Post on 16-Apr-2017
Giuliano Iacobelli, Stamplayg@stamplay.com
APIs & PROCESS AUTOMATION
g@stamplay.com
Automation: the use of automatic equipment in a manufacturing or process or facility
g@stamplay.com
As of today the average enterprise company uses about 30 SAAS solutions
This is growing 30% year of year
g@stamplay.com
“API-led connectivity is changing enterprises from the inside out”
g@stamplay.com
Backlog/ˈbaklɒɡ/ “an accumulation of uncompleted work or matters needing to be dealt with.”
g@stamplay.com
The Rise of Shadow ITShadow IT - Worse than IT thinks“The average enterprise uses 1,220 individual cloud services.
Up to 25 times more than recognized by IT—who estimate that they are using 91 cloud services.
112% Growth YoY.”
g@stamplay.com
Your unique business value depends on your end-to-end business process
g@stamplay.com
Processes are ran by people on top of systems
You (API) are here
g@stamplay.com
People: your organization microservices
IT HR
SalesMKTG
Support
g@stamplay.com
IT and the Business are still tightly coupled Technology is now in every department and business users more than ever have the
knowledge, desire and capability to make many of their own IT decisions
IT ends up building an app with somebody outside their functional area 68% of the times
g@stamplay.com
API integration tooling that initially started with business process tools has started becoming more widespread with workplace collaboration tools.
g@stamplay.com Ease of use
Wor
kflo
w po
wer
Rise of the workflow automation platforms Consumption for less technical users’ perspective
to erase the Lines between IT and the Business
g@stamplay.com
Coding vs Programming A fundamental distinction
New HTTP request
Lookup public contact detail
Save it on Salesforce
Post on #sales channel
Say hello via email
g@stamplay.com
Empower people to solve problems ETL-style
Get customer who bought X
yesterday
Everyday at 1am
If they use a personal email
address
Add them on X list for
consumers
Add them on Y list for B2B
Create a card to follow up
on them
Add them on Facebok audience
g@stamplay.com
“Every task that can be automated will be. Future workers will design automated workflows more often than they will complete individual workflow tasks.”
g@stamplay.com
What to look for in an integration platform?
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
g@stamplay.com
IT role will be central to helping others across the business be able to use data by opening up resources and make sure it’s delivered in a secure way and organized appropriately
g@stamplay.com
Token based Auth (e.g OAuth2)
Machine readable docs (Swagger, RAML, IO docs)
Webhooks HATEOAS
Key requirements for APIs in the automation era Simple, consistent, flexible, friendly, explorable via URL
and use web standards where they make sense.
g@stamplay.com
Key requirements for APIs in the automation era Simple, consistent, flexible, friendly, explorable via URL
and use web standards where they make sense.
Token based Auth (e.g OAuth2)
Machine readable docs (Swagger, RAML, IO docs)
Webhooks HATEOAS
g@stamplay.com
Webhook anatomy Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
• a verb: POST • an explicit event type: which could be subscribed by any
user (for Github: pull_request, fork, commit, issues, etc.. ) • a payload: containing the relevant data for the related event
• including: the resource itself, the sender (user who triggered the webhook) • constant data structure
• a security hash: to ensure webhook was delivered by the rightful authority • for Github: sharing a common secret used to generate a hash from the payload
• an ID
g@stamplay.com
Subscribing to events using multiple URLs Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
• a CRUD API • a payload URL: the server endpoint that will receive the webhook payload • events list: which events would you like to subscribe to • (optional) the content type
g@stamplay.com
Fine grained control on events you want to listen on Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
g@stamplay.com
API for Webhooks aka REST Hooks Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
g@stamplay.com
Securing Webhooks Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
g@stamplay.com
Giuliano Iacobelli g@stamplay.com +1 (415) 481 8606
Thanks