i love apis 2015: advanced crash course in apigee edge workshop

1

Crash Course: Advanced Topics in Apigee Edge!

©2015 Apigee Corp. All Rights Reserved.

The Team

3

Deep Dive 3-legged OAuth 2.0!Alex Koo – Apigee Principal Architect

Diego Zuluaga – Apigee Principal Architect


So, what’s the use case for it?

4

do I want to give access to these these resources

to someone else?

Essentially: How to authorize external applications to access your resources


OAuth Basic Concepts

• OAuth 2.0 is a protocol that allows clients to grant access to server resources to another entity without sharing credentials

• Client IDs and Secrets are used to identify and authenticate applications (application's consumer key and consumer secret)

•  Tokens are issued to allow access to specific resources for a specified period of time and may be revoked by the user that granted permission or by the server that issued the token


OAuth Basic Concepts

• We can use scopes to limit the access for a given token, granting permission only for the operations that are necessary

•  Five different grant types specify the different authentication usage scenarios OAuth supports

• We must protect tokens, and OAuth 2.0 requires that all API traffic be sent via SSL


Access Tokens Access Tokens allow access to a protected resource for a specific application to perform only certain actions for a limited period of time.

Identification info from the requesting application (client ID and secret)

+ Resource owner credentials (if needed)

+ Optional information about what the application wants to do with the resource (scope)

= Access Token and (optional) refresh token

In Apigee, access tokens are opaque strings with no encoded meaning. Access tokens are passed as bearer tokens in an Authorization header.


Refresh Tokens Refresh Tokens, if provided, represent a limited right to reauthorize the granted access by obtaining new access tokens.

Identification info from the requesting application (client ID and secret)

+ Refresh token

+ Optional information about what the application wants to do with the resource (scope)

= Access Token


Scopes Scopes identify what an application can do with the resources to which it is requesting access. Scope names are defined by the authorization server and are associated with information that enables decisions on whether a given API request is allowed or not.

Scope 1: “READ” ●  GET /photos

●  GET /photos/{id}

Scope 2: “UPDATE” ●  GET /photos

●  GET /photos/{id}

●  POST /photos

●  PUT /photos/{id}

Apigee associates scope names to be matched with a combination of API resource path and verb. So, for example:

When an application requests an access token, the scope names are optional.


OAuth 2.0 Grant Types

Grant Type Typical Use Case Complex?

No specific resource owner is involved

Client Credentials Business system interactions, where resources being operated on are owned by the partner, not a particular user

No

A specific resource owner is involved

Resource Owner Password Credentials

Resources are owned by a particular user and the requesting application is trusted

A bit

Authorization Code

Resources are owned by a particular user and the requesting application is untrusted

Very

Implicit Resources are owned by a particular user, and the requesting application is an untrusted browser-based app written in a scripting language such as JavaScript

Very, and potentially insecure as well

Refresh For generating a new access token. Refresh tokens have longer TTLs than access tokens.

No

An OAuth Grant is a credential representing the resource owner’s authorization. More often than not, we tend to think of grants in terms of the process used to obtain an access token.

©2015 Apigee Corp. All Rights Reserved. 13

OAuth 2.0 Auth Code Grant Type


Before we get started… 1.  Open an Account in Cloud9 - it’s free…

https://c9.io

2. Start by cloning this Apigee Samples Repo

git clone https://github.com/apigee/api-platform-samples.git

–  https://github.com/apigee/api-platform-samples •  Login App •  Third-party App •  OAuth 2.0 API •  User Authentication/Management Endpoint

3. Install apigeetool npm install apigeetool -g

Let’s dissect our API Proxy Bundles


webserver-app bundle •  Represents the third-party web app •  Link or button to the login page

