SlideShare a Scribd company logo

[WSO2Con EU 2018] WSO2 API Manager - Why, What, How, and What's Next

WSO2, profile picture
WSO2

The document discusses the necessity of API management in response to the growing demand for applications and digital transformation, highlighting five essential features needed from an API management system. It covers the importance of API creation, security, discoverability, governance, and analytics, while also touching on the future of APIs with developer-focused ecosystems and advanced technologies. The content emphasizes the role of APIs in enabling business opportunities and adapting to evolving architectural paradigms.

Technology
1 of 37
Downloaded 60 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
Director, API Architecture WSO2 API Manager: Why, What, How, and What's Next Nuwan Dias
Why do you need API Management? Image source: blog.dailysteak.co
APIs are essential to address the problem of app explosion ● Demand for consumption is on the rise. (easier/convenient ways to consume information and services). ● Demand for consumption is driving digital transformation. ● Digital transformation creates opportunity for $$. ● APIs are the key to enabling digital transformation.
What do you need from an API Management System? 1. Creating and publishing APIs. 2. API security and rate limiting. 3. Platform for discovering, searching and consuming APIs. 4. API governance and lifecycle management. 5. API analytics, specialization and evolution.
Maslow’s hierarchy of needs Image source: verywellmind.com
What do you need from an API Management System? 1. Creating and publishing APIs. - Physiological needs. 2. API security and rate limiting. - Safety needs. 3. Platform for discovering, searching and consuming APIs - Love and belonging needs. 4. API governance and lifecycle management. - Esteem needs. 5. API analytics, specialization and evolution - Self actualization needs.
Creating and publishing APIs Defining the contract between the API provider and the API consumers - The API developer portal.
API Design - Import Definition
API Design - Start new
API Design - Resource Definition
API Documentation
API Publishing
API Security and Rate Limiting Allow verified, permitted and controlled access into your assets - API Gateways.
API Gateways: The enforcement point of all policies
API Security ● Trusted Sub-systems ○ Mutual TLS ○ Basic Authentication ● Delegated Authentication ○ OAuth2.0 ● Authorization ○ OAuth2.0 Scopes ○ OIDC ○ XACML ● CORS
Authentication: OAuth2.0 Grant Types
Federated Authentication
Authorization XACML
Rate Limiting ● Quotas: for monetization ○ By number of requests or bytes ● Fair usage policy ● Entry point control rules ● Protection from over usage ● Custom policies
API Consumption The need for APIs to be easily discoverable, searchable and consumable - The app developer portal.
API Discovery: Registry of APIs ● Paginated listing of APIs ● Tags ● Groups
API Searching
Application Management
Consuming the API ● API documentation ● API testing ● SDKs ● Developer tooltips
API Governance and Lifecycle Management Formalizing the evolution of APIs and assurance of standards and practices.
API Versioning ● Different version formats. ● Backwards compatibility and transitioning of apps to use the latest and greatest version. ● Running multiple versions in parallel. ● Deep copy of documents and policies ● Transitioning current subscribers to latest version ● Notifying current subscribers.
Declaration and execution of custom defined API lifecycles.
Execution of custom defined workflows for.. ● API state transitions ● Developer onboarding ● Application registration ● API subscriptions ● Generation of application keys
Tooling for automation of CI/CD processes
API Analytics and specialization ● Observing and reacting to abnormalities and trends. ● Optimizing the value chain of APIs by specializing and scaling.
API Analytics: Business Insights ● Business performance ● New opportunities ● Expansions ● Promotions ● EOLs ● Achievers ● Laggards
API Analytics: Operational ● Performance metrics ● Abnormalities ● Trends ● Tracing ● Debugging ● Alerting
Specialization and evolution of APIs ● Different API types ○ SOAP APIs ○ gRPC APIs ○ Websockets ○ Event streams ● API gateways evolving into microgateways
Whats Next? How do we address the trillion endpoints problem?
The trillion endpoints problem
What’s Next? ● Developer first APIs and microgateways. ● Integration with service mesh technologies. ● Dynamic service discovery: etcd, consul, etc. ● Dynamic APIs: Short lived APIs that adapt and evolve or die. ● Serverless API gateways. ● API Management for event driven architectures. ● Embedded/Native API management on large scale-cloud infrastructures.
THANK YOU wso2.com

