application development with api manager
TRANSCRIPT
![Page 1: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/1.jpg)
Applica'on Development
Last Updated: May 2014
VP, Delivery Samisa Abeysinghe
API Management
![Page 2: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/2.jpg)
2
About the Presenter
๏ Samisa Abeysinghe VP Delivery [email protected]
๏ Samisa Abeysinghe, Vice President of Delivery joined the company in September 2005. Prior to the current role, Samisa used to be VP of Engineering and managed the development of WSO2 Carbon based product plaJorm.
![Page 3: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/3.jpg)
3
About WSO2 ๏ Global enterprise, founded in 2005
by acknowledged leaders in XML, web services technologies, standards and open source
๏ Provides only open source plaJorm-‐as-‐a-‐service for private, public and hybrid cloud deployments
๏ All WSO2 products are 100% open source and released under the Apache License Version 2.0.
๏ Is an Ac've Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Founda'on and W3C.
๏ Driven by Innova'on
๏ Launched first open source API Management solu'on in 2012
๏ Launched App Factory in 2Q 2013
๏ Launched Enterprise Store and first open source Mobile solu'on in 4Q 2013
![Page 4: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/4.jpg)
4
What WSO2 delivers
![Page 5: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/5.jpg)
5
Business Model
![Page 6: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/6.jpg)
6
Managing APIs
๏ An API is a business capability delivered over the Internet to internal or external consumers
๏ Network accessible func'on
๏ Available using standard web protocols
๏ With well-‐defined interfaces
๏ Designed for access by third-‐par'es
๏ A Managed API is:
๏ Ac'vely adver'sed and subscribe-‐able
๏ Available with SLAs
๏ Secured, authen'cated, authorized and protected
๏ Monitored and mone'zed with analy'cs
![Page 7: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/7.jpg)
7
API Centric Capabili'es
![Page 8: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/8.jpg)
Adopt Integra'on Best Prac'ces From SOA lessons learned, best prac4ces roles
• Creator • Builds, manages, and versions API • Understand business and technical requirements • Cares about usage and scaling • Seeks feedback, ra5ngs, usage
• Publisher • Publishes, Promotes and encourages consumers to adopt APIs • Determines usage pa`erns and how to best mone'ze asset • Monitors and secures
• Consumer
• Understands the interface defini'on • Subscribes and connects applica'on to API • Monitors own usage and cost basis • Provides feedback and ra'ngs
![Page 9: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/9.jpg)
Communica'on: Key to Dev team success
Teams re-‐build rather than re-‐use • APIs proliferate (100s of APIs) and are minimally re-‐used • Minimal communica'on and coordina'on
• Who is consuming API? • Who is wri'ng re-‐usable APIs?
• Prevalent SOA An'-‐pa`erns • Not Invented Here (NIH) • Tight Coupling and Build again
• Shared API invisibility • Teams do not know about API • Non-‐func'onal and func'onal requirements are not well documented • Teams can not easily map API to needed business capability
![Page 10: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/10.jpg)
10
WSO2 API Management
Platform
WSO2’s API Management Vision ๏ Create APIs
๏ WSO2 Applica'on Server, Data Services Server and ESB
๏ Find and subscribe/buy APIs
๏ API Store and Governance
๏ Manage, secure and protect APIs
๏ API Management and Gateway
๏ Monitor and Mone'ze APIs
๏ API Monitoring and Analy'cs
๏ Develop, host and run API-‐based applica'ons in a PlaJorm-‐as-‐a-‐Service
๏ WSO2 Stratos and Cloud Development PlaJorm
๏ API Cloud
![Page 11: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/11.jpg)
11
API Manager Product and PlaJorm
![Page 12: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/12.jpg)
12
API Ecosystem Model From SOA lessons learned, best practices roles
๏ API Creator
๏ Builds, manages, and versions API
๏ Understand business and technical requirements
๏ Cares about usage and scaling
๏ Seeks feedback, ra'ngs, usage
๏ API Publisher
๏ Publishes, Promotes and encourages consumers to adopt APIs
๏ Determines usage pa`erns and how to best mone'ze asset
๏ Monitors and secures
๏ API Consumer
๏ Understands the interface defini'on
๏ Subscribes and connects applica'on to API
๏ Monitors own usage and cost basis
๏ Provides feedback and ra'ngs
![Page 13: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/13.jpg)
13
API Manager Components
![Page 14: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/14.jpg)
14
Scalable Deployment Architecture
![Page 15: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/15.jpg)
15
API Publisher Features
![Page 16: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/16.jpg)
16
API LifeCycle Management
![Page 17: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/17.jpg)
17
API Store Features
![Page 18: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/18.jpg)
18
Collabora've Store ๏ Ability to create mul'ple domains (tenants) within the same API Manager instance
๏ Each domain can have their own store or publish APIs to a central store -‐ This is transparent to the consumers.
