Download - API Gateway - OFM Canberra October 2014
![Page 1: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/1.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle API Gateway
Damien McAullayOracle Fusion MiddlewareOctober 2014
![Page 2: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/2.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 2
Defining APIs …
• APIs are the face of enterprise applications and processes• From the APIs’ consumers’ perspective, they are the applications• Organizations can use different APIs to create optimized applications for
customers, partners & employees• It is imperative that organizations apply the same rigor to applications
lifecycle management to API lifecycle management
![Page 3: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/3.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 3
What is an API Gateway or API Management?
• Every API requires a supporting infrastructure to make sure the APIs are properly managed, delivered & secured
• OAG provides an enterprise platform for API delivery removing the needs for APIs owners to build repeatedly one-off support infrastructure
• APIs enable enterprises to deliver business services via Cloud, mobile or partners channels
![Page 4: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/4.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 4
Oracle API Gateway – What/How?
• API transformation and protocol switch• API control & runtime governance• API scalability and reliability• API security – AAA and Threats mitigation• API monitoring – routing and throttling• API development lifecycle• API administration
![Page 5: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/5.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 5
Fine Grained AuthZ and Data Redaction
• Name & Contact Info
• Masked SSN
• Primary Physician
• Insurance
Response
• Name & Contact Info
• Masked SSN
• Primary Physician
• Insurance
•Payment History
Response
• Name & Contact Info
• Primary Physician
• Health History
Response
Legacy
Patient Record
Application
Legacy
Patient Record
Application
Existing API ReturnsName & Contact Info
SSN
Physician Info
Existing Conditions
Prescriptions
Health Records
Insurance
Payment History
Existing API ReturnsName & Contact Info
SSN
Physician Info
Existing Conditions
Prescriptions
Health Records
Insurance
Payment History
Entitlements Server
Help desk
Doctor
AccountingPEPPEP
PDPPDP
Oracle APIGateway
![Page 6: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/6.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 6
Client Oriented Requests & Throttling• Client-based policies for the same web service end-point– Policy A for Client 1 and Policy B for Client 2
• Client-based throttling– Allow 100 transactions per second (TPS) for Client 1 and 250 TPS for Client 2
• Client-based service-level agreement (SLA) alarms• Hiding service operations from certain clients• Client can be identified through– IP address, SAML attributes, SOAP/transport headers– Identity attribute lookup after authentication– Device IDs / IDContext Attributes
![Page 7: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/7.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 7
API Key Management
Corporate DMZ
Unified Agent
SOAP/REST and Legacy Web Services
Security Gateway
HR
CRM
Talent
APIKey_AWS APIKey_Salesforce
API Key + Web Service Request
![Page 8: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/8.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 8
Oracle API Gateway – Where?
First Line Of Defense
Shared Services Layer
End PointSecurityHTTP,
SOAP, REST,XML, JMS
HTTP, SOAP, REST, XML, JMS
Service BusOWSM Agent
OWSM Agent
DMZ
WS-Security,Basic Auth,Digest,X509, UNT,SAML, KerberosSign & Encrypt
OWSM Agent
OWSM Agent
OWSM Agent
OWSM Agent
WS-Security,Basic Auth,Digest,X509, UNT,SAML, KerberosSign & Encrypt
OAG
Intranet
Applications
![Page 9: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/9.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 9
Concepts and Architecture – Logical Components
![Page 10: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/10.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 10
Concepts and Architecture – Policy Studio and OAG Manager
OAG INSTANCE 1 OAG INSTANCE 3STOCK CONTROL APIs GROUP
OAG INSTANCE 2 OAG INSTANCE 4PAYMENT APIs
GROUP
PHYSICAL / VIRTUAL MACHINE 1 PHYSICAL / VIRTUAL MACHINE 2
DOMAIN
ADMIN NODE MANAGER NODE MANAGER
OAGMANAGER
POLICY STUDIO
MANAGESMANAGES
![Page 11: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/11.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 11
Concepts and Architecture – Configuration Parts
![Page 12: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/12.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 12
Concepts and Architecture – Lifecycle Management
![Page 13: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/13.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 13
Concepts and Architecture – Lifecycle Management
![Page 14: API Gateway - OFM Canberra October 2014](https://reader036.vdocument.in/reader036/viewer/2022062513/556218f0d8b42af2128b54fe/html5/thumbnails/14.jpg)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 14
Demo