api management in digital transformation
TRANSCRIPT
www.persistentsys.com
© 2013 Persistent Systems Ltd
API Management in Digital Transformation Aditya Thatte Architect Cloud & Digital Transformation Practice
© 2013 Persistent Systems Ltd 2
Topics of Discussion• Why APIs & API Evolution• API Initiatives / Programs• API Management (What & Why)• Components of API Management Platforms• API Management Myths • Deployment Models• API Management Evaluation Criteria• Case Study
© 2013 Persistent Systems Ltd 3
Amazon’s Fiery Secret Sauce…1. All teams will henceforth expose their data and
functionality through service interfaces.
2. Teams must communicate with each other through these interfaces.
3. There will be no other form of IPC allowed: no direct linking, no direct reads of another team’s data store, no shared-memory model, no back-doors whatsoever. The only communication allowed is via service interface calls over the network.
4. It doesn’t matter what technology they use. HTTP, CORBA, Pub/sub, custom protocols — doesn’t matter.
5. All service interfaces, without exception, must be designed from the ground up to be externalizable. That is to say, the team must plan and design to be able to expose the interface to developers in the outside world. No exceptions.
6. Anyone who doesn’t do this will be fired.
7. Thank you; have a nice day!
© 2013 Persistent Systems Ltd 4
Why APIs?
DisruptEngage
Externalize
Growth Optimize
• Service visibility• Leverage internal systems & data• Partner adoption• Open new channels
• Drive consumption• Fuel App economy
• Accelerate innovation• New biz. Models• New revenue streams• Mashups• Customer Delight
• Target ubiquity• Max reach• Footprint• Drive revenue
• Internal processes• Faster GTM • Time saver
© 2013 Persistent Systems Ltd 5
Evolution of APIs & Business Impact
• Revenue Generated • Salesforce, 50% revenue via APIs• Expedia, 90% revenue via APIs• eBay, 60% revenue via APIs
• API Traffic explosion• Twitter gets > 15B API calls / day• Google gets > 10B API calls / day• Facebook gets > 7B API calls / day
APIs
Device and data explosion fuels the AE
© 2013 Persistent Systems Ltd 6
Types of API Programs / Initiatives
Facilitates Integration & optimization of Internal services / processes
• Optimizing business processes• Atomic SOA based services• Reuse web services
For: Internal users, employees
• Streamlined operations• Service reuse (no reinvention)• Increased flexibility
Examples:• HR Payroll service• Travel Management service
Internal APIs Partner APIs Open APIs Product APIs
Product as an API
• B2B, B2C• Mindshare• Drive innovation
For: Developers, partners
• Grow product footprint• Foster app economy
Examples:• Amazon Web Services• Salesforce.com
Facilitates Integration with partnerorganizations
• B2B partner processes• Composite SOA based services• On-board new partners quickly
For: Internal users, suppliers, channel partners
• Upsell services • Lowers cost• Grow partner ecosystem
Examples:• Product Shipment API (e.g.