๏ Typical Use Cases:
๏ Segmen'ng the publishers by business unit or partner and restric'ng edi'ng rights by domain
๏ Create an API marketplace : one-‐stop store for domain APIs.
![Page 19: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/19.jpg)
19
API Store: Customiza'on
![Page 20: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/20.jpg)
20
API Store: APIs Visibility
๏ At publish 'me, an API can be marked as Public or Restricted
๏ If Restricted by Roles
๏ 1 or more roles need to be specified.
๏ If Restricted by Domain
๏ APIs are only visible to specific domain(s).
๏ Public APIs are shown to all, Restricted are only visible when you log-‐in and have the required role or logged in to required domain.
![Page 21: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/21.jpg)
21
API Gateway Processing Flow
![Page 22: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/22.jpg)
22
API Gateway Processing Flow
![Page 23: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/23.jpg)
Programing Model
๏ Client apps (Web, Mobile etc) to call the API
๏ Those calls to be authen'cated using access tokens
23
![Page 24: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/24.jpg)
24
API Access Tokens ๏ OAuth2 standard compliant
๏ Pre-‐generated Access Token: can be used from an applica'on, to iden'fy the applica'on itself
๏ On-‐demand Access Token: generated via API call, using Consumer Key and Consumer Secret -‐ Iden'fies the end user of an applica'on (web applica'ons, mobile applica'ons)
![Page 25: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/25.jpg)
25
Access Tokens Usage Scenarios ๏ Shared access token
๏ Unique access token
![Page 26: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/26.jpg)
26
Shared Access Token
![Page 27: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/27.jpg)
27
Shared Access Token 1. Project manager or owner subscribe for the APIs by login
into the API Store.
2. API Store provides a access-‐token, consumer-‐key, consumer-‐secret.
๏ in development use the access-‐token for sandbox environment.
3. Project manager shares the access-‐token with the app-‐developers.
4. App-‐developers use the access-‐token to invoke the apis.
5. Project manager redistribute new access-‐token when it expires or set it to never expire.
![Page 28: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/28.jpg)
28
Unique Access Token
![Page 29: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/29.jpg)
29
Unique Access Token 1. Project manager or owner subscribe for the APIs by login into the API
Store.
2. API Store provides a access-‐token, consumer-‐key, consumer-‐secret
3. Project manager share the consumer-‐key, consumer-‐secret with app-‐developers.
4. Each app-‐developer request for a access-‐token using base64 encoded value of consumer-‐key:consumer-‐secret and his/her creden'als (stored in system user-‐store) using system api /token.
๏ app-‐developers can request for a access-‐token using a valid consumer-‐key, consumer-‐secret and ac've user account in the system user-‐store
5. API Gateway return a access-‐token.
6. App-‐developers invoke the APIs using their own access-‐token, renew the access-‐token when required.
![Page 30: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/30.jpg)
Call to Ac'on
๏ WSO2 API Manager : h`p://wso2.com/products/api-‐manager/
30
![Page 31: Application Development with API Manager](https://reader033.vdocuments.net/reader033/viewer/2022052822/554bbf1cb4c9053a298b4f76/html5/thumbnails/31.jpg)
Contact us !