Post on 08-May-2015
Applica'on Development
Last Updated: May 2014
VP, Delivery Samisa Abeysinghe
API Management
2
About the Presenter
๏ Samisa Abeysinghe VP Delivery samisa@wso2.com
๏ Samisa Abeysinghe, Vice President of Delivery joined the company in September 2005. Prior to the current role, Samisa used to be VP of Engineering and managed the development of WSO2 Carbon based product plaJorm.
3
About WSO2 ๏ Global enterprise, founded in 2005
by acknowledged leaders in XML, web services technologies, standards and open source
๏ Provides only open source plaJorm-‐as-‐a-‐service for private, public and hybrid cloud deployments
๏ All WSO2 products are 100% open source and released under the Apache License Version 2.0.
๏ Is an Ac've Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Founda'on and W3C.
๏ Driven by Innova'on
๏ Launched first open source API Management solu'on in 2012
๏ Launched App Factory in 2Q 2013
๏ Launched Enterprise Store and first open source Mobile solu'on in 4Q 2013
4
What WSO2 delivers
5
Business Model
6
Managing APIs
๏ An API is a business capability delivered over the Internet to internal or external consumers
๏ Network accessible func'on
๏ Available using standard web protocols
๏ With well-‐defined interfaces
๏ Designed for access by third-‐par'es
๏ A Managed API is:
๏ Ac'vely adver'sed and subscribe-‐able
๏ Available with SLAs
๏ Secured, authen'cated, authorized and protected
๏ Monitored and mone'zed with analy'cs
7
API Centric Capabili'es
Adopt Integra'on Best Prac'ces From SOA lessons learned, best prac4ces roles
• Creator • Builds, manages, and versions API • Understand business and technical requirements • Cares about usage and scaling • Seeks feedback, ra5ngs, usage
• Publisher • Publishes, Promotes and encourages consumers to adopt APIs • Determines usage pa`erns and how to best mone'ze asset • Monitors and secures
• Consumer
• Understands the interface defini'on • Subscribes and connects applica'on to API • Monitors own usage and cost basis • Provides feedback and ra'ngs
Communica'on: Key to Dev team success
Teams re-‐build rather than re-‐use • APIs proliferate (100s of APIs) and are minimally re-‐used • Minimal communica'on and coordina'on
• Who is consuming API? • Who is wri'ng re-‐usable APIs?
• Prevalent SOA An'-‐pa`erns • Not Invented Here (NIH) • Tight Coupling and Build again
• Shared API invisibility • Teams do not know about API • Non-‐func'onal and func'onal requirements are not well documented • Teams can not easily map API to needed business capability
10
WSO2 API Management
Platform
WSO2’s API Management Vision ๏ Create APIs
๏ WSO2 Applica'on Server, Data Services Server and ESB
๏ Find and subscribe/buy APIs
๏ API Store and Governance
๏ Manage, secure and protect APIs
๏ API Management and Gateway
๏ Monitor and Mone'ze APIs
๏ API Monitoring and Analy'cs
๏ Develop, host and run API-‐based applica'ons in a PlaJorm-‐as-‐a-‐Service
๏ WSO2 Stratos and Cloud Development PlaJorm
๏ API Cloud
11
API Manager Product and PlaJorm
12
API Ecosystem Model From SOA lessons learned, best practices roles
๏ API Creator
๏ Builds, manages, and versions API
๏ Understand business and technical requirements
๏ Cares about usage and scaling
๏ Seeks feedback, ra'ngs, usage
๏ API Publisher
๏ Publishes, Promotes and encourages consumers to adopt APIs
๏ Determines usage pa`erns and how to best mone'ze asset
๏ Monitors and secures
๏ API Consumer
๏ Understands the interface defini'on
๏ Subscribes and connects applica'on to API
๏ Monitors own usage and cost basis
๏ Provides feedback and ra'ngs
13
API Manager Components
14
Scalable Deployment Architecture
15
API Publisher Features
16
API LifeCycle Management
17
API Store Features
18
Collabora've Store ๏ Ability to create mul'ple domains (tenants) within the same API Manager instance
๏ Each domain can have their own store or publish APIs to a central store -‐ This is transparent to the consumers.
๏ Typical Use Cases:
๏ Segmen'ng the publishers by business unit or partner and restric'ng edi'ng rights by domain
๏ Create an API marketplace : one-‐stop store for domain APIs.
19
API Store: Customiza'on
20
API Store: APIs Visibility
๏ At publish 'me, an API can be marked as Public or Restricted
๏ If Restricted by Roles
๏ 1 or more roles need to be specified.
๏ If Restricted by Domain
๏ APIs are only visible to specific domain(s).
๏ Public APIs are shown to all, Restricted are only visible when you log-‐in and have the required role or logged in to required domain.
21
API Gateway Processing Flow
22
API Gateway Processing Flow
Programing Model
๏ Client apps (Web, Mobile etc) to call the API
๏ Those calls to be authen'cated using access tokens
23
24
API Access Tokens ๏ OAuth2 standard compliant
๏ Pre-‐generated Access Token: can be used from an applica'on, to iden'fy the applica'on itself
๏ On-‐demand Access Token: generated via API call, using Consumer Key and Consumer Secret -‐ Iden'fies the end user of an applica'on (web applica'ons, mobile applica'ons)
25
Access Tokens Usage Scenarios ๏ Shared access token
๏ Unique access token
26
Shared Access Token
27
Shared Access Token 1. Project manager or owner subscribe for the APIs by login
into the API Store.
2. API Store provides a access-‐token, consumer-‐key, consumer-‐secret.
๏ in development use the access-‐token for sandbox environment.
3. Project manager shares the access-‐token with the app-‐developers.
4. App-‐developers use the access-‐token to invoke the apis.
5. Project manager redistribute new access-‐token when it expires or set it to never expire.
28
Unique Access Token
29
Unique Access Token 1. Project manager or owner subscribe for the APIs by login into the API
Store.
2. API Store provides a access-‐token, consumer-‐key, consumer-‐secret
3. Project manager share the consumer-‐key, consumer-‐secret with app-‐developers.
4. Each app-‐developer request for a access-‐token using base64 encoded value of consumer-‐key:consumer-‐secret and his/her creden'als (stored in system user-‐store) using system api /token.
๏ app-‐developers can request for a access-‐token using a valid consumer-‐key, consumer-‐secret and ac've user account in the system user-‐store
5. API Gateway return a access-‐token.
6. App-‐developers invoke the APIs using their own access-‐token, renew the access-‐token when required.
Call to Ac'on
๏ WSO2 API Manager : h`p://wso2.com/products/api-‐manager/
30
Contact us !