More Related Content

PDF
[WSO2Con EU 2018] Hybrid Cloud API Management - API Microgateways Anywhere
WSO2
 
PDF
[WSO2Con EU 2018] Building Reactive Applications Using Event Driven Architecture
WSO2
 
PDF
Stream Processing in Action
WSO2
 
PDF
Digital Transformation for Karnataka Bank Through API-led Integration
WSO2
 
PDF
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
WSO2
 
PDF
[WSO2Con EU 2018] Identity APIs is the New Black
WSO2
 
PPTX
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
apidays
 
PDF
Wso2 api manager analytics and reporting
Chanaka Fernando
 
[WSO2Con EU 2018] Hybrid Cloud API Management - API Microgateways Anywhere
WSO2
 
[WSO2Con EU 2018] Building Reactive Applications Using Event Driven Architecture
WSO2
 
Stream Processing in Action
WSO2
 
Digital Transformation for Karnataka Bank Through API-led Integration
WSO2
 
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
WSO2
 
[WSO2Con EU 2018] Identity APIs is the New Black
WSO2
 
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
apidays
 
Wso2 api manager analytics and reporting
Chanaka Fernando
 

What's hot (20)

PDF
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
WSO2
 
PDF
[Workshop] API-driven Integration
WSO2
 
PPTX
What is APIGEE? What are the benefits of APIGEE?
IQ Online Training
 
PDF
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
WSO2
 
PDF
Building Sustainable Ecosystems: The Economics of Collaboration
WSO2
 
PDF
Best Practices for Productizing APIs with API Management and Automated Testing
WSO2
 
PDF
Deploying GraphQL Services as Managed APIs
WSO2
 
PDF
How to Enable Monetization of Your API Ecosystem
WSO2
 
PDF
Digital Asset Governance for the Enterprise
WSO2
 
PDF
[WSO2 Summit EMEA 2020] Experiencing the Benefits of API Driven Open Banking
WSO2
 
PDF
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
WSO2
 
PDF
[WSO2 Summit Sydney 2019] Emerging Architecture Patterns: API-centric and Cel...
WSO2
 
PPTX
Apigee Insights: Data & Context-Driven Actions
Apigee | Google Cloud
 
PDF
Exposing Lambda Functions as Managed APIs
WSO2
 
PDF
API Driven Applications - An ecosystem architecture
WSO2
 
PDF
[WSO2 Summit Americas 2020] APIs: The Products of the 21st Century.pdf
WSO2
 
PDF
WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2
 
PDF
apidays LIVE Singapore 2021 - What financial services can learn from Marketpl...
apidays
 
PDF
Nurturing API Platforms with API Analytics
WSO2
 
PDF
Adaptive Scaling of Microgateways on Kubernetes
WSO2
 
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
WSO2
 
[Workshop] API-driven Integration
WSO2
 
What is APIGEE? What are the benefits of APIGEE?
IQ Online Training
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
WSO2
 
Building Sustainable Ecosystems: The Economics of Collaboration
WSO2
 
Best Practices for Productizing APIs with API Management and Automated Testing
WSO2
 
Deploying GraphQL Services as Managed APIs
WSO2
 
How to Enable Monetization of Your API Ecosystem
WSO2
 
Digital Asset Governance for the Enterprise
WSO2
 
[WSO2 Summit EMEA 2020] Experiencing the Benefits of API Driven Open Banking
WSO2
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
WSO2
 
[WSO2 Summit Sydney 2019] Emerging Architecture Patterns: API-centric and Cel...
WSO2
 
Apigee Insights: Data & Context-Driven Actions
Apigee | Google Cloud
 
Exposing Lambda Functions as Managed APIs
WSO2
 
API Driven Applications - An ecosystem architecture
WSO2
 
[WSO2 Summit Americas 2020] APIs: The Products of the 21st Century.pdf
WSO2
 
WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2
 
apidays LIVE Singapore 2021 - What financial services can learn from Marketpl...
apidays
 
Nurturing API Platforms with API Analytics
WSO2
 
Adaptive Scaling of Microgateways on Kubernetes
WSO2
 
Ad

Similar to [WSO2Con EU 2018] WSO2 API Manager - Why, What, How, and What's Next (20)

PPTX
Smartone v1.0
Jinyean Tan
 
PDