SlideShare a Scribd company logo

Workshop: API Management

Download as PPT, PDF
WSO2, profile picture
WSO2

The document outlines the agenda and key topics for a WSO2 API Management workshop, including an introduction to the API economy, API management exercises, and demonstrations of the WSO2 Identity Server. It emphasizes the importance of API management capabilities such as creation, security, monitoring, and analytics while explaining the roles involved in API management. Additionally, it discusses enterprise identity solutions, multi-factor authentication, and highlights various WSO2 products and their open-source nature.

Technology
1 of 53
Downloaded 257 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
@pzfreo #wso2 API Management Workshop JAX London Paul Fremantle Senaka Fernando @pzfreo #wso2
Agenda • Introductions and Welcome • API Economy and Vision • API Management Overview • API Management Exercise • Short Introduction to WSO2 Identity Server • Identity Server demonstration @pzfreo #wso2
Open Enterprise Credit: KuppingerCole @pzfreo #wso2
Changing models of business @pzfreo #wso2
Frictionless Business • Integration with other companies and organizations • API Management • Self-signup for developers • Almost zero cost per transaction • Approaching zero time for onboarding @pzfreo #wso2
@pzfreo #wso2
Connected Platform @pzfreo #wso2
APIs meet SOA @pzfreo #wso2 8
Managing APIs o An API is a business capability delivered over the Internet to internal or external consumers o Network accessible function o Available using standard web protocols o With well-defined interfaces o Designed for access by third-parties o A Managed API is: o Actively advertised and subscribe-able o Available with SLAs o Secured, authenticated, authorized and protected o Monitored and monetized with analytics @pzfreo #wso2 9
API Centric Capabilities @pzfreo #wso2 10
API Management Space o Create APIs o WSO2 Application Server, Data Services Server and ESB, any other platform o Find and subscribe/buy APIs o API Store and Governance o Manage, secure and protect APIs o API Management and Gateway o Monitor and Monetize APIs o API Monitoring and Analytics @pzfreo #wso2 11
Core Concepts • Components • Users and Roles • Lifecycle Management • Publisher • Store • Gateway • Deployment • Analytics @pzfreo #wso2
API Manager Product and Platform @pzfreo #wso2 13
API Manager Components @pzfreo #wso2 14
Roles o API Creator o Designs, Implements, manages and versions API o Understand business and technical requirements o Cares about usage and scaling o Seeks feedback, ratings, usage o API Publisher o Publishes, Promotes and encourages consumers to adopt APIs o Determines usage patterns and how to best monetize asset o Monitors and secures o API Consumer o Understands the interface definition o Subscribes and connects application to API o Monitors own usage and cost basis o Provides feedback and ratings @pzfreo #wso2 15
API Life Cycle Management @pzfreo #wso2 16
Publisher https://apimgr:9443/publisher @pzfreo #wso2
Publisher @pzfreo #wso2
API Store (Portal) @pzfreo #wso2
API Store: Customization @pzfreo #wso2
API Store: Social Features o Share with fellow developers via social media or mail o Embed API link into blogs, Tweets, etc. @pzfreo #wso2
Workflows o Available for user self-sign up, API subscription and application creation o Provides extension point to engage custom workflow. Default sample implementation leverages WSO2 Business Process Server, but other engines could be used. @pzfreo #wso2
API Gateway Processing Flow @pzfreo #wso2
API Access Tokens o OAuth2 standard compliant o Supports multiple grant types o SAML, IWA/NTLM o Client credential, Implicit, Password o Pre-generated Access Token: can be used from an application, to identify the application itself o On-demand Access Token: generated via API call, using Consumer Key and Consumer Secret - Identifies the end user of an application (web applications, mobile applications) @pzfreo #wso2 24
@pzfreo #wso2
Scalable Deployment @pzfreo #wso2
Other deployment aspects • Support for staging and migration between environments • Support for separate gateways for Prod and Sandbox • Support for splitting into DMZ / Intranet zones • Highly flexible architecture @pzfreo #wso2
Analytics o API Manager supports out of the box: o Google Analytics o WSO2 Business Activity Monitor Analytics @pzfreo #wso2 28
Why Analytics are important • Build confidence in the API model • Understand your customer – Not just the developer but also the end-user • Help manage services and versions – Understand when deprecated services can be retired • Plan better – Monitor the growth of aggregated API traffic – Monitor the growth of specific apps @pzfreo #wso2 29
Sample API Analytics @pzfreo #wso2 30
Multi-Tenancy @pzfreo #wso2
Hands on • Use the API Publisher – As a creator and a publisher • Sign up as a third-party developer • Subscribe to an API • Utilize production and sandbox endpoints • View analytics and usage stats • Version an API (extension) @pzfreo #wso2
Hands on setup • VirtualBox VM • Ultra-simple node.js backend • Pre-configured API manager and Business Activity Monitor – Installed – Configured to work together – Setup to use hostname apimgr – Added users and roles • A subset of the “Quick Start Guide” http://freo.me/am170-qs @pzfreo #wso2
@pzfreo #wso2 Identity Server and Federated Identity
@pzfreo #wso2
Multi-Factor Authentication @pzfreo #wso2
Multi-Factor Authentication • Something you just forgot • Something you just lost • Some part of your body you just injured @pzfreo #wso2
Tokens @pzfreo #wso2
Federated SAML2 @pzfreo #wso2 IdIdPP IdIdPP IdIdPP IdIdPP SSPP SSPP SSPP SSPP
The Enterprise Identity Bus @pzfreo #wso2
Demo • Quick overview of Identity Server console • Set up of Salesforce domain • Definition of the SP in IS • Demonstrate login • Show Facebook App definition • Show Facebook Configuration in IS • Change to use Facebook • Login with Facebook @pzfreo #wso2
Salesforce setup @pzfreo #wso2
Identity User Portal @pzfreo #wso2
SSO and Identity Federation @pzfreo #wso2
Identity Provisioning @pzfreo #wso2
Identity Bus Tokens and Claims @pzfreo #wso2
Identity Bus Provisioning Bus @pzfreo #wso2
Fine-grained Access Control @pzfreo #wso2
@pzfreo #wso2
@pzfreo #wso2 Carbon Combinations • Identity Server + Governance Registry • Identity Server + BAM + CEP • Identity Server + API Manager • Identity Server + App Manager • Identity Server + Business Process Server • Etc… 50
@pzfreo #wso2 App Manager Launching Q4 * IdP (WSO2 Identity Server) (WSO2 Business Activity Monitor)
More about WSO2 • All 100% Open Source under the Apache License • A complete middleware platform • Sessions @ JAX: – Keynote – Connecting the World (Tuesday 9am) – Understanding Real Time Event Processing through Football • Senaka Fernando – Tuesday 11:45am – Apache Stratos: the PaaS from Apache • Lakmal Warusawithana – Wednesday 11:30am @pzfreo #wso2
Questions? @pzfreo #wso2 https://www.flickr.com/photos/-bast-