$ curl http://testmyapi-‐test.apigee.net/web -‐v > GET /web HTTP/1.1 > Host: testmyapi-‐test.apigee.net < HTTP/1.1 200 OK <!DOCTYPE html> <html> <head> <script> var BASEURL="https://testmyapi-‐test.apigee.net"; var REDIRECT="https://testmyapi-‐test.apigee.net/web/callback"; var CLIENT_ID="VXNYaci4FGfKfEERy5KhXHeIln2pONDr"; function login() { window.location.href=BASEURL+'/loginapp/login?apikey='+CLIENT_ID+'&redirect_uri='+REDIRECT+'&scope=order&state=123'; } </script> </head> <body> <input type="button" value="Login with Apigee Example Auth" onclick="login()" /> </body> </html>


login-app bundle •  Represents the login-app - login page:

curl https://testmyapi-‐test.apigee.net/loginapp/login\?apikey\=VXNYaci4FGfKfEERy5KhXHeIln2pONDr\&redirect_uri\=https://testmyapi-‐test.apigee.net/web/callback\&scope\=order\&state\=123 -‐v > GET < HTTP/1.1 200 OK < set-‐cookie: sid=s%3AiHGIrOYTOfGwncJNV03Typkeb6rYAB6V.8GGzrvr4JTHZV6l%2FUo2oKqBgCHuNGbrvE8uulbXvjW8; Path=/; Expires=Mon, 05 Oct 2015 01:45:46 GMT; HttpOnly <!DOCTYPE html> <html> <head> <title>Login</title> <link rel="stylesheet" type="text/css" href="/loginapp/stylesheets/global.css" > <meta name="viewport" content="width=device-‐width, initial-‐scale=1, maximum-‐scale=1, user-‐scalable=no"> </head> <body> <form id="login" name="login" method="post"> <h1><img src="/loginapp/images/apigee_logo_md.png" alt="Apigee" /></h1> <label for="username" class="noshow">Username</label> <input id="username" name="username" type="text" placeholder="Email address" required /> <label for="password" class="noshow">Password</label> <input id="password" name="password" type="password" placeholder="Password" required /> <input name="submit" type="submit" value="Login" /> <p class="intro">or <a href="/loginapp/register?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback">register</a>.</p> </form> </body> * Connection #0 to host testmyapi-‐test.apigee.net left intact </html>


login-app bundle •  Represents the login-app - submit credentials:

$ curl 'https://testmyapi-‐test.apigee.net/loginapp/login?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback&app=oauth2-‐app' -‐H 'Cookie: __lc.visitor_id.3296802=S1436475468.3abaac467f; sid=s%3ARL8HY7b7IqporrtwlLUi8-‐E5uX4YkAY4.yxUe2oPoukTxjwhoHdhz%2B8k9A9ghfsu7B%2Ft2rWuF8Og' -‐H 'Content-‐Type: application/x-‐www-‐form-‐urlencoded' -‐-‐data 'username=dzuluaga%40apigee.com&password=apigee123&submit=Login' -‐-‐compressed -‐v > POST /loginapp/login?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback&app=oauth2-‐app HTTP/1.1 > Host: testmyapi-‐test.apigee.net > User-‐Agent: curl/7.42.1 > Accept: */* > Accept-‐Encoding: deflate, gzip > Cookie: __lc.visitor_id.3296802=S1436475468.3abaac467f; sid=s%3ARL8HY7b7IqporrtwlLUi8-‐E5uX4YkAY4.yxUe2oPoukTxjwhoHdhz%2B8k9A9ghfsu7B%2Ft2rWuF8Og > Content-‐Type: application/x-‐www-‐form-‐urlencoded > Content-‐Length: 62 > * upload completely sent off: 62 out of 62 bytes < HTTP/1.1 302 Found < X-‐Powered-‐By: Express < Location: /loginapp/consent?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&app=oauth2-‐app&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback < set-‐cookie: sid=s%3AbigsdjFYyAfyuFg7Jk-‐HgcVkojwLzKI9.5B3q8Pq23EVv3ffNSX5yqok77XyV6ZCRgCfCdIWwbzc; Path=/; Expires=Mon, 05 Oct 2015 04:41:30 GMT; HttpOnly


user-mgmt-v1 bundle - User Store

•  Serves as the credential validation endpoint

$ curl https://testmyapi-‐test.apigee.net/v1/users/authenticate \ -‐X POST -‐d '{"username": "[email protected]", "password": "apigee123" }' \ -‐H 'Content-‐Type:application/json' -‐v < HTTP/1.1 403 Forbidden < Content-‐Type: application/json < Content-‐Length: 85 < Connection: keep-‐alive < * Connection #0 to host testmyapi-‐test.apigee.net left intact {"status":"failure", "message":"Authentication failed for user [email protected]."}%


