Last Updated: June. 2015

API Management Technical Evaluation Framework

Vice President, Platform Evangelism, WSO2Chris Haddad

REST Easy with API 101

An API is a business capability delivered over the Internet to internal or external consumers

• Network accessible function

• Available using standard web protocols

• With well-defined interfaces

• Designed for access by third-parties

Beyond the Technology- API Strategy Steps

• Understand your business model and IT-business

goals

• Expose a business capability as an API product

• Socialize availability

• Encourage ecosystem adoption and API

composition

• Evolve and scale the API

API Adoption Barriers

Inability to configure service per consumer

Limited Scale

Difficult to manage requirements and coordinate schedules

Difficult On-Ramp

nvisible business capabilities

Poor documentation

Lengthy access process

Delivery concerns

trust in stability, reliability, availability, performance

Security Risks

Why use an API Management Platform

o Easily build and deploy a managed API

o Rapidly re-factor legacy services as consumable RESTful APIs

o Increase API adoption

o Solve difficult Quality of Service, lifecycle, and governance challenges

o Demonstrate API business value

Evolve beyond Naked APIs

A Managed API is:

Actively advertised and subscribe-able

Exhibits high Quality of Service (QoS)

Available with Service Level Agreements (SLAs)

Secured, authenticated, authorized and protected

Monitored and monetized with analytics

What API Management Platform Offers

o Increase API adoption

o Enhance API visibility by offering developer portal

o Offer self-service access

o Engage the community

o Easily build and deploy a managed API

o Apply RESTful API design notations

o Assign service level tiers and access controls

o One button publication into production

What API Management Platform Offers

o Rapidly re-factor legacy services as consumable RESTful APIs

o Mediation primitives

o Align developer experience with RESTful design

o Solve difficult Quality of Service, lifecycle, and governance challenges

o Service level tiers, monitoring

o Approval workflow

o API versioning and lifecycle states

o Demonstrate API business value

o Subscription, usage, performance, monetization

API PlatformEvaluation Vectors

oSolutions Architecture

oDesign and Implement

oSecure

oPublish and Engage

oMonitor and Manage

oAnalyze API Interactions

Solutions Architecture

Category Score

Intuitive Development Experience

DevOps Friendly

Delivers High Quality of Service and Performance

Easily Deployed in Your Run-time Environment

Pluggable, Extensible, and Themable

Platform APIs

Platform multi-tenancy support

Efficient Pricing and Excellent Support

Solution Topology

Enterprise SOA and API Integration Platform: API-centric View

Design and Implement

API Design and Implementation

Category Adoption Score

API Design Foundation

API Documentation Foundation

API Façade Development Foundation

API Mediation and Orchestration Optimizing

Service Level Definition Optimizing

API Test Optimizing

o ???

Safely and securely deliver mission critical APIs

Secure

Category Score

Access Control, Authentication, and Key ManagementGovernance and Compliance

Attack Prevention

Confidentiality, integrity, and privacy

Identity and Credential ManagementInfrastructure Integration and Deployment Topology

Trust and Policy

User Management

17

Passing Auth Information to back-end services

o Using JSON Web Tokens (JWT)

o Lightweight

o Can be signed

o Easy to parse and consume

o Standard

Foster API Team Collaboration

Image: © Rawpixel - Fotolia.com

Publish and Engage

Category Score

API Consumption

API Economy

API Publication

Community Management

Boost the API Economyo Fully customizable look and feel

o Multiple Storefronts for diverse communities

o Multiple publisher groups

o Flexible Service Level Tiers

o Flexible monetization engine

Monitor and Manage

Category Score

Configuration Management

Release Management

Patch Management

Policy Management

Service Level Management

High Availability and Reliability

Performance

Disaster Recovery

Monitoring and Alerts

Compliance Reporting and Governance

Operate at the Speed of BusinessGovern the API

Govern the API

Category Score

Dashboard

Lifecycle Management

Meta-data Management

Portfolio Management

Service Level Management

Usage Management

Version Management

API Product Governance

o Manage Dependencies

o Track adoption

o Usage and Subscription Tracking

o Manage Compatibility

o Backwards or Forwards

o Versioning

o Communicate Migration Strategies

o Deprecation, Retirement

End to End Governance

o An API can pass through multiple states

o CREATED

o PUBLISHED

o DEPRECATED

o RETIRED

o BLOCKED

o Service Alignment

Compass and Gearing

You can’t manage what you can’t measure.

Analyze API Interactions

Category Score

API Economy

Architecture

Compliance

Developer Experience

Monitoring and Management

Portfolio Management

Security

Usage

28

Why Analytics and API Management are important together?

o Build confidence in the API model

o Understand your customer

o Not just the developer but also the end-user

o Help manage services and versions

o Understand when deprecated services can be retired

o Plan better

o Monitor the growth of aggregated API traffic

o Monitor the growth of specific apps

o Even if you’re not going to put analytics in place, make sure you capture all events right from beginning of project.

Service Re-use Dashboard

API Landscape

Future Gate

http://wso2.com/api-management/try-it/

http://wso2.com/cloud/api-cloud/

Access the WSO2 API Platform

Contact us !