API Introduction - API Management Workshop Munich from Ronnie Mitra
-
Upload
ca-api-management -
Category
Documents
-
view
816 -
download
2
Transcript of API Introduction - API Management Workshop Munich from Ronnie Mitra
![Page 1: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/1.jpg)
API Workshop
Ronnie Mitra
Principal API Architect - Europe
Layer 7 API Academy
![Page 2: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/2.jpg)
![Page 3: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/3.jpg)
API Management
virtual cloud on-premise
![Page 4: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/4.jpg)
API Academy
Mike Amundsen Ronnie Mitra
![Page 5: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/5.jpg)
www.apiacademy.co
![Page 6: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/6.jpg)
Business of APIs
API Styles
Usability
Security
API Architecture
SOA Governance
![Page 7: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/7.jpg)
What are Web APIs?
![Page 8: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/8.jpg)
Connecting things
![Page 9: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/9.jpg)
Connecting computer programs
![Page 10: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/10.jpg)
API
All programmers are API designers
Connections between modules
Language Dependant
APIs are constrained by the syntax of the language
![Page 11: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/11.jpg)
… over the web
![Page 12: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/12.jpg)
Web APIs
Language Independent
APIs are constrained by the syntax of the web
Most API Design principles can be applied
Some design principles are unique to Web APIs
![Page 13: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/13.jpg)
Web of
Documents
Web of
Apps Web of
Services
Web of
Things
![Page 14: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/14.jpg)
The web is ubiquitous
And universally accessible
![Page 15: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/15.jpg)
Publishers retain control
![Page 16: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/16.jpg)
We are surrounded by Web APIs
![Page 17: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/17.jpg)
Did you check the weather today?
![Page 18: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/18.jpg)
![Page 19: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/19.jpg)
![Page 20: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/20.jpg)
![Page 21: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/21.jpg)
![Page 22: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/22.jpg)
Private or Closed APIs
![Page 23: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/23.jpg)
Acme Corp. API
Acme Corp. App
![Page 24: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/24.jpg)
![Page 25: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/25.jpg)
Public or Open APIs
![Page 26: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/26.jpg)
Acme Corp. API
Third Party App
![Page 27: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/27.jpg)
![Page 28: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/28.jpg)
Priority: Lower Cost
Priority: Increased Adoption
![Page 29: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/29.jpg)
Business of APIs
![Page 30: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/30.jpg)
why build an API?
![Page 31: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/31.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 32: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/32.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 33: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/33.jpg)
Revenue Source
![Page 34: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/34.jpg)
Revenue Source
http://www.flickr.com/photos/inside-south-africa/485356704
£0.10 per API Call
![Page 35: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/35.jpg)
Revenue Source
1000 calls/month
5000 calls/month
![Page 36: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/36.jpg)
Revenue Source
500 calls/month
1000 calls/month
5000 calls/month
![Page 37: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/37.jpg)
Revenue Source
Is your content worth paying for?
![Page 38: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/38.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 39: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/39.jpg)
Consumer Reach
![Page 40: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/40.jpg)
Consumer Reach
![Page 41: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/41.jpg)
Head
Long Tail
Consumer Reach
![Page 42: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/42.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 43: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/43.jpg)
Marketing
Affiliate Programs
Sometimes you pay the developer.
![Page 44: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/44.jpg)
Marketing
Draw new visitors in.
![Page 45: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/45.jpg)
Marketing
![Page 46: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/46.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 47: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/47.jpg)
Innovation
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
Innovation from within
![Page 48: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/48.jpg)
Innovation
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
Innovation outside your borders
![Page 49: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/49.jpg)
Innovation
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
When does innovation happen?
![Page 50: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/50.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 51: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/51.jpg)
Integration
Business driven integration
Regulatory driven integration
![Page 52: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/52.jpg)
Observational Learning: Five Short Stories of Public APIs
![Page 53: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/53.jpg)
2000 – ebay
![Page 54: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/54.jpg)
Started with a paid developer program in 2000
Made it free in 2005
![Page 55: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/55.jpg)
Consumer Reach
Marketing
![Page 56: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/56.jpg)
Large developer eco-system Large app eco-system
![Page 57: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/57.jpg)
25% of eBay listings come from their API!
![Page 58: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/58.jpg)
salesforce
2000 – salesforce
![Page 59: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/59.jpg)
Integration
Revenue Source
![Page 60: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/60.jpg)
API as a cloud enabler
![Page 61: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/61.jpg)
2004 – Flickr
![Page 62: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/62.jpg)
web 2.0 generation
![Page 63: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/63.jpg)
Consumer Reach
Marketing
![Page 64: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/64.jpg)
The rise of self-service Announced 6 billion photos in August 2011
![Page 65: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/65.jpg)
2006 – Amazon Web Services
![Page 66: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/66.jpg)
Started as an online book shop… Became a department store…
now?
![Page 67: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/67.jpg)
Jeff Bezos Connect everything
http://www.flickr.com/photos/zippy/2430495092
![Page 68: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/68.jpg)
2004: Hey, why don’t we sell this?
![Page 69: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/69.jpg)
Revenue Source
![Page 70: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/70.jpg)
Estimated revenue: $1.5B in 2012
http://wikibon.org/wiki/v/Cloud_Computing_2013%3A_The_Amazon_Gorilla_Invades_the_Enterprise
![Page 71: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/71.jpg)
Twilio or stripe
2007 - Twillio
![Page 72: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/72.jpg)
Revenue Source
![Page 73: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/73.jpg)
The API is the business
![Page 74: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/74.jpg)
100,000 developer milestone in 2012
![Page 75: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/75.jpg)
Original APIs are still successful
New business models have emerged
Different drivers have influenced API design
Summary
![Page 76: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/76.jpg)
Why make an API Public?
![Page 77: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/77.jpg)
Unlock new markets
External innovation
Drive revenue
“Free” development
Crowdbased asset development
![Page 78: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/78.jpg)
Promote Mutual Gain
(Symbiosis)
![Page 79: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/79.jpg)
http://upload.wikimedia.org/wikipedia/commons/f/ff/Aedes_albopictus_cdc.jpg
![Page 80: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/80.jpg)
http://commons.wikimedia.org/wiki/File:Arothron_hispidus_is_being_cleaned_by_Hawaiian_cleaner_wrasses,_Labroides_phthirophagus_1.jpg
![Page 81: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/81.jpg)
Don’t forget:
More developers = Higher Costs
![Page 82: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/82.jpg)
Bandwidth
Technical Support
Processing and Storage
?
![Page 83: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/83.jpg)
Documentation
Tools
Evangelists and communities
Supporting Developers
Connector designed by R Chow from The Noun Project
Notepad designed by Luis Prado from The Noun Project
![Page 84: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/84.jpg)
API Management
![Page 85: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/85.jpg)
To ensure failure, make your API:
• difficult to understand
• dangerous to use (unsafe)
• unreliable and unstable
• opaque (provides no visibility)
![Page 86: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/86.jpg)
API management helps us:
• Drive adoption
• Lower costs
• Keep existing users
• Reduce friction
![Page 87: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/87.jpg)
Innovation
Consumer Reach
Revenue Source
Marketing
Integration
Light Bulb designed by Jean-Philippe Cabaroc from The Noun Project
![Page 88: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/88.jpg)
Without API management an API is naked.
![Page 89: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/89.jpg)
Business of APIs Summary
• Understand the business motivation
• Choose a style that fits your constraints and goals
![Page 90: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/90.jpg)
API Styles
![Page 91: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/91.jpg)
What does a Web API look like?
![Page 92: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/92.jpg)
Web APIs
HTTP
![Page 93: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/93.jpg)
![Page 94: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/94.jpg)
Architectural Styles
![Page 95: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/95.jpg)
Tunnel Style
URI Style
Hypermedia Style
Event Driven Style
![Page 96: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/96.jpg)
Tunnel Style Example: SOAP
• transport agnostic • operation based • binding documents (WSDL)
![Page 97: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/97.jpg)
Tunnel Style
<RetrieveStudentRecords> <StudentId>1213</StudentId> </RetrieveStudentRecords>
![Page 98: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/98.jpg)
Tunnel Style
• lots of tooling • not restricted to HTTP • RPC
Advantages
![Page 99: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/99.jpg)
Tunnel Style
• inefficient for HTTP • increased learning curve • lack of tooling in mobile
Trade-offs
![Page 100: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/100.jpg)
URI Style
GET PUT
POST DELETE
+ URI
![Page 101: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/101.jpg)
URI Style
GET /students/1232
![Page 102: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/102.jpg)
URI Style
• familiar to web developers • designed for HTTP • URIs are intuitive
Advantages
![Page 103: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/103.jpg)
URI Style
• limited to four methods • URI design is not standard • can be ‘chatty’
Trade-offs
![Page 104: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/104.jpg)
Hypermedia Style
![Page 105: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/105.jpg)
Hypermedia Style
• links • templated input (forms) • task based
![Page 106: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/106.jpg)
{ links: [ link {href: ‘…’ rel: ‘list’}, link {href: ‘…’ rel: ‘add’} ] collection: [ {link: {rel:'complete',href:‘…'},
id:42,
text:‘Record 42'
} ] }
![Page 107: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/107.jpg)
Hypermedia Style
• designed for HTTP • long lasting • no URI construction
Advantages
![Page 108: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/108.jpg)
Hypermedia Style
• leading-edge • requires ‘smarter’ apps • less familiar to developers
Trade-offs
![Page 109: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/109.jpg)
Event Driven Style Example: WebSockets
• event based communication • server initiated events • full-duplex (websocket)
![Page 110: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/110.jpg)
Event Driven Style
• less overhead • better performance
Advantages
![Page 111: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/111.jpg)
Event Driven Style
• not HTTP-based • resource intensive connections • inefficient for request-reply
Trade-offs
![Page 112: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/112.jpg)
API Styles Summary
• Web API != standard
• Four popular styles: Tunnel, URI, Hypermedia, Event
• Choose a style that fits your constraints and goals
![Page 113: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/113.jpg)
Usability
![Page 114: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/114.jpg)
Interaction Design
![Page 115: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/115.jpg)
Usability
Human-Computer-Interaction
User Experience Design
Goal Oriented Design
![Page 116: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/116.jpg)
A user-centric view of design.
![Page 117: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/117.jpg)
http://www.flickr.com/photos/58754750@N08/5541472392/
![Page 118: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/118.jpg)
Well designed products are easier to use.
![Page 119: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/119.jpg)
Good design matters for Web APIs too.
![Page 120: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/120.jpg)
“Frictionless” integration High rates of adoption Low cost integration
We want:
![Page 121: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/121.jpg)
Focus on the developer experience
(dx)
![Page 122: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/122.jpg)
Portal
API
![Page 123: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/123.jpg)
Why is this difficult?
![Page 124: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/124.jpg)
Reason #1
We project our own perspective.
![Page 125: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/125.jpg)
![Page 126: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/126.jpg)
![Page 127: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/127.jpg)
Your code is not your API.
Your data model is not your API.
![Page 128: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/128.jpg)
Reason #2
We project our own biases.
![Page 129: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/129.jpg)
Never use SOAP?
Why?
![Page 130: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/130.jpg)
Consider keyboards…
![Page 131: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/131.jpg)
http://www.flickr.com/photos/yvettemn/139890573/
![Page 132: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/132.jpg)
http://www.flickr.com/photos/jonathanpberger/7126054997/
![Page 133: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/133.jpg)
http://www.flickr.com/photos/novemberborn/286773981/
![Page 134: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/134.jpg)
It doesn’t matter that you don’t like SOAP.
![Page 135: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/135.jpg)
What matters is what your developer base thinks!
![Page 136: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/136.jpg)
Reason #3
We make bad assumptions.
![Page 137: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/137.jpg)
API publishers are also developers.
![Page 138: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/138.jpg)
Reason #4
We lack the time, money or incentive for good design
![Page 139: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/139.jpg)
“Best practices”, patterns and standards become shortcuts
![Page 140: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/140.jpg)
Am I RESTfull enough?
![Page 141: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/141.jpg)
So, how can we do better?
![Page 142: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/142.jpg)
Developer-centric design requires effort and diligence.
![Page 143: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/143.jpg)
![Page 144: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/144.jpg)
![Page 145: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/145.jpg)
Is the answer an SDK?
![Page 146: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/146.jpg)
An SDK shifts the design effort but does not resolve the usability
challenge
![Page 147: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/147.jpg)
Design with the developer in mind.
![Page 148: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/148.jpg)
Ask them.
![Page 149: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/149.jpg)
• Interviews
• Surveys
• Listen (blogs, presentations, tweets)
![Page 150: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/150.jpg)
"If I had asked people what they wanted, they would have said faster horses.“ – Henry Ford?
![Page 151: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/151.jpg)
• Observe
• Prototype
• Historical Data
![Page 152: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/152.jpg)
Consider all aspects of the DX:
Registration
Security
Troubleshooting
Learning
Interface Style
![Page 153: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/153.jpg)
Registration
Lazy Registration
Social Integration
Personalization
![Page 154: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/154.jpg)
Development Activity Cycle
1. Learn
2. Code
3. Implement
4. Test
5. Fix
![Page 155: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/155.jpg)
Portal
API
Learn
Code
Test
![Page 156: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/156.jpg)
API
Learn
Test
![Page 157: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/157.jpg)
API explorers and “live documentation” can shorten the
gap between visibility and feedback.
![Page 158: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/158.jpg)
1. Identify a Target Audience
2. Learn about the audience
3. Make API design choices that are developer-centric
4. Prototype and get feedback
5. Iterate
How?