login-app bundle •  Represents the login-app - consent page: “Allow” decision=yes

curl 'https://testmyapi-‐test.apigee.net/loginapp/consent?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&app=oauth2-‐app&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback' -‐H 'Cookie: __lc.visitor_id.3296802=S1436475468.3abaac467f; sid=s%3AMYwxTt148YagDN-‐htNbRv9UppUml9cYR.9rL7bNV3p93TAamgLk3wVTVAnpOdvuzkLzhligHGnaw'-‐H 'Content-‐Type: application/x-‐www-‐form-‐urlencoded' -‐-‐data 'decision=yes' -‐-‐compressed -‐v > Content-‐Type: application/x-‐www-‐form-‐urlencoded > Content-‐Length: 12 > * upload completely sent off: 12 out of 12 bytes < HTTP/1.1 302 Found < X-‐Powered-‐By: Express < Location: https://testmyapi-‐test.apigee.net/web/callback?scope=&code=ylkMuj5l < Date: Mon, 05 10 2015 04:53:08 GMT < Content-‐Length: 0 < Connection: keep-‐alive

Get cookie from previous request

Authorization code


webserverapp bundle

•  Send authorization code to oauth2 bundle to obtain an access token •  Uses the secret

$ curl 'https://testmyapi-‐test.apigee.net/web/callback?scope=&code=LwhCoj7P' -‐v > GET /web/callback?scope=&code=LwhCoj7P HTTP/1.1 < HTTP/1.1 302 Redirect < Location: https://testmyapi-‐test.apigee.net/web?access_token=GOocdfQI40xNhZGUTn4uhIcwGYAS < Content-‐Length: 0 < Connection: keep-‐alive


Additional ChallengesQ&A

23


Use tokens from a Third Party Provider e.g. Google or Facebook

Use case: –  I want use tokens from Google or Facebook to access user resources –  I want leverage Apigee API Management capabilities. E.g. Traffic management, analytics,

big data, etc.

API proxy Sample

•  Apigee Tutorial http://apigee.com/docs/api-services/content/use-third-party-oauth-system

•  Music Access - API Proxy Sample https://github.com/dzuluaga/apigee-tutorials/tree/master/apiproxies/musicapi-oauth-delegated-authentication

•  Google OAuth 2.0 Playground https://developers.google.com/oauthplayground/


How to Reuse Refresh Token?

1

Mashup’s and CORSMaruti C

Vinit Mehta

Mashup’s

What is a Mashup ?

What are its types ?

• Business (or enterprise) mashups• Consumer mashups• Data mashups

What are the characteristics of a mashup ?

2©2015 Apigee. All Rights Reserved.

Mashup’s

What is a Mashup ?

What are its types ?

• Business (or enterprise) mashups• Consumer mashups• Data mashups

What are the characteristics of a mashup ?


World of Mashup’s


Architecture of Mashup’s

Presentation / User Interface

APIs

Data


Code or Configure



Manage interactions with API consumers and optimize

performance

Secure APIs and protect back-end systems from

attack

Transform, translate and reformat data for easy

consumption

Extend with programming when you need it

Power of Policies

Advantages

• Immediate Value

• Development effort

• Innovate new ideas and use information in ways not originally planned for


{“Hungry?”: “AskAnApigeek!”,“Stressed?": “AskAnApigeek!”,“Car Wash?": “AskAnApigeek!”,“Beer?”: “Definitely_AskAnApigeek!!” }



Cross-Origin Resource Sharing (CORS)

1

Continuous Integration for a Node.js Proxy using Cloud Tools Rakesh Talanki

Apigee Principal Architect

Introduction and Agenda

2

Agenda

3

1. Set up Node.js API in Apigee 8.00

2. Build API scaffolding with Yeoman 15:00

3. Use Grunt to build and deploy 10:00

4. Use Git for Source Control 5.00

5. Test using Postman 10:00

6. Test using Mocha, Chai and Nock 10:00

7. API Documentation 5:00

8. Use Travis to set up CI 30:00 ©2015 Apigee. All Rights Reserved.

Set up Continuous Integration for API’s using Cloud Tools

Getting ready

• Apigee Free Account • NPM and Node.js - https://goo.gl/080g8Q • Git (optional) - https://goo.gl/rTyIvP • Github Free Account – http://www.github.com • Apigee Free Account on Cloud • Travis Account (free)- https://travis-ci.org/

4 ©2015 Apigee. All Rights Reserved.

