAPI Design Collaboration
API Design Collaboration
 
US census Bureau - Platform Modernization
US census Bureau - Platform ModernizationUS census Bureau - Platform Modernization
US census Bureau - Platform Modernization
 
API first approach for frontend developers
API first approach for frontend developersAPI first approach for frontend developers
API first approach for frontend developers
 
Entity Linking and REST Patterns in SOA
Entity Linking and REST Patterns in SOA Entity Linking and REST Patterns in SOA
Entity Linking and REST Patterns in SOA
 
Why APIs are Different Than Integration
Why APIs are Different Than IntegrationWhy APIs are Different Than Integration
Why APIs are Different Than Integration
 
Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management Strategy
 
Swagger & OpenAPI Spec #openapi
Swagger & OpenAPI Spec #openapiSwagger & OpenAPI Spec #openapi
Swagger & OpenAPI Spec #openapi
 
Workshop: API Management
Workshop: API ManagementWorkshop: API Management
Workshop: API Management
 
SOA and API Convergence Strategy and Tactics
SOA and API Convergence Strategy and TacticsSOA and API Convergence Strategy and Tactics
SOA and API Convergence Strategy and Tactics
 
apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...
apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...
apidays LIVE Australia 2021 - Confessions of a Product Geek : My First API BY...
 
API Athens Meetup - API standards 25-6-2014
API Athens Meetup - API standards 25-6-2014API Athens Meetup - API standards 25-6-2014
API Athens Meetup - API standards 25-6-2014
 
API Best Practices
API Best PracticesAPI Best Practices
API Best Practices
 
INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...
INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...
INTERFACE, by apidays - Low code APIs that don't break by Zdenek Nemec, Supe...
 
Enterprise API Adoption Patterns
Enterprise API Adoption PatternsEnterprise API Adoption Patterns
Enterprise API Adoption Patterns
 
SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services
 
Proliferating OpenAPI at Google
Proliferating OpenAPI at GoogleProliferating OpenAPI at Google
Proliferating OpenAPI at Google
 
Presentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab SummitPresentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab Summit
 

Andere mochten auch

The Role of Governance in Connecting Businesses
The Role of Governance in Connecting BusinessesThe Role of Governance in Connecting Businesses
The Role of Governance in Connecting Businesses
WSO2
 
WSO2 Governance Registry – Customizing Governance for Your Needs
WSO2 Governance Registry – Customizing Governance for Your NeedsWSO2 Governance Registry – Customizing Governance for Your Needs
WSO2 Governance Registry – Customizing Governance for Your Needs
WSO2
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
WSO2
 
Solution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital TransformationSolution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital Transformation
WSO2
 
Dealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your EnterpriseDealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your Enterprise
WSO2
 
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
WSO2
 
2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?
WSO2
 

Andere mochten auch (7)

The Role of Governance in Connecting Businesses
The Role of Governance in Connecting BusinessesThe Role of Governance in Connecting Businesses
The Role of Governance in Connecting Businesses
 
WSO2 Governance Registry – Customizing Governance for Your Needs
WSO2 Governance Registry – Customizing Governance for Your NeedsWSO2 Governance Registry – Customizing Governance for Your Needs
WSO2 Governance Registry – Customizing Governance for Your Needs
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
 
Solution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital TransformationSolution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital Transformation
 
Dealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your EnterpriseDealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your Enterprise
 
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
 
2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?
 

Ähnlich wie APIs : Mapping the way

Role of Rest vs. Web Services and EI
Role of Rest vs. Web Services and EIRole of Rest vs. Web Services and EI
Role of Rest vs. Web Services and EI
WSO2
 
Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?
Akana
 
Extend soa with api management Doag18
Extend soa with api management Doag18Extend soa with api management Doag18
Extend soa with api management Doag18
Vinay Kumar
 
How to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIsHow to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIs
WSO2
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
Christian Posta
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptx
apidays
 

Ähnlich wie APIs : Mapping the way (20)

REST-API's for architects and managers
REST-API's for architects and managersREST-API's for architects and managers
REST-API's for architects and managers
 
Building a REST API for Longevity
Building a REST API for LongevityBuilding a REST API for Longevity
Building a REST API for Longevity
 
Role of Rest vs. Web Services and EI
Role of Rest vs. Web Services and EIRole of Rest vs. Web Services and EI
Role of Rest vs. Web Services and EI
 
Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?
 