![Page 159: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/159.jpg)
Focus on the interactions that take place, rather than the interfaces
we expose
![Page 160: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/160.jpg)
Great API design can thrive in a developer-centric environment
![Page 161: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/161.jpg)
Usability Summary
• Focus on the developer
• Start by thinking in terms of interactions
• Effective for public and private APIs
![Page 162: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/162.jpg)
Securing APIs
![Page 163: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/163.jpg)
OWASP Top Ten (2010 Edition)
Source: http://www.owasp.org/index.php/Top_10
![Page 164: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/164.jpg)
The primary API management challenge:
Balancing Control and Accessibility
![Page 165: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/165.jpg)
![Page 166: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/166.jpg)
Identity Authentication Authorization Availability Integrity Privacy
![Page 167: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/167.jpg)
TLS OAuth 2
Open ID Connect
![Page 168: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/168.jpg)
OAuth provides a
Delegated Authorization Framework
![Page 169: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/169.jpg)
An imperfect analogy….
![Page 170: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/170.jpg)
http://www.flickr.com/photos/drewleavy/5587005480
![Page 171: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/171.jpg)
http://www.flickr.com/photos/24oranges/5791460046/
![Page 172: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/172.jpg)
http://www.flickr.com/photos/grumbler/571106054/
http://www.flickr.com/photos/roboppy/238406811/
Your Money
This Shop Needs Your Money
You need to grant access to your money
![Page 173: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/173.jpg)
http://www.flickr.com/photos/drewleavy/5587005480
I won’t tell.
I promise!
![Page 174: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/174.jpg)
www.flickr.com/photos/auntiep/255249516
![Page 175: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/175.jpg)
Granting access to someone to act
on your behalf.
![Page 176: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/176.jpg)
Your resources
This app needs to act on your behalf
You need to grant access to your resources
![Page 177: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/177.jpg)
Your google+ data
This app needs to access your Google+ data
You need to grant access to your resources
![Page 178: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/178.jpg)
Hi Google.
I’d like to have access to a user’s data.
![Page 179: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/179.jpg)
Hang on, let me ask…
![Page 180: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/180.jpg)
![Page 181: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/181.jpg)
He said yes. Here is your
access code.
![Page 182: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/182.jpg)
Proprietary authorization implementations
OAuth (2007)
OWrap
OAuth 2
History of OAuth
![Page 183: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/183.jpg)
OAuth 2 Grant Types
Grant Types:
- Authorization Code
- Implicit
- Resource Owner Password Credentials
- Client Credentials
![Page 184: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/184.jpg)
OAuth 2 Challenges
It is a framework
![Page 185: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/185.jpg)
OAuth 2 Challenges
New attack surfaces
Flexible, but complex for API publishers to implement
Utilizes redirection URIs (should be validated with strong rules)
Poor implementations will be exposed (see Facebook)
Not a solution to user authentication
![Page 186: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/186.jpg)
OpenID Connect
Identity Access and Authentication (when combined with Open ID)
Built on top of OAuth 2
Not tied to any single vendor or identity provider
![Page 187: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/187.jpg)
Open ID, Open ID Connect and OAuth 2
OAuth 2 allows an end-user to grant an application access to protected resources
However:
- The authorization server must still authenticate the end-user
- The client application is unable to determine information about the end-user
Client Application
Resource Owner Authorization Server
User Agent
Send
User
Authentication
Form
?
