API - First & API Management with Oracle - · PDF file04-09-2017 · API - First &...

API - First & API Management

with Oracle

Hannes GütlinPrincipal Sales Consultant

Oracle Schweiz

Bern, September 2017

Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.


Why APIs Matter

API First Strategy

Day in the Life of an API

The Oracle Solution

Customer Case Studies

1

2

3

4

5

Agenda

3


Agenda

Why APIs Matter

API First Strategy


The Oracle Solution


1

2

3

4

5

4


What is an API?

5


EntranceWhere do users enter your API?

6https://creativecommons.org/licenses/by-nd/2.0/https://www.flickr.com/photos/ninjawil/


Key EnforcementWho gets access to your API?

7http://creativecommons.org/licenses/by/4.0/www.tOrange.us


AuthorizationWho issues entitlement?

8Photo: sonitrolky.com http://creativecommons.org/licenses/by/4.0/

AuthenticationWho enforces identity?


Threat ProtectionWhat keeps robbers out?

http://creativecommons.org/licenses/by-sa/3.0https://commons.wikimedia.org/wiki/User:Jonathunder


MonitoringWho will observe usage?

10


PublicityWill the public use your API?

11

AddressabilityWill users easily find your API?


Restricted ZonesCapabilities reserved to you

12Photo: Wall Drug, N.D. (c) [email protected]


Onboarding ProcessHow do users get access?

13https://www.flickr.com/photos/cbpphotos/9525726310/in/photolist-fvvzsZ-fvKQyw-fvKQmb-fvKQq7-fvKQCq-i6TM6t/Kristoffer Grogan


User ExperienceEffortless consumption

14


An APIs is an interface to a service at an endpoint.

Oracle Confidential – Internal/Restricted/Highly Restricted 15

An API…

• is located at a particular endpoint.

• is used to access a service.

• enforces a defined interface to a service.


Why are APIs important?

16

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

In a Digital World, APIs Connect It All

Social

Financial

HealthProductivity

Transportation

17


In a Digital World, APIs Connect It All

Social

Financial

HealthProductivity

Transportation

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

Enter the

Digital Economy

Revenue growthCustomer engagement

Omni-channel availabilityModernized backend interfaces

Continuous innovation & automation

19


Drivers for Digital Economy

20

Quicker, standard and secure access to information and

functionality

3rd generation API platform with global deployment

capabilities (cloud/on-prem)

Richer User Experience by delivering tailor-fit APIs

Discovery & reuse of APIs

Robust operations, analytics, and insights

Enable a digital strategy by unlocking access

to electronic business assets

APIs are a new source of revenue.

Information is a valuable asset!

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 21

Important Definitions

API DesignThe process of engaging all stakeholders to define in human language the APIs to create a “contract” of what will be delivered before expensive development begins.

API-First DevelopmentAPI-first is a fundamental paradigm shift where APIs are designed, tested, and built before applications and mirror the goals and objectives of the company

The process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment.

API Management

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 22Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

API Value Chain

3Differentiation

2Strategic

1Tactical

API MANAGEMENT MATURITY

TIME

Market Edge

Survival

Business value

APIs for revenue generation

• B2B via APIs• Multi-org integration

• B2C APIs for:• Web, mobile app, social, direct, etc

• Multi-device APIs for employee productivity:

• Q2C, P2P, R2R, H2R, etc

• Cloud / On-premise connectivity APIs:• ERP, CRM, HCM, PPM, Legacy, etc

APIs formonetization

APIs for partner collaboration

APIs for Omni-channel enablement

APIs for enterprise mobility & productivity

APIs for systems connectivity


Modern AppDev Infrastructure Circa 2017

Automated DevOps for Agility

Containers/Orchestration for Portability/Elasticity

Operations/Securityfor Deployment

API Management/Governance for Consumption

On a High Performance, Highly Available, Secure IaaS


Oracle Cloud AppDev Platform – Microservices & Functions

24

Microservice/Function

Framework

Devops Automation

CICD for DockerContainer Cloud

API Management

Microservices

Functions

Kubernetes

Container

Service

Management CloudOps/Diagnostics

IT

Analytics

Logs

APMDiagnostics

Build Enterprise Scale Microservices and Serverless Functions

Confidential – Oracle Internal/Restricted


Why APIs Matter

API First Strategy


The Oracle Difference


1

2

3

4

5

Agenda


API Blueprint is the foundation of Design-First methodology

Importance of Design-First Thinking

100x higher cost than one identified

in the maintenance phase*

4-5xcost to fix an error

found after product release*

* Compared to an error found in the design phase. According to a report of the Systems Science Institute at IBM


Why APIs Matter

API First Strategy


The Oracle Solution


1

2

3

4

5

Agenda


Traditional API LifecycleSlow & Costly

Many iterations of design, build, test, redesign

Do we have a place to deploy the

API? How do we

secure?

Multi API Needle in

the Haystack Debugging!

Who is using?

No way to discover /

understand / use API’s

Build / Test

Deploy / Secure

Discover /Consume

Manage / Monitor

TIME


The API-First Lifecycle

Prototype quickly to

collaborate & align faster

Design / Document / Mock-Test

API Platform & Apiary

Create APIs & check against

contracts

Build / Test

API Platform / App Dev &

Int. Platforms

Flexible gateway

deployment & built-in security

View operational API metrics

Document & publish APIs for reuse

Deploy / Secure

Discover /Consume

Manage / Monitor

API Platform / App Dev &

Int. Platforms / Hybrid

API Platform& OMC

API Platform & Apiary

App Dev, Mobile & Int.

