API - First & API Management with Oracle - · PDF file04-09-2017 · API - First &...
Transcript of API - First & API Management with Oracle - · PDF file04-09-2017 · API - First &...
API - First & API Management
with Oracle
Hannes GütlinPrincipal Sales Consultant
Oracle Schweiz
Bern, September 2017
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Why APIs Matter
API First Strategy
Day in the Life of an API
The Oracle Solution
Customer Case Studies
1
2
3
4
5
Agenda
3
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Agenda
Why APIs Matter
API First Strategy
Day in the Life of an API
The Oracle Solution
Customer Case Studies
1
2
3
4
5
4
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
What is an API?
5
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
EntranceWhere do users enter your API?
6https://creativecommons.org/licenses/by-nd/2.0/https://www.flickr.com/photos/ninjawil/
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Key EnforcementWho gets access to your API?
7http://creativecommons.org/licenses/by/4.0/www.tOrange.us
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
AuthorizationWho issues entitlement?
8Photo: sonitrolky.com http://creativecommons.org/licenses/by/4.0/
AuthenticationWho enforces identity?
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Threat ProtectionWhat keeps robbers out?
http://creativecommons.org/licenses/by-sa/3.0https://commons.wikimedia.org/wiki/User:Jonathunder
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
MonitoringWho will observe usage?
10
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
PublicityWill the public use your API?
11
AddressabilityWill users easily find your API?
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Restricted ZonesCapabilities reserved to you
12Photo: Wall Drug, N.D. (c) [email protected]
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Onboarding ProcessHow do users get access?
13https://www.flickr.com/photos/cbpphotos/9525726310/in/photolist-fvvzsZ-fvKQyw-fvKQmb-fvKQq7-fvKQCq-i6TM6t/Kristoffer Grogan
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
User ExperienceEffortless consumption
14
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
An APIs is an interface to a service at an endpoint.
Oracle Confidential – Internal/Restricted/Highly Restricted 15
An API…
• is located at a particular endpoint.
• is used to access a service.
• enforces a defined interface to a service.
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Why are APIs important?
16
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
In a Digital World, APIs Connect It All
Social
Financial
HealthProductivity
Transportation
17
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
In a Digital World, APIs Connect It All
Social
Financial
HealthProductivity
Transportation
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Enter the
Digital Economy
Revenue growthCustomer engagement
Omni-channel availabilityModernized backend interfaces
Continuous innovation & automation
19
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Drivers for Digital Economy
20
Quicker, standard and secure access to information and
functionality
3rd generation API platform with global deployment
capabilities (cloud/on-prem)
Richer User Experience by delivering tailor-fit APIs
Discovery & reuse of APIs
Robust operations, analytics, and insights
Enable a digital strategy by unlocking access
to electronic business assets
APIs are a new source of revenue.
Information is a valuable asset!
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 21
Important Definitions
API DesignThe process of engaging all stakeholders to define in human language the APIs to create a “contract” of what will be delivered before expensive development begins.
API-First DevelopmentAPI-first is a fundamental paradigm shift where APIs are designed, tested, and built before applications and mirror the goals and objectives of the company
The process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment.
API Management
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 22Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
API Value Chain
3Differentiation
2Strategic
1Tactical
API MANAGEMENT MATURITY
TIME
Market Edge
Survival
Business value
APIs for revenue generation
• B2B via APIs• Multi-org integration
• B2C APIs for:• Web, mobile app, social, direct, etc
• Multi-device APIs for employee productivity:
• Q2C, P2P, R2R, H2R, etc
• Cloud / On-premise connectivity APIs:• ERP, CRM, HCM, PPM, Legacy, etc
APIs formonetization
APIs for partner collaboration
APIs for Omni-channel enablement
APIs for enterprise mobility & productivity
APIs for systems connectivity
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Modern AppDev Infrastructure Circa 2017
Automated DevOps for Agility
Containers/Orchestration for Portability/Elasticity
Operations/Securityfor Deployment
API Management/Governance for Consumption
On a High Performance, Highly Available, Secure IaaS
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Oracle Cloud AppDev Platform – Microservices & Functions
24
Microservice/Function
Framework
Devops Automation
CICD for DockerContainer Cloud
API Management
Microservices
Functions
Kubernetes
Container
Service
Management CloudOps/Diagnostics
IT
Analytics
Logs
APMDiagnostics
Build Enterprise Scale Microservices and Serverless Functions
Confidential – Oracle Internal/Restricted
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 2525
Why APIs Matter
API First Strategy
Day in the Life of an API
The Oracle Difference
Customer Case Studies
1
2
3
4
5
Agenda
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
API Blueprint is the foundation of Design-First methodology
Importance of Design-First Thinking
100x higher cost than one identified
in the maintenance phase*
4-5xcost to fix an error
found after product release*
* Compared to an error found in the design phase. According to a report of the Systems Science Institute at IBM
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 2727
Why APIs Matter
API First Strategy
Day in the Life of an API
The Oracle Solution
Customer Case Studies
1
2
3
4
5
Agenda
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Traditional API LifecycleSlow & Costly
Many iterations of design, build, test, redesign
Do we have a place to deploy the
API? How do we
secure?
Multi API Needle in
the Haystack Debugging!
Who is using?
No way to discover /
understand / use API’s
Build / Test
Deploy / Secure
Discover /Consume
Manage / Monitor
TIME
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
The API-First Lifecycle
Prototype quickly to
collaborate & align faster
Design / Document / Mock-Test
API Platform & Apiary
Create APIs & check against
contracts
Build / Test
API Platform / App Dev &
Int. Platforms
Flexible gateway
deployment & built-in security
View operational API metrics
Document & publish APIs for reuse
Deploy / Secure
Discover /Consume
Manage / Monitor
API Platform / App Dev &
Int. Platforms / Hybrid
API Platform& OMC
API Platform & Apiary
App Dev, Mobile & Int.