Authenticate
![Page 188: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/188.jpg)
OpenID Authentication can help the server authenticate the end-user
OpenID Connect provides a mechanism for the application to learn about the end-
user
Open ID, Open ID Connect and OAuth 2
Client Application
Resource Owner Authorization Server
User Agent
Send
OpenID
Authentication
Form Authenticate
Retrieve User
Information
OpenID
Resource
Server
![Page 189: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/189.jpg)
![Page 190: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/190.jpg)
![Page 191: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/191.jpg)
![Page 192: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/192.jpg)
Security Summary
• Keep focus on usability
• Utilize standards like OAuth and TLS
• Danger in poor implementations
![Page 193: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/193.jpg)
Designing an API Architecture
![Page 194: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/194.jpg)
http://www.flickr.com/photos/naomi_pincher/3306312873/
Layered Pattern
![Page 195: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/195.jpg)
![Page 196: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/196.jpg)
Representation Layer
![Page 197: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/197.jpg)
Component != Connector
![Page 198: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/198.jpg)
Component
Database
File System
Message Queue
Transaction Manager
Source Code
![Page 199: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/199.jpg)
Components Are Private
![Page 200: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/200.jpg)
Connector
Web Server
Browser Agent
Proxy Server
Shared Cache
![Page 201: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/201.jpg)
Connectors Are Public
![Page 202: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/202.jpg)
Client Server Connectors
Components
The Web
![Page 203: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/203.jpg)
![Page 204: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/204.jpg)
![Page 205: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/205.jpg)
The Treachery of Images - René Magritte
![Page 206: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/206.jpg)
Representation Layer
Representation happens in the Connector
HTTP supports content negotiation
- Accept
- Content-Type
Differing clients (user-agents) === differing representations
- Desktop
- Browser
- Tablet
- Smartphone
Be prepared to support multiple representations
![Page 207: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/207.jpg)
• Data and Interface Transformation • Focus on the interface (usability)
Representation
SOAP
Legacy
![Page 208: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/208.jpg)
Security Layer
![Page 209: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/209.jpg)
Security implementations are difficult:
• Mistakes are costly • Hard to understand specifications • Performance can suffer
![Page 210: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/210.jpg)
Don’t implement security in the API Enforce security at the edge
![Page 211: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/211.jpg)
Caching Layer
![Page 212: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/212.jpg)
Caching Layer
![Page 213: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/213.jpg)
Caching Layer
Caching happens EVERYWHERE
HTTP supports Expiration Model and Validation Model Caching
Expiration Model
- Expires
- Cache-Control: max-age
Validation Model
- Last-Modified
- Etag, If-Match
Be prepared to support caching for both client and server
Squid, Varnish, Nginx, MemCacheD, NSURLConnection etc.
![Page 214: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/214.jpg)
Orchestration Layer
![Page 215: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/215.jpg)
• Chaining multiple calls • Aggregating and enriching data • ‘mashup’ external data with internal data
Orchestration:
![Page 216: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/216.jpg)
![Page 217: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/217.jpg)
Gateway Pattern
Abstraction of multiple interfaces
In Software Engineering: Façade Pattern
Benefits:
- Deliver a consistent experience
- Centralize API functionality
http://martinfowler.com/eaaCatalog/gateway.html
![Page 218: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/218.jpg)
API Gateway
Gateway
API
API
![Page 219: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/219.jpg)
Restrict Access Improve Performance Focus on Usability
![Page 220: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/220.jpg)
The gateway doesn’t solve all our problems
![Page 221: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/221.jpg)
API portals
Portal
![Page 222: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/222.jpg)
API Management
Portal
Gateway
API
API
![Page 223: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/223.jpg)
We also apply this philosophy behind the firewall.
![Page 224: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/224.jpg)
Architecture Summary
• Use a layered architecture
• Deploy a gateway for runtime
• Deploy a portal for developers
![Page 225: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/225.jpg)
SOA Governance vs. API Management
![Page 226: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/226.jpg)
Web APIs: New and Exciting!
http://www.flickr.com/photos/every1knows/4191971139
![Page 227: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/227.jpg)
“Web APIs? I’ve been doing that for years.”
Image courtesy of http://www.flickr.com/photos/en321/3902138429/
![Page 228: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/228.jpg)
Web APIs offer us a new perspective
http://www.flickr.com/photos/mugley/4407790613
![Page 229: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/229.jpg)
The Modern Philosophy of the Web API:
• self service
• lower barriers and lower costs
• developer-centric
![Page 230: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/230.jpg)
All hail the developer kings!
![Page 231: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/231.jpg)
SOA Governance
Enforce access control Promote service usage Provide service discovery documents Provide service usage visibility
![Page 232: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/232.jpg)
API Management
Enforce access control Promote API usage Provide API documentation Provide API usage visibility
![Page 233: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/233.jpg)
SOA Governance
How do we make sure that these services are used properly?
![Page 234: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/234.jpg)
API Management
How do we get people to use our API without falling over?
![Page 235: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/235.jpg)
Controlled versus Organic
![Page 236: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/236.jpg)
Representing organizations is useful Complexity sucks Focus on the user
What can we learn from SOA Governance?
![Page 237: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/237.jpg)
Web APIs are acting on a planetary scale
Service
Service
Service
ESB
ISB
API
API
API
![Page 238: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/238.jpg)
SOA Governance Summary
• Different but converging
• Developer based perspective
• Based on success
![Page 239: API Introduction - API Management Workshop Munich from Ronnie Mitra](https://reader033.fdocuments.net/reader033/viewer/2022042615/55d4fc8cbb61eb9f528b4643/html5/thumbnails/239.jpg)
API Workshop
Ronnie Mitra
Principal API Architect - Europe
Layer 7 API Academy