open standards for social business apps
TRANSCRIPT
IBM Innovate 2013 Open Standards For Social Business Apps
Ryan Baxter | Philippe RiandICS Development [email protected] | [email protected]
© 2013 IBM Corporation
2
Please note the following
IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion.
Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision.
The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
3
Agenda Open Standards Used Within ICS
ActivityStrea.ms
OAuth
OpenSocial
SAML
Bringing It All Together
Partner Examples
4
Most Used APIs (2012)
MappingSocialSearchPhotosShoppingVideoMusicTelephonyInternetMessaging
Source: Programmable Web 2012
5
Social API Growth
2005 2006 2007 2008 2009 2010 2011 2012
0
50
100
150
200
250
300
350
400
450
500
Source: Programmable Web
6
IBM leads with Open StandardsMaximizing integration possibilities
Enabling the next generation of socially-enabled solutions to enhance customers' existing investments and heterogeneous platforms
– Focus on open standards and “loosely coupled” web-centric architectures
A commitment to drive and leverage open standards
– Maximize choice, flexibility, and ease of integration
– Drive enterprise innovation and leverage rapid innovation on the public web
– Minimize incremental cost of targeting additional desktop and mobile platforms
– Leverage dominant skill-sets based around web technologies
7
HTML 5 and CSS3
As browsers evolve your apps can start to take advantage of the new features available in HTML5 and CSS3
– XPages, Gadgets, iWidgets, Portlets, etc
New structural tags
– new media tags, canvas, local storage, geolocation
File Access
– Access to the local file system
Presentation
– CSS3 include many native styles which could only be achieved with JS libraries before
Connectivity
– Know whether you are online or offline
Storage
– Local storage is available in the browser
8
Agenda Open Standards For Social Apps
ActivityStrea.ms
OAuth
OpenSocial
SAML
Bringing It All Together
Partner Examples
9
ActivityStrea.ms
The primary event propagation mechanism for Social Business
Streams contain events and the means to act upon them
Those means, for users to execute tasks without a sovereign pivot, include embedded experiences
The lead editor for the ActivityStream specification JSON is James Snell from IBM
Implementations Include: MySpace, Microsoft Windows
Live, Google Buzz, BBC, Opera, TypePad, Gowalla, Yammer, Gnip, SocialCast,
Superfeedr, Tibber, YIID
SmartCloud, Connections, Notes/Domino, Rational Team
Concert, Sterling . . .
10
Activity Streams Keep Your Users Up To Date
REST API and data model backed by the OpenSocial standard
– JSON data model - easy to use in your web apps
3rd party apps can post entries to the activity stream
– Inside and outside of Connections
Integrate the Connections activity stream into your apps
– This is how we integrate the activity stream into Notes
– If your app is an OpenSocial container you can render embedded experiences too!
12
Agenda Open Standards For Social Apps
ActivityStrea.ms
OAuth
OpenSocial
SAML
Bringing It All Together
Partner Examples
13
OAuth
Delegated Authorization provides a means for interaction between gadgets
Can use a variety of authorization mechanisms (SAML, etc.)
Cornerstone of security in Social Business
Rapidly evolving specification Implementations Include: Facebook, MySpace, Microsoft Windows Live, Google, BBC,
Opera, TypePad, Gowalla, Gnip, SocialCast, Superfeedr, Tibber,
YIID, Cisco, Yammer, SAP, Jive, Atlassian, IBM SmartCloud,
Yahoo, LifeRay, Oracle, Magneto, Tibco Tibbr, Surfnet, Paypal . . .
SmartCloud, Connections, Notes/Domino Social Edition, Rational Team Concert, Tivoli,
Websphere, Sterling . .
14
OAuth Step 1
User Partner Application OAuth Provider
Register application Provide client ID and secret
15
OAuth Step 2
User Partner Application OAuth Provider
Open applicationRedirect browser to OAuth
provider
Login to OAuth provider
Append authorization code to URL
Redirect browser callback URL
16
OAuth Step 3, 4, 5
User Partner Application OAuth Provider
Request access and refresh token
Exchange authorization code for access and refresh tokens
Request API access using access token
Grant access to API
Make API call with access token
Allow API access
Step 3
Step 4
Step 5
17
OAuth...Authorization NOT Authentication• It is important to remember OAuth stands for Open Authorization NOT Open
Authentication
– It allows you to authorize 3rd party apps (like yours!) to access information on a user's behalf
– Don't reinvent the wheel, there are plenty of open source OAuth client implementations to use
• XPages Social Enabler
• IBM Social Business Toolkit
• Connections 4 is both an OAuth 2.0 provider and client
– All Connections APIs can be access via OAuth from your application
• IBM SmartCloud for Social Business is an OAuth 2.0 & 1.0a provider
– All SmartCloud for Social Business APIs can be access via OAuth from your application
• Notes and Domino Social Edition is an Oauth 2.0 & 1.0a client
18
Agenda• Open Standards For Social Apps
• ActivityStrea.ms
• OAuth
• OpenSocial
• SAML
• Bringing It All Together
• Partner Examples
19
OpenSocial
• Social APIs and Mini Applications (Gadgets)
• IBM has a leadership role including – On the Board of Directors
– Committers on Apache Shindig
– Has been instrumental in drafting the OpenSocial 2.0 & 2.5 specification
– Invented and gave to the community Embedded Experiences and many, many more capabilities
– Provided enterprise extensions
Implementations Include: Cisco, SAP, Jive, Atlassian, IBM SmartCloud,
Google, Yahoo, MySpace, LifeRay, Oracle, Magneto, Tibco Tibbr,
Surfnet, Paypal . . .
SmartCloud, IBM Connections, IBM Notes/Domino®, Rational Team
ConcertTM, Sterling. . .
20
Using OpenSocial• OpenSocial is used today in Connections, Notes and Domino Social Edition, and IBM
SmartCloud for Social Business
• You can use OpenSocial gadgets as your application model or as a component to your application
• The same gadgets will render in Notes, iNotes, and Connections....build it once run it across the portfolio!
• Embedded experiences give you an enhanced notification model for your applications and they are backwards compatible!
• Technology agnostic, its just web technologies use what you want!
– Dojo, JQuery, and other JavaScript libraries
21
Notifications With Embedded Experiences
GadgetAction
Taken In Your App
Your App
Standard MIME Email
Activity Entry
EE Data Model
22
Embedded Experiences• Changing the way you get notifications
– The goal is to make notifications more useful and interactive
– Supported in email and activity streams
• IBM Connections, IBM Connections Mail, IBM Notes 9, IBM iNotes 9
• JSON + XML
• Two types
– Gadget + Context data
{
"gadget" : "http://www.socialnetwork.com/embedded/commentgadget.xml",
"context" : 123
}
– URL
{
“url” : “http://domino.com/myxpage.xsp”
}
23
Email Embedded Experience From: [email protected]
Subject: Social Network: Mary Has Commented On Your Status
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="XXXXboundary text"
Mary has commented on your status.
--XXXXboundary text
Content-Type: text/plain
Mary has commeneted on your status.
--XXXXboundary text
Content-Type: text/html
<html>
<!-- HTML representation here -->
</html>
--XXXXboundary text
Content-Type: application/embed+json
{
"gadget" : "http://www.socialnetwork.com/embedded/commentgadget.xml",
"context" : 123
}
24
Activity Stream Embedded Experience
{
"postedTime": "2011-02-10T15:04:55Z",
"actor": {...},
"verb": "post",
"object" : {...},
"openSocial" : {
"embed" : {
"gadget" : "http://example.org/AlbumViewer.xml",
"context" : {
"albumName": "Germany 2009",
"photoUrls": [...]
}
}
}
}
26
Agenda• Open Standards For Social Apps
• ActivityStrea.ms
• OAuth
• OpenSocial
• SAML
• Bringing It All Together
• Partner Examples
27
SAML• SAML is a SSO standard published by OASIS
• XML-based framework for communicating user authentication, entitlement, and attribute information
• The user is then authenticated with every application that also uses the IdP
– Domino and Websphere both support SAML
– Use an IdP such as IBM Tivoli Access Manager, Tivoli Federated Identity Manager or Microsoft Active Directory Federation Services
• Benefits
– Platform neutrality
– Loose coupling of directories
– Improved online experience for end users
– Reduced administrative costs for service providers
– Risk transference
29
Agenda• Open Standards For Social Apps
• ActivityStrea.ms
• OAuth
• OpenSocial
• SAML
• Bringing It All Together
• Partner Examples
30
Common Standards Based Use Cases• HTML 5
– Leverage HTML5 (if you can) in your web apps, XPages, iWidgets, OpenSocial Gadgets, J2EE apps
• ActivityStrea.ms
– Apps should try to leverage the activity stream in Connections 4 as a notification mechanism for your users social network
– Provide embedded experiences to make your notifications more interactive
• Use OAuth instead of basic auth
– OAuth is more secure than basic auth so where possible take advantage of it in Connections 4 and SmartCloud
– Use the IBM Social Business Toolkit SDK, the XPages Social Enabler to make using OAuth easier
• OpenSocial
– Use gadgets for embedded experiences in email and activity stream notifications to make them more interactive
– Build a gadget for your app to allow cross product integration
32
Agenda• Open Standards For Social Apps
• ActivityStrea.ms
• OAuth
• OpenSocial
• SAML
• Bringing It All Together
• Partner Examples
33
Kudos Badges for IBM Connections
Kudos Badges - Measure, Reward & Drive Adoption of IBM Connections
Kudos Thanks - Peer to Peer Recognition
Kudos Analytics – Report & Measure Connections usage and behavior
Native Integration for Connections with iWidget, OpenSocial, Mobile & Embedded Experience Support
kudosbadges.com [email protected]
34
iEnterprises / Social Smart Software
Social and Mobile Software
i-Comply Social Media Compliance Software
i-Comply Social Media Brand Management
Extends IBM Connections To Facebook To LinkedIn To Twitter
IBM Notes 9 Integration Embedded Experience Widgets
John Carini, [email protected]
36
Daily Apple TV giveaway Complete your session surveys online each day at a conference kiosk or on
your Innovate 2013 Portal!
Each day that you complete all of that day’s session surveys, your name will be entered to win the daily Apple TV!
On Wednesday be sure to complete your full conference evaluation to receive your free conference t-shirt!
37
Acknowledgements and disclaimers
© Copyright IBM Corporation 2013. All rights reserved.
– U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
IBM, the IBM logo, ibm.com, Rational, the Rational logo, Telelogic, the Telelogic logo, Green Hat, the Green Hat logo, and other IBM products and services are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml
Other company, product, or service names may be trademarks or service marks of others.
Availability: References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates.
The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.
38
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.