Platforms

TIME

Faster Time to Market

Lower Cost


Product / Service / Need

30

Create a StrategyInclude both business and technology stakeholders to align business goals with the best approach

Think About the Entire Lifecycle As you build your teams, select technologies, select vendors, and start projects

Leverage Existing InvestmentsExisting SOA, Integration, App Dev and Microservices efforts can help jump start API initiatives

1

2

3

Customer Need


Design, Document, Mock-test

31

Design, Describe and Document API’sDefine resources and states, create descriptions

Utilize Rapid PrototypingUse mock services to start testing and using your API’s, “kick the tires”

Share and ReviewSolicit feedback from consumers and stakeholders

1

2

3


Build (Implement), Test

32

Choose Implementation TechnologiesUse existing technologies? Time for something new?

Build ItWrite the code, build the transformation, implement the composite

Test Locally & Test in Continuous IntegrationTest in locally, then test in CI – make sure everything works as described

1

2

3


Deploy, Secure

33

Identify and Implement Security PoliciesIdentify security policies and implement them

Publish EndpointsPublish/deploy endpoint code and/or composites to support API definitions

Deploy APIs and DocumentationPush your API’s to their respective gateways, share descriptions and documentation

1

2

3


Manage, Monitor

34

MonitorAnalyze API deployment, consumption and usage – are your API’s healthy and being used as expected?

ManageEnsure API’s are deployed optimally, ensure they are available where they need to be – are your gateways and security postures working as designed?

IterateContinuously enhance your API’s – learn from usage patterns

1

2

3


Discover, Consume

35

Use DocumentationLeverage API documentation to understand API’s

Build ApplicationsUse the API’s in your applications

Provide FeedbackProvide feedback to API Owners and Designers

1

2

3


Why APIs Matter

API First Strategy


The Oracle Solution


1

2

3

4

5

Agenda


API Platform Cloud Service

Next-gen, hybrid architecture• End-to-end capabilities to

Easy to use• Completely new, simplified API management

experience• Support changing business demands • Clear visibility into who is using APIs • Operational flexibility – gateways can be

deployed in the Cloud or on-premises

Design.Build.Secure.Deploy.

Publish.Consume.Monitor.


Oracle Apiary, a Perfect Starting Point

38

APIARY TOOLS

APIARY Editor

Interactive Documentation

Mock Server

API Inspector

GitHub Sync

GitHub Integration

Automated Testing

Apiary CLI

GitHub Enterprise (GHE) Integration

Integrated Code Examples

Embed Documentation

API Style Guide

Troubleshooting GitHub Sync and Integration


Oracle CloudAmazon

Azure3rd Party Clouds

On Premises

Oracle Cloud

DeveloperPortal

Identity Cloud Service

ManagerPortal

API Platform Cloud Service

Analytics

API Managers &Gateway Teams

API Consumers

API Designers

Firewalls & Load Balancers

Services

Gateways

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 40

ProductizeSecure

Publish

Documentation

Auto-Documentation

Mock Server Test

Test

Develop Scale

Analyze

API PortalMonitoring

Integrate

API Collaboration

API Style Guide

Advanced Version Control Integration

ManagementDesign

Reinventing API Lifecycle Management


• Security

– Oauth 2

– Basic Auth

– Service Auth

– Key Validation

– IP Filtering

41

CY 2017 Q2 – Initial List of Supported Policies

• Routing

– Header Based Routing

– Resource Based Routing

– Application Based Routing

– Gateway Based Routing

• Other

– Groovy Script

– Service Callout

– Logging

• Traffic Management

– API Rate Limiting

– API Rate Limiting Per Application

– API Throttling

– API Throttling Per Application

– Caching

• Interface Management

– Interface Filtering

– Method Mapping

– Field Redaction

– Header Validation


Why APIs Matter

API First Strategy


The Oracle Solution


1

2

3

4

5

Agenda


Denver Metro Regional Transportation District

Create the best experience for Denver-area riders

• Wanted to provide real-time bus and rail data, as well as predictive stop times to the public, by publishing APIs that could be leveraged by developers.

• Benefits from the API Platform Cloud Service:1. Security - limit who has access to APIs and to

limit vulnerability to DDoS attack 2. Publication & Consumption – ability to

discover and self-register for APIs3. Built-in Policies – Easy to apply policies like

throttling and rate limiting

44Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |

Trunk Club

• API-oriented, microservices architecture allows developers to:‐ Add new features quickly‐ Focus on revising and testing just the elements

that are changing‐ Deliver best customer experience in the industry

• Benefits from the API Platform Cloud Service:1. Publication & Consumption – ability of

internal teams to discover APIs2. Clear documentation and formatting – focus

on the creative development work3. Mock server and testing – front and

back-end teams can work in parallel4. Collaboration & Design-first approach –

prevents costly rework

With this kind of collaboration and discussion, you’re designing what the endpoint should do without writing any code. It’s very easy to give feedback and just collaborate together.

Brian Lee, Engineering Manager Trunk Club

45Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

Learn More

oracle.com/integration

cloud.oracle.com/API Try it Now

Apiary.io

Connect

Join the Community of Oracle Cloud Platform for Integration

Get Started Today

API - First & API Management with Oracle - · PDF file04-09-2017 · API - First &...

Documents

Transcript of API - First & API Management with Oracle - · PDF file04-09-2017 · API - First &...