There must be a way to automate all of tedious work!


Execute Functional Tests

5

Clean API Bundle Files and Folders

Copy Artifacts

Deactivate last revision from the API Services

Import and deploy API bundle to API Services

Deploy and Test Documentation on CMS

Execute Unit Tests

Execute Performance Tests

Any other manual tasks…

Configure Artifacts for each environment (DEV, QA, STG, PROD, etc.)

Package Artifacts (zip)

Package phase

Configure phase

Install phase

Emphasis slide

6

Before After

Continuous Integration

7

Development SCM Build Prod

©2015 Apigee. All Rights Reserved.

SIT UAT

Continuous Integration (CI) is the practice, in software engineering, of merging all developer working copies with a shared mainline several times a day

CI: The Volkswagen Approach


Then, we detect when our tests are being run in a CI server, and make them pass.*

*https://github.com/auchenberg/volkswagen

We master Emission Test Results with Software

Building a CI Environment

9

CI: The Process



Dev Team

Source Code

Version Control

Pull Request or Merge

API Job is triggered

Static Code Analysis

Code coverage analysis

Deploy API Bundle

Run Unit, Functional,

and Performance

Tests

Publish Reports

Update Docs

Step 1: Build an API Proxy


API

Step 2: Decide on a Build Tool


Step 3: Deploy to Apigee on Public Cloud


Step 4: Run Local Tests


Step 5: Use a CI Tool


Step 6: Generate Interactive Documentation


Hands-on

17

Putting it all together: Continuous Integration

18

API Proxy Scaffolding Generator

•  Gets you started with starter API Proxy

•  Standardizes naming conventions by generating policies and other artifacts

•  Based on Yeoman, so it can extended for other tools, not only Grunt, but also Maven

Let’s try it! Install Npm and Node: Open http://nodejs.org in a browser and click Install.

Check: node --version

Upgrade Node to 0.10.35 or higher:

npm cache clean

npm update –g

Install yeoman: npm install –g yo

Install Grunt: npm install –g grunt-cli

Install Grunt plugin: npm install -g generator-apigee-deploy-grunt-api

Run yo: yo apigee-deploy-grunt-api

http://goo.gl/lSZrth

19

API Proxy Scaffolding Generator

Build and Deploy

20

Apigee Deploy Grunt Plugin

•  TDD Ready - Mocha, Jasmine, Karma, any JS test framework and even Jmeter

•  Supports code review - with JSHint and ESLint – cyclomatic complexity

•  Supports Configuration Management - Search and replace based on XPath and RegExp

•  Supports node.js remote deployment and Java Policies

•  Plays well with CI (Continuous Integration) – Jenkins, Travis, Go, Bamboo, etc.

•  Supports reusable policies via search and replace files and Git Submodules

•  It’s way easier to customize via Grunt Custom Tasks

Grunt or Maven?

21

Apigee Deploy Maven Plugin •  Test based on JMeter •  Config Management - Search and replace