More Related Content

PPTX
Application Performance Monitoring (APM)
Site24x7
 
PPSX
APIs as a Product Strategy
Ravi Kumar
 
PPTX
02 api gateway
Janani Velmurugan
 
PDF
Architecting an Enterprise API Management Strategy
WSO2
 
PDF
API Management - Why it matters!
Sven Bernhardt
 
PPT
API Management architect presentation
sflynn073
 
PPTX
API Management Within a Microservices Architecture
Nadeesha Gamage
 
PDF
API Management Solution Powerpoint Presentation Slides
SlideTeam
 
Application Performance Monitoring (APM)
Site24x7
 
APIs as a Product Strategy
Ravi Kumar
 
02 api gateway
Janani Velmurugan
 
Architecting an Enterprise API Management Strategy
WSO2
 
API Management - Why it matters!
Sven Bernhardt
 
API Management architect presentation
sflynn073
 
API Management Within a Microservices Architecture
Nadeesha Gamage
 
API Management Solution Powerpoint Presentation Slides
SlideTeam
 

What's hot (20)

PDF
API Governance
Sunil Kuchipudi
 
PDF
Webhooks
Guillaume POTIER
 
PPTX
API Management
Prolifics
 
PDF
Definitive Guide to API Management
Apigee | Google Cloud
 
PPT
Application Performance Monitoring
Olivier Gérardin
 
PDF
FIDO2 & Microsoft
FIDO Alliance
 
PDF
Crafting an API Strategy with an API Marketplace
WSO2
 
PPTX
Api gateway in microservices
Kunal Hire
 
PPTX
Introduction to AWS API Gateway Presentation
Knoldus Inc.
 