Extend soa with api management Doag18
Extend soa with api management Doag18Extend soa with api management Doag18
Extend soa with api management Doag18
 
Extend soa with api management spoug- Madrid
Extend soa with api management spoug- MadridExtend soa with api management spoug- Madrid
Extend soa with api management spoug- Madrid
 
How to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIsHow to Build, Manage, and Promote APIs
How to Build, Manage, and Promote APIs
 
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
 
Extend soa with api management Sangam18
Extend soa with api management Sangam18Extend soa with api management Sangam18
Extend soa with api management Sangam18
 
M meijer api management - tech-days 2015
M meijer api management - tech-days 2015M meijer api management - tech-days 2015
M meijer api management - tech-days 2015
 
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
 
INTERFACE, by apidays - The 8 Key Components of a Modern API Stack by Iddo G...
INTERFACE, by apidays - The 8 Key Components of a Modern API Stack by Iddo G...INTERFACE, by apidays - The 8 Key Components of a Modern API Stack by Iddo G...
INTERFACE, by apidays - The 8 Key Components of a Modern API Stack by Iddo G...
 
API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
 
IWSG2014: Developing Science Gateways Using Apache Airavata
IWSG2014: Developing Science Gateways Using Apache AiravataIWSG2014: Developing Science Gateways Using Apache Airavata
IWSG2014: Developing Science Gateways Using Apache Airavata
 
Top 7 wrong common beliefs about Enterprise API implementation
Top 7 wrong common beliefs about Enterprise API implementationTop 7 wrong common beliefs about Enterprise API implementation
Top 7 wrong common beliefs about Enterprise API implementation
 
Octo API-days 2015
Octo API-days 2015Octo API-days 2015
Octo API-days 2015
 
How to design effective APIs
How to design effective APIsHow to design effective APIs
How to design effective APIs
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptx
 
Open Banking & Open Insurance
Open Banking & Open InsuranceOpen Banking & Open Insurance
Open Banking & Open Insurance
 
Building Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco APIBuilding Content-Rich Java Apps in the Cloud with the Alfresco API
Building Content-Rich Java Apps in the Cloud with the Alfresco API
 

Mehr von WSO2

Mehr von WSO2 (20)

WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
WSO2CON 2024 - Lessons from the Field: Legacy Platforms – It's Time to Let Go...
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2CON 2024 - Building a Digital Government in Uganda
WSO2CON 2024 - Building a Digital Government in UgandaWSO2CON 2024 - Building a Digital Government in Uganda
WSO2CON 2024 - Building a Digital Government in Uganda
 