Deliv)• Payment API, Deals API
(Groupon)
Public APIs, Self-service
• B2B, B2C• Expand reach• Drive innovation
For: Developers, disruptors
• Grow developer ecosystem
• Open new channels & revenue streams
Examples:• Google Maps• BestBuy • Facebook, Twitter
© 2013 Persistent Systems Ltd 7
API Management
Data LayerBusiness LogicAPI EndpointsApplications
Analytics
Quotas Product Management
Portals
Security
Transformation
Caching
Lifecycle Management
Develop • API Manageability (100’s of APIs)• E.g. Amazon Web Services
• Faster Time to Market • Product / Service / API Analytics • Monetizing services• API Versioning • Scalability
© 2013 Persistent Systems Ltd 8
Key Components of API Management Platforms
API Portal
API Gateway
Data Layer
Security Performance Transformation
Documentation Onboarding Packaging Analytics
Lifecycle Managemen
t
Data Backend as a Service (DBaaS)
Caching
Monetization
© 2013 Persistent Systems Ltd 9
API Management Scenario
API Management (API Proxy)
API Strategy for an e-commerce company:- B2B & B2C API Program (~100,000
users)- 20 Public & 100 Internal APIs- Automatic Key Generation- 500 API calls / day per user- XML, JSON support- Create app ecosystem around product
& inventory data
Security
Caching Analytics
Transform
Quotas
Onboarding
- Register (proxy) the backend API- Enable OAuth / SAML / API key- Automatic key registration- Define Quotas (500 per day)- XML to JSON transformation- Cache tokens, product details
Data LayerBusiness LogicAPI EndpointsApplications
© 2013 Persistent Systems Ltd 10
A Microservices approach
© 2013 Persistent Systems Ltd 11
Forrester Wave (Oct 2014) & Gartner Quadrant (Apr 2015)
© 2013 Persistent Systems Ltd 12
Other Vendors…Commercial Open Source
Oracle API Grove
Azure API Mgmt. ApiAxle
Software AG Tyk
WaveMaker API Umbrella
SAP StrongLoop
Mashape RESTFiddle
Repose
© 2013 Persistent Systems Ltd 13
Selection / Evaluation Criteria Strategic Technical Non- Technical
Audience- B2B- B2E- B2C
Metrics & Goals- UX- No. of
downloads- API calls / day- Revenue / callGTM Strategy- Business Models- Standalone app- Integration
Support Services- Community - Forums
Global Presence
Technical & Domain Expertise- Vertical consulting- API Strategy- Custom Engineering- Engineering
services
Security- OAuth, SAML
Monetize- Rate Plans- Business Models
Analytics- API KPIs- SLAs, Monitoring- Revenue, Traffic
PatternsTransformation- Caching, Mediation
Compliance- FIPS, PCI, HIPAA
Budget
© 2013 Persistent Systems Ltd 14
API Management Deployment Models
Cloud On-Premise• Typical PAYG model• Multi-tenant• Economies of scale• Focus on the core business, not
the infrastructure• Resiliency (HA, FT, DR)• Faster Go To Market (GTM) • Compliance• Managed service
• All API management services & data would run in the cloud (security)
• Latency
• Management & control• Data compliance• Reduced Latency• Varied levels of security
• Increased CAPEX & OPEX
© 2013 Persistent Systems Ltd 15
API Management Myths • API Management is different from SOA• API Management is SOA Governance
• API Management is an extension of SOA (from inside to the outside)
• SOAP is dead• SOAP is traditional YES, but by no means dead. SOAP projects are converted to
REST projects
• APIs are only REST based• Most favored for building next generation apps
• APIs need NO management• Oh boy, APIs do need to be managed
• API Management == Digital Transformation• APIs fuel the mobile, social and data economy, thus driving the digital force
© 2013 Persistent Systems Ltd 16
Case Study • Enterprise in the Media Industry
• API Program: Public + Partner + Internal
• Goals:• Offer USAToday content on any device• Grow strategic partnerships• Facilitate easy partner onboarding• Mashup & remix data like never before
• Approach: • API Management Platform + API Strategy services
• Results:• 700+ partners onboarded• 200+ applications developed around the APIs
© 2013 Persistent Systems Ltd 17
Key Takeaways• APIs have exploded, and sit at the heart of the application economy
(Great time to be a developer and an agile business)
• APIs when grow in number, need to be managed (APIs are not as trivial as we think. Get it right the first time!!)
• API management is one of the key stepping stones towards a Digital Transformation Strategy
© 2013 Persistent Systems Ltd 18
ReferencesArticle Link
Strategic Value of APIs https://hbr.org/2015/01/the-strategic-value-of-apis
The Success to Amazon’s Internal APIs
http://apievangelist.com/2012/01/12/the-secret-to-amazons-success-internal-apis/
The Forrester Wave: API Management Solutions
https://www.forrester.com/The+Forrester+Wave+API+Management+Solutions+Q3+2014/fulltext/-/E-RES119266
Gartner Magic Quadrant for Application Services
http://www.gartner.com/technology/reprints.do?id=1-2DE91TX&ct=150410&st=sg&aliId=14066789
Building blocks of a successful API strategy
https://gigaom.com/2011/03/19/the-building-blocks-for-a-successful-api-strategy/
Why APIs are not SOA++?
https://blog.apigee.com/detail/qa_why_apis_are_not_soa
© 2013 Persistent Systems Ltd 19
Q&A