PDF
How Secure Are Your APIs?
Apigee | Google Cloud
 
PPTX
Apigee Products Overview
Apigee | Google Cloud
 
PPTX
Vanrish Mulesoft Integration architect ppt
Rajnish Kumar
 
PDF
API-first design - Basis for an consistent API-Management approach
Sven Bernhardt
 
PDF
Azure Application insights - An Introduction
Matthias Güntert
 
PDF
Webcast: Deep-Dive Apigee Edge Microgateway
Apigee | Google Cloud
 
PDF
Why Microservice
Kelvin Yeung
 
PDF
Building APIs with the OpenApi Spec
Pedro J. Molina
 
PDF
[Azure Governance] Lesson 2 : Azure Locks
☁ Hicham KADIRI ☁
 
PPTX
How to Execute a Successful API Strategy
Matt McLarty
 
PPTX
API Management in Digital Transformation
Aditya Thatte
 
API Governance
Sunil Kuchipudi
 
Webhooks
Guillaume POTIER
 
API Management
Prolifics
 
Definitive Guide to API Management
Apigee | Google Cloud
 
Application Performance Monitoring
Olivier Gérardin
 
FIDO2 & Microsoft
FIDO Alliance
 
Crafting an API Strategy with an API Marketplace
WSO2
 
Api gateway in microservices
Kunal Hire
 
Introduction to AWS API Gateway Presentation
Knoldus Inc.
 
How Secure Are Your APIs?
Apigee | Google Cloud
 
Apigee Products Overview
Apigee | Google Cloud
 
Vanrish Mulesoft Integration architect ppt
Rajnish Kumar
 
API-first design - Basis for an consistent API-Management approach
Sven Bernhardt
 
Azure Application insights - An Introduction
Matthias Güntert
 
Webcast: Deep-Dive Apigee Edge Microgateway
Apigee | Google Cloud
 
Why Microservice
Kelvin Yeung
 
Building APIs with the OpenApi Spec
Pedro J. Molina
 
[Azure Governance] Lesson 2 : Azure Locks
☁ Hicham KADIRI ☁
 
How to Execute a Successful API Strategy
Matt McLarty
 
API Management in Digital Transformation
Aditya Thatte
 
Ad

Viewers also liked (20)

PPT
Why APIs are not SOA++
Apigee | Google Cloud
 
PDF
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Kai Wähner
 
PDF
Best Practices for API Management
WSO2
 
PPTX
SAP API Management and API Business Hub (TechEd Barcelona)
Harsh Jegadeesan
 
PDF
Welcome to the API Economy: Developing Your API Strategy
MuleSoft
 
PDF
API Business Models
John Musser
 
PPT
Enterprise API deployment best practice
Sanjay Roy
 
PDF
API Management point of view
Ravish Adka Rao
 
PDF
API Introduction - API Management Workshop Munich from Ronnie Mitra
CA API Management
 
PPTX
API Athens Meetup - API standards 25-6-2014
Michael Petychakis
 
PDF
Best Practice in API Design
Lorna Mitchell
 
PPTX
Extended Security with WSO2 API Management Platform
WSO2
 
PDF
Rapid Api Prototyping
Kong Inc.
 
PDF
State of APIs: API trends from Nordic APIs Copenhagen & Sundsvall
Andreas Krohn
 
PDF
Running an API 24/365
Nordic APIs
 
PDF
WSO2 Identity Server - Product Overview
WSO2
 
PPTX
Pie for Sale: Timeless Lessons in API Advocacy (Adam DuVander)
Nordic APIs
 
PDF
Authorization The Missing Piece of the Puzzle
Nordic APIs
 
PDF
GraphQL vs REST
GreeceJS
 
PPTX
Public Transport APIs – How we are using and creating long lasting APIs at No...
Nordic APIs
 
Why APIs are not SOA++
Apigee | Google Cloud
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Kai Wähner
 
Best Practices for API Management
WSO2
 
SAP API Management and API Business Hub (TechEd Barcelona)
Harsh Jegadeesan
 
Welcome to the API Economy: Developing Your API Strategy
MuleSoft
 
API Business Models
John Musser
 
Enterprise API deployment best practice
Sanjay Roy
 
API Management point of view
Ravish Adka Rao
 
API Introduction - API Management Workshop Munich from Ronnie Mitra
CA API Management
 
API Athens Meetup - API standards 25-6-2014
Michael Petychakis
 
Best Practice in API Design
Lorna Mitchell
 
Extended Security with WSO2 API Management Platform
WSO2
 
Rapid Api Prototyping
Kong Inc.
 
State of APIs: API trends from Nordic APIs Copenhagen & Sundsvall
Andreas Krohn
 
Running an API 24/365
Nordic APIs
 
WSO2 Identity Server - Product Overview
WSO2
 
Pie for Sale: Timeless Lessons in API Advocacy (Adam DuVander)
Nordic APIs
 
Authorization The Missing Piece of the Puzzle
Nordic APIs
 
GraphQL vs REST
GreeceJS
 
Public Transport APIs – How we are using and creating long lasting APIs at No...
Nordic APIs
 
Ad

Similar to Workshop: API Management (20)

PDF
WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2
 
PDF
How to Build, Manage, and Promote APIs
WSO2
 
PDF
API, Integration, and SOA Convergence
Kasun Indrasiri
 
PPT
Six Steps To Build A Successful API
Chris Haddad
 
PPT
Six Steps to Build Successful APIs
WSO2
 
PDF
[Workshop] API-driven Integration
WSO2
 
PDF
Top 7 wrong common beliefs about Enterprise API implementation
OCTO Technology
 
PDF
Octo API-days 2015
Antoine CHANTALOU
 
PDF
WSO2 API Manager 2.0 - Overview
Edgar Silva
 
PDF
The Future is Now: What’s New in ForgeRock Identity Gateway
ForgeRock
 
PPTX
API designing with WSO2 API Manager
WSO2
 
PDF
Apidays Paris 2023 - Building an Inventory, Maria Teresa Pereira, KPMG Portugal
apidays
 
PDF
Presentation WSO2 workshop Brussels September 24th 2014 (APIs-Integration)
Yenlo
 
PDF
Presentation WSO2 Brussel workshop September 24th 2014 (Connect the world)
Yenlo
 
PDF
WSO2 API Manager - Product Overview
WSO2
 
PDF
Liferay as a headless platform
Jorge Ferrer
 
PDF
Extend soa with api management Sangam18
Vinay Kumar
 
PDF
apidays New York 2023 - The API portal is dead, long live the Platform- and I...
apidays
 
PDF
João Emilio Santos Bento da Silva - Estratégia de APIs
DevCamp Campinas
 
PDF
5 Pillars of Building Enterprise0grade APIs
WSO2
 
WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2
 
How to Build, Manage, and Promote APIs
WSO2
 
API, Integration, and SOA Convergence
Kasun Indrasiri
 
Six Steps To Build A Successful API
Chris Haddad
 
Six Steps to Build Successful APIs
WSO2
 
[Workshop] API-driven Integration
WSO2
 
Top 7 wrong common beliefs about Enterprise API implementation
OCTO Technology
 
Octo API-days 2015
Antoine CHANTALOU
 
WSO2 API Manager 2.0 - Overview
Edgar Silva
 
The Future is Now: What’s New in ForgeRock Identity Gateway
ForgeRock
 
API designing with WSO2 API Manager
WSO2
 
Apidays Paris 2023 - Building an Inventory, Maria Teresa Pereira, KPMG Portugal
apidays
 
Presentation WSO2 workshop Brussels September 24th 2014 (APIs-Integration)
Yenlo
 
Presentation WSO2 Brussel workshop September 24th 2014 (Connect the world)
Yenlo
 
WSO2 API Manager - Product Overview
WSO2
 
Liferay as a headless platform
Jorge Ferrer
 
Extend soa with api management Sangam18
Vinay Kumar
 
apidays New York 2023 - The API portal is dead, long live the Platform- and I...
apidays
 
João Emilio Santos Bento da Silva - Estratégia de APIs
DevCamp Campinas
 
5 Pillars of Building Enterprise0grade APIs
WSO2
 

More from WSO2 (20)

PDF
Demystifying CMS-0057-F - Compliance Made Seamless with WSO2
WSO2
 
PDF
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
WSO2
 
PDF
Modern Platform Engineering with Choreo - The AI-Native Internal Developer Pl...
WSO2
 
PDF
Application Modernization with Choreo - The AI-Native Internal Developer Plat...
WSO2
 
PDF
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
WSO2
 
PDF
Platformless Modernization with Choreo.pdf
WSO2
 
PDF
Application Modernization with Choreo for the BFSI Sector
WSO2
 
PDF
Choreo - The AI-Native Internal Developer Platform as a Service: Overview
WSO2
 