based on Xpath •  Plays well with CI – Jenkins mostly. Nice

looking reports •  Supports node.js remote deployment and

Java Policies •  Supports reusable policies via Supports

Proxy Dependency Maven Plugin

▪  Easy and flexible

▪  It’s Node! NPM

▪  Compatible with CI

▪  https://github.com/apigeecs/apigee-deploy-grunt-plugin

▪  Follow steps from README.md

▪  Plays well with TDD frameworks

▪  Empowers the developer to apply continuous improvement to the

lifecycle

22

Grunt API Lifecycle Management Plugin

▪  Configuration Management - apigee-config.js

23

Grunt API Lifecycle Management Plugin

exports.xmlconfig = function(env, grunt){ config = { "test" : [ { "options": { "xpath": "//APIProxy/Description", "value": "<%= grunt.option('gitRevision') %>" }, "files": { "target/apiproxy/<%= apigee_profiles[grunt.option('env')].apiproxy %>.xml": "apiproxy/*.xml" } }, { "options": { "xpath": "//TargetEndpoint/HTTPTargetConnection/URL", "value": "https://weather.yahooapis.com/forecastrss" }, "files": { "target/apiproxy/targets/default.xml": "apiproxy/targets/default.xml" } }, { "options": { "xpath": "//ProxyEndpoint/HTTPProxyConnection/BasePath", "value": "/weathergrunt" }, "files": { "target/apiproxy/proxies/default.xml": "apiproxy/proxies/default.xml" } } ],

✓  More time to focus on what really matters by automating repetitive tasks

✓  Innovation ready. Extensible plugin-based platform

✓  Promotes productivity. Promotes usage of CLI (Command-Line Interface). No need for IDEs

✓  Easy to adopt. No need of CLI. Eclipse IDE Support through M2E and IntellijIDEA, WebStorm

✓  Easy to configure and to track changes. All of its artifacts can live in version control as text files

✓  Multilanguage support. One JVM to rule them all (Ruby, Jython, JavaScript, Groovy, Scala) or even Shell scripts

✓  Tens of Thousands plugins ready in Maven Central

✓  Backed up by Apigee and the open source community

24

Why choose Apigee’s Maven?

Hands-on

25


Let’s try it! http://goo.gl/lSZrth

26

Grunt

Deploy to Apigee

grunt --env=test --username={apigee_edge_email_address} --password={apigee_edge_password} --debug --curl=true --upload-modules

Use apigee gateway and with Yahoo Weather standard Target

https://{org-env}.apigee.net/{api-basepath}/apigee/forecastrss?w=2502265

Use apigee gateway calling Yahoo Weather through Apigee Node.js as Target

https://{org-env}.apigee.net/{api-basepath}/apigee/forecastweather_node?w=2502265

Testing

27

Grunt Tests with Mocha and friends http://goo.gl/xHLzSh

•  TDD (Test Driven Development) for APIs

•  Faster to write than BDD (Behavior Driven Development)

•  Mocha Testing Framework, Chai for Assertions

28

Testing

describe('Check weather in cities', function() { async.each(weatherData.simpleWeatherArray() , function(cityData, callback) { it('you should be able to get forecast weather for ' + cityData.name + ' from this API Proxy.', function(done) { var options = { url: cityData.url, //'https://testmyapi-‐test.apigee.net/weathergrunt/apigee/forecastrss?w=2502265', headers: { 'User-‐Agent': 'request' } } request(options, function (error, response, body) { expect(body).to.contain(cityData.name) //Sunnyvale, Madrid assert.equal(cityData.responseCode, response.statusCode) done() }) }) callback(); }); });

POSTMAN •  Postman an API Testing tool

•  Very widely used by Developer and Tester community

•  Add Jetpacks - They are awesome $9 upgrades

29

Testing

POSTMAN with Newman Newman

–  A command-line collection runner for Postman.

–  It allows you to effortlessly run and test a Postman collection

–  Can be Integrated with your build tools like Maven/Grunt and make it part of your CI build

–  https://www.getpostman.com/docs/newman_intro

30

Testing

JMeter

31

Testing

▪  Get examples https://github.com/apigee/apigee-deploy-maven-plugin ▪  Use assertions to

▪  Validate response codes ▪  Validate payload content ▪  Validate schemas (JSON – DRAFT04) ▪  Validate response times. Spot network latency and performance issues

32

Mocks with Nock

•  Promotes CDC (Consumer-Driven Contract)

•  Promotes faster development

•  No backend? No problem

–  Issues with starting development without a contract in place:

•  There’s no formality, downstream systems changes, no one knows! ☹

•  Downstream systems can run tests to verify whether they’re breaking the contract

•  There’s a backend? No problem

–  Nock can record request and response objects

•  Request/response: content, headers, status codes, delay, etc.