APIs : Mapping the way

  • 1. APIs   Mapping  the  Way   Paul  Fremantle   CTO,  WSO2   @pzfreo  #wso2   paul@wso2.com  
  • 2.
  • 3. Mapping  the  Way   •  Looking  back  –  where  have  we  come  from   •  Current  state  of  the  world   •  Taking  a  look  to  the  future  
  • 4.
  • 5. APIs   •  An  API  is  a  business  capability  delivered  over  the  Internet   to  internal  or  external  consumers   –  –  –  –  Network  accessible  funcLon     Available  using  standard  web  protocols   With  well-­‐defined  interfaces   Designed  for  access  by  third-­‐parLes     •  A  Managed  API  is:   –  –  –  –  AcLvely  adverLsed  and  subscribe-­‐able   Available  with  SLAs   Secured,  authenLcated,  authorized  and  protected   Monitored  and  moneLzed  with  analyLcs  
  • 6. Web  API  History   •  The  earliest  APIs  were  various  XML  and  SOAP   services   –  Also  people  manipulaLng  web  applicaLons  and   parsing  HTML  
  • 10. Key  differenLators  in  the  evoluLon   •  Self-­‐signup  /  Portal  /  API  Store   •  A  clear  moneLzaLon  model   –  And  a  clear  value  model   •  Ecosystem  thinking   –  Hackathons   –  Forums*   –  Social  Media  integraLon   •  Monitoring   •  Simple  keys  to  OAuth  to  OAuth2     *  yes,  I  know  the  proper  LaLn  is  fora.  I’m  not  an  ancient  Roman  though    
  • 11. REST  or  rest?   •  REST  –  RepresentaLonal  State  Transfer   –  From  Roy  Fielding’s  thesis  (hbp://freo.me/O9t4nj)     •  A  clear  shie  from  SOAP/HTTP  to  more  resful   JSON/HTTP   •  REST  is  a  good  thing  –  but  actually  quite  rare   amongst  many  APIs  
  • 12. PrioriLzing  which  bits  of  REST   •  •  •  •  Proper  use  of  verbs   Caching  and  cache-­‐ability   Good  error  codes   Do  not  use  poorly  defined  aspects  of  the  HTTP   spec   –  E.g.  including  an  EnLty  Body  with  a  DELETE   •  Re-­‐usable  /  bookmark-­‐able  links  and  URIs   •  HATEAOS    
  • 14. Versioning   •  There  are  some  who  say  that  APIs  should   NEVER  have  a  version  number  in  the  URI     •  I  disagree:   –  Versioning  properly  allows  for  evoluLon  and   agility   –  Clear  deprecaLon  and  well-­‐defined  support  for   old  versions    
  • 16. Minimum  Viable  API   •  Minimum  Viable  Product  has  just  enough   features  that  the  product  can  be  deployed  and   used  by  some  customers,  and  no  more.     –  Typically  this  is  a  small  subset  of  the  future   customer  base   •  “Minimum  Viable  API”  is  just  enough  API  that   it  can  be  used  by  some  partners   •  Highly  recommended  especially  in  evolving  an   API  strategy  
  • 17.
  • 18. API  First   •  Start  with  the  API   –  Before  the  website  /  mobile  app  /  internal  app  /  …   •  Why?   –  Ensures  a  good  API     –  External  Developers  are  not  second  class  ciLzens   –  Inherently  “mobile-­‐first-­‐friendly”   –  Decoupled  development   –  Evolve-­‐ability   –  APIs  everywhere    
  • 19. API  First  has  requirements   •  •  •  •    Excellent  access  control   Versioning  and  agile   Throbling   Metering  and  moneLzaLon  
  • 20. OAuth2   •  OAuth2  has  widely  taken  over  from  simple  API   keys     –  E.g.  Google,  Github,  Twiber,  etc   •  Standard  model  from  the  IETF   •  Almost  the  same  as  a  simple  key   –  Well-­‐defined  place  to  put  into  headers   –  Refresh  semanLcs     –  If  you  offer  a  long-­‐lived  key  then  ignore  refresh  
  • 22. What  is  OpenID  Connect   •  A  well-­‐defined  pabern  for  using  OAuth2  for   idenLty     –  A  pre-­‐defined  scope     –  A  well-­‐defined  REST  API  for  user  info   –  A  discovery  model   •  My  predicLon:   –  Widespread  adopLon  
  • 24.
  • 25. Ecosystems   •  Allow  smaller  organizaLons  to  compete   effecLvely   –  Be  more  agile,  nimble   •  Allow  larger  organizaLons  to  compete  more   effecLvely   –  By  working  with  smaller,  more  agile  partners!   •  Enable  “best-­‐of-­‐breed”  capabiliLes  to  conjoin  to   create  beber  soluLons   •  Take  advantage  of  APIs  and  promote  APIs   –  A  virtuous  circle  
  • 26. The  wider  sense  of  virtualizaLon   Automation } Control Monitoring Import org.apache.x Agility Flexibility
  • 27. APIs  and  PaaS   •  APIs  are  the  virtualizaLon  of  funcLon   •  PaaS  is  the  virtualizaLon  of  applicaLon   deployment   •  App  Factory  is  the  virtualizaLon  of   development   •  Together  this  is  basis  for  the  virtualizaLon  of   an  ecosystem  
  • 28. Summary   •  Build  an  API  strategy  that  revolves  around:   –  CreaLng  or  parLcipaLng  in  an  ecosystem   –  Giving  API  consumers  the  tools  and  capabiliLes   they  need   –  By  being  agile  and  responsive   –  And  using  the  right  technologies  
  • 29.