PDF
[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service
WSO2
 
PPTX
WSO2Con 2025 - Building AI Applications in the Enterprise (Part 1)
WSO2
 
PPTX
WSO2Con 2025 - Building Secure Business Customer and Partner Experience (B2B)...
WSO2
 
PPTX
WSO2Con 2025 - Building Secure Customer Experience Apps
WSO2
 
PPTX
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
PPTX
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
PPTX
WSO2Con 2025 - Unified Management of Ingress and Egress Across Multiple API G...
WSO2
 
PPTX
WSO2Con 2025 - How an Internal Developer Platform Lets Developers Focus on Code
WSO2
 
PPTX
WSO2Con 2025 - Architecting Cloud-Native Applications
WSO2
 
PDF
Mastering Intelligent Digital Experiences with Platformless Modernization
WSO2
 
PDF
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
PDF
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
Demystifying CMS-0057-F - Compliance Made Seamless with WSO2
WSO2
 
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
WSO2
 
Modern Platform Engineering with Choreo - The AI-Native Internal Developer Pl...
WSO2
 
Application Modernization with Choreo - The AI-Native Internal Developer Plat...
WSO2
 
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
WSO2
 
Platformless Modernization with Choreo.pdf
WSO2
 
Application Modernization with Choreo for the BFSI Sector
WSO2
 
Choreo - The AI-Native Internal Developer Platform as a Service: Overview
WSO2
 
[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service
WSO2
 
WSO2Con 2025 - Building AI Applications in the Enterprise (Part 1)
WSO2
 
WSO2Con 2025 - Building Secure Business Customer and Partner Experience (B2B)...
WSO2
 
WSO2Con 2025 - Building Secure Customer Experience Apps
WSO2
 
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
WSO2Con 2025 - Unified Management of Ingress and Egress Across Multiple API G...
WSO2
 
WSO2Con 2025 - How an Internal Developer Platform Lets Developers Focus on Code
WSO2
 
WSO2Con 2025 - Architecting Cloud-Native Applications
WSO2
 
Mastering Intelligent Digital Experiences with Platformless Modernization
WSO2
 
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 

Recently uploaded (20)

PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
Doc9.....................................
SofiaCollazos
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PPTX
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PDF
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PPTX
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
Doc9.....................................
SofiaCollazos
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 