Platforms
TIME
Faster Time to Market
Lower Cost
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Product / Service / Need
30
Create a StrategyInclude both business and technology stakeholders to align business goals with the best approach
Think About the Entire Lifecycle As you build your teams, select technologies, select vendors, and start projects
Leverage Existing InvestmentsExisting SOA, Integration, App Dev and Microservices efforts can help jump start API initiatives
1
2
3
Customer Need
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Design, Document, Mock-test
31
Design, Describe and Document API’sDefine resources and states, create descriptions
Utilize Rapid PrototypingUse mock services to start testing and using your API’s, “kick the tires”
Share and ReviewSolicit feedback from consumers and stakeholders
1
2
3
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Build (Implement), Test
32
Choose Implementation TechnologiesUse existing technologies? Time for something new?
Build ItWrite the code, build the transformation, implement the composite
Test Locally & Test in Continuous IntegrationTest in locally, then test in CI – make sure everything works as described
1
2
3
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Deploy, Secure
33
Identify and Implement Security PoliciesIdentify security policies and implement them
Publish EndpointsPublish/deploy endpoint code and/or composites to support API definitions
Deploy APIs and DocumentationPush your API’s to their respective gateways, share descriptions and documentation
1
2
3
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Manage, Monitor
34
MonitorAnalyze API deployment, consumption and usage – are your API’s healthy and being used as expected?
ManageEnsure API’s are deployed optimally, ensure they are available where they need to be – are your gateways and security postures working as designed?
IterateContinuously enhance your API’s – learn from usage patterns
1
2
3
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Discover, Consume
35
Use DocumentationLeverage API documentation to understand API’s
Build ApplicationsUse the API’s in your applications
Provide FeedbackProvide feedback to API Owners and Designers
1
2
3
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3636
Why APIs Matter
API First Strategy
Day in the Life of an API
The Oracle Solution
Customer Case Studies
1
2
3
4
5
Agenda
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
API Platform Cloud Service
Next-gen, hybrid architecture• End-to-end capabilities to
Easy to use• Completely new, simplified API management
experience• Support changing business demands • Clear visibility into who is using APIs • Operational flexibility – gateways can be
deployed in the Cloud or on-premises
Design.Build.Secure.Deploy.
Publish.Consume.Monitor.
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Oracle Apiary, a Perfect Starting Point
38
APIARY TOOLS
APIARY Editor
Interactive Documentation
Mock Server
API Inspector
GitHub Sync
GitHub Integration
Automated Testing
Apiary CLI
GitHub Enterprise (GHE) Integration
Integrated Code Examples
Embed Documentation
API Style Guide
Troubleshooting GitHub Sync and Integration
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Oracle CloudAmazon
Azure3rd Party Clouds
On Premises
Oracle Cloud
DeveloperPortal
Identity Cloud Service
ManagerPortal
API Platform Cloud Service
Analytics
API Managers &Gateway Teams
API Consumers
API Designers
Firewalls & Load Balancers
Services
Gateways
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 40
ProductizeSecure
Publish
Documentation
Auto-Documentation
Mock Server Test
Test
Develop Scale
Analyze
API PortalMonitoring
Integrate
API Collaboration
API Style Guide
Advanced Version Control Integration
ManagementDesign
Reinventing API Lifecycle Management
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
• Security
– Oauth 2
– Basic Auth
– Service Auth
– Key Validation
– IP Filtering
41
CY 2017 Q2 – Initial List of Supported Policies
• Routing
– Header Based Routing
– Resource Based Routing
– Application Based Routing
– Gateway Based Routing
• Other
– Groovy Script
– Service Callout
– Logging
• Traffic Management
– API Rate Limiting
– API Rate Limiting Per Application
– API Throttling
– API Throttling Per Application
– Caching
• Interface Management
– Interface Filtering
– Method Mapping
– Field Redaction
– Header Validation
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4242
Why APIs Matter
API First Strategy
Day in the Life of an API
The Oracle Solution
Customer Case Studies
1
2
3
4
5
Agenda
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 43
Denver Metro Regional Transportation District
Create the best experience for Denver-area riders
• Wanted to provide real-time bus and rail data, as well as predictive stop times to the public, by publishing APIs that could be leveraged by developers.
• Benefits from the API Platform Cloud Service:1. Security - limit who has access to APIs and to
limit vulnerability to DDoS attack 2. Publication & Consumption – ability to
discover and self-register for APIs3. Built-in Policies – Easy to apply policies like
throttling and rate limiting
44Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
Trunk Club
• API-oriented, microservices architecture allows developers to:‐ Add new features quickly‐ Focus on revising and testing just the elements
that are changing‐ Deliver best customer experience in the industry
• Benefits from the API Platform Cloud Service:1. Publication & Consumption – ability of
internal teams to discover APIs2. Clear documentation and formatting – focus
on the creative development work3. Mock server and testing – front and
back-end teams can work in parallel4. Collaboration & Design-first approach –
prevents costly rework
With this kind of collaboration and discussion, you’re designing what the endpoint should do without writing any code. It’s very easy to give feedback and just collaborate together.
Brian Lee, Engineering Manager Trunk Club
45Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
Learn More
oracle.com/integration
cloud.oracle.com/API Try it Now
Apiary.io
Connect
Join the Community of Oracle Cloud Platform for Integration
Get Started Today