Demo

33


Let’s try it! Goto Postman and Create a collection of tests

Download your collection

Install newman: npm install -g newman Run your collection: newman -c mycollection.json

Run your collection 10 times: newman -c mycollection.json -n 10

34

POSTMAN/Newman

Let’s try it! http://goo.gl/pDxzYG

35

Mocha/Chai

Adding Tests Add to tests/weatherapi.js

Adding Data Driven Tests If your tests need data that can be fetched via XHR, stick a .json file in the data

directory, you can access it at /data/<filename>.json.

Source Code Management

36

SCM

▪  Define your branching and merging strategy from the get go

▪  Opt for a scalable model

▪  Single Repo vs. Multiple Repos

▪  Communicate and provide feedback through pull requests (aka. social coding)

▪  Apply CI and avoid big bang merges

▪  Practice, practice, practice

▪  API Artifacts

–  API proxy source code (XML, JS, Java, Python, binaries, etc.)

–  API Documentation (Markdown, HTML) ▪  Testing Artifacts

–  Scripts

–  Data

▪  Configuration, Deployment and management scripts

–  Management API requests to create entities like target servers and data stores

–  Configuration Data

▪  Keep sensitive data out of SCM

SCM

What can be managed in SCM?

Source code management: “Fork-and-pull” model

Production Environment

Developer Workstation

Fork repository

Clone to w

orkstation

Deploy and test

1

2

3

4

Development Environment

Testing Environment

Com

mit

to c

lone

re

posi

tory

Issue pull request

5

Deploy to test

Deploy to production

67 8Committers

▪  Identify benefits of SCM

▪  Apply fork and pull requests

▪  Learn SCM models pros and cons

▪  Monolithic vs Single and Multiple Repos

▪  Identify SCM branch types and how to use them

▪  Apply merging

40

Summary


41


Principles ▪  Maintain a code repository

▪  Automate the build ▪  Make the build self-testing

▪  Keep the build fast ▪  Make it easy to get the latest deliverables ▪  Everyone can see the results of the latest build

▪  Automate deployment

43

The Full Circle


Dev Team

Source Code

Version Control

Pull Request or Merge

API Job is triggered

Static Code Analysis

Code coverage analysis

Deploy API Bundle

Run Unit, Functional,

and Performance

Tests

Publish Reports

Update Docs

–  API Lifecycle –  Tooling: Jenkins and Travis – Connect to a Git Repo –  Leverage

–  Maven Plugin –  Grunt

Reap Your Benefits!!!

•  Makes it visible and measurable!!! •  Faster to Market!!! •  Save on Maintenance $$$!!!

44

Continuous Integration and Deployment

Demo

45


Let’s try it! https://travis-ci.org

46

Travis Integration If you do not have git installed, then

●  Fork my repository https://github.com/rakeshtl/CI-‐Travis.git If you have git installed, then

●  Create New Public Repository -‐ https://github.com/new ●  Goto your directory and run the following commands ●  Npm install –g git ●  git init ●  git add . ●  git commit -‐m "first commit" ●  git remote add origin https://github.com/{....} (eg. https://github.com/rakeshtl/grunt-tests.git) ●  git push -‐u origin master

CI on Travis

●  Goto https://travis-‐ci.org ●  Add a New Repository ●  Goto your Profile, Flick the repository switch on (toggle the checkbox) ●  Add the two environment variables -‐ ae_username, ae_password

○  Provide Apigee Credentials ●  Ensure .travis.yml file is in your repository ●  Trigger your first build with a git push (git add, git commit -m "committing", git push) ●  Goto your home page on Travis and watch the build ●  Check your Email for Notifications.

Go For IT!!!

API Documentation

48

•  Interactive documentation is becoming the standard for documenting your APIs (e.g. swagger).

•  Always treat documentation as code and keep it in version control.

•  Functional changes to code likely change how consumers use the API.

•  Deploy documentation when you deploy the API code.

49

Things to Think About…

© 2013 Apigee Confidential – All Rights Reserved

API Modeling Describe an API structure

SmartDocs Generate interactive documentation

API-based Integrate with any portal / CMS

50

Apigee Edge Developer Services

gh-pages

Other CMS

Apigee SmartDocs Overview

Thank you

Fall 2014