Workshop: API Management

  • 1. @pzfreo #wso2 API Management Workshop JAX London Paul Fremantle Senaka Fernando @pzfreo #wso2
  • 2. Agenda • Introductions and Welcome • API Economy and Vision • API Management Overview • API Management Exercise • Short Introduction to WSO2 Identity Server • Identity Server demonstration @pzfreo #wso2
  • 3. Open Enterprise Credit: KuppingerCole @pzfreo #wso2
  • 4. Changing models of business @pzfreo #wso2
  • 5. Frictionless Business • Integration with other companies and organizations • API Management • Self-signup for developers • Almost zero cost per transaction • Approaching zero time for onboarding @pzfreo #wso2
  • 8. APIs meet SOA @pzfreo #wso2 8
  • 9. Managing APIs o An API is a business capability delivered over the Internet to internal or external consumers o Network accessible function o Available using standard web protocols o With well-defined interfaces o Designed for access by third-parties o A Managed API is: o Actively advertised and subscribe-able o Available with SLAs o Secured, authenticated, authorized and protected o Monitored and monetized with analytics @pzfreo #wso2 9
  • 10. API Centric Capabilities @pzfreo #wso2 10
  • 11. API Management Space o Create APIs o WSO2 Application Server, Data Services Server and ESB, any other platform o Find and subscribe/buy APIs o API Store and Governance o Manage, secure and protect APIs o API Management and Gateway o Monitor and Monetize APIs o API Monitoring and Analytics @pzfreo #wso2 11
  • 12. Core Concepts • Components • Users and Roles • Lifecycle Management • Publisher • Store • Gateway • Deployment • Analytics @pzfreo #wso2
  • 13. API Manager Product and Platform @pzfreo #wso2 13
  • 14. API Manager Components @pzfreo #wso2 14
  • 15. Roles o API Creator o Designs, Implements, manages and versions API o Understand business and technical requirements o Cares about usage and scaling o Seeks feedback, ratings, usage o API Publisher o Publishes, Promotes and encourages consumers to adopt APIs o Determines usage patterns and how to best monetize asset o Monitors and secures o API Consumer o Understands the interface definition o Subscribes and connects application to API o Monitors own usage and cost basis o Provides feedback and ratings @pzfreo #wso2 15
  • 16. API Life Cycle Management @pzfreo #wso2 16
  • 19. API Store (Portal) @pzfreo #wso2
  • 20. API Store: Customization @pzfreo #wso2
  • 21. API Store: Social Features o Share with fellow developers via social media or mail o Embed API link into blogs, Tweets, etc. @pzfreo #wso2
  • 22. Workflows o Available for user self-sign up, API subscription and application creation o Provides extension point to engage custom workflow. Default sample implementation leverages WSO2 Business Process Server, but other engines could be used. @pzfreo #wso2
  • 23. API Gateway Processing Flow @pzfreo #wso2
  • 24. API Access Tokens o OAuth2 standard compliant o Supports multiple grant types o SAML, IWA/NTLM o Client credential, Implicit, Password o Pre-generated Access Token: can be used from an application, to identify the application itself o On-demand Access Token: generated via API call, using Consumer Key and Consumer Secret - Identifies the end user of an application (web applications, mobile applications) @pzfreo #wso2 24
  • 27. Other deployment aspects • Support for staging and migration between environments • Support for separate gateways for Prod and Sandbox • Support for splitting into DMZ / Intranet zones • Highly flexible architecture @pzfreo #wso2
  • 28. Analytics o API Manager supports out of the box: o Google Analytics o WSO2 Business Activity Monitor Analytics @pzfreo #wso2 28
  • 29. Why Analytics are important • Build confidence in the API model • Understand your customer – Not just the developer but also the end-user • Help manage services and versions – Understand when deprecated services can be retired • Plan better – Monitor the growth of aggregated API traffic – Monitor the growth of specific apps @pzfreo #wso2 29
  • 30. Sample API Analytics @pzfreo #wso2 30
  • 32. Hands on • Use the API Publisher – As a creator and a publisher • Sign up as a third-party developer • Subscribe to an API • Utilize production and sandbox endpoints • View analytics and usage stats • Version an API (extension) @pzfreo #wso2
  • 33. Hands on setup • VirtualBox VM • Ultra-simple node.js backend • Pre-configured API manager and Business Activity Monitor – Installed – Configured to work together – Setup to use hostname apimgr – Added users and roles • A subset of the “Quick Start Guide” http://freo.me/am170-qs @pzfreo #wso2
  • 34. @pzfreo #wso2 Identity Server and Federated Identity
  • 37. Multi-Factor Authentication • Something you just forgot • Something you just lost • Some part of your body you just injured @pzfreo #wso2
  • 39. Federated SAML2 @pzfreo #wso2 IdIdPP IdIdPP IdIdPP IdIdPP SSPP SSPP SSPP SSPP
  • 40. The Enterprise Identity Bus @pzfreo #wso2
  • 41. Demo • Quick overview of Identity Server console • Set up of Salesforce domain • Definition of the SP in IS • Demonstrate login • Show Facebook App definition • Show Facebook Configuration in IS • Change to use Facebook • Login with Facebook @pzfreo #wso2
  • 43. Identity User Portal @pzfreo #wso2
  • 44. SSO and Identity Federation @pzfreo #wso2
  • 46. Identity Bus Tokens and Claims @pzfreo #wso2
  • 47. Identity Bus Provisioning Bus @pzfreo #wso2
  • 50. @pzfreo #wso2 Carbon Combinations • Identity Server + Governance Registry • Identity Server + BAM + CEP • Identity Server + API Manager • Identity Server + App Manager • Identity Server + Business Process Server • Etc… 50
  • 51. @pzfreo #wso2 App Manager Launching Q4 * IdP (WSO2 Identity Server) (WSO2 Business Activity Monitor)
  • 52. More about WSO2 • All 100% Open Source under the Apache License • A complete middleware platform • Sessions @ JAX: – Keynote – Connecting the World (Tuesday 9am) – Understanding Real Time Event Processing through Football • Senaka Fernando – Tuesday 11:45am – Apache Stratos: the PaaS from Apache • Lakmal Warusawithana – Wednesday 11:30am @pzfreo #wso2
  • 53. Questions? @pzfreo #wso2 https://www.flickr.com/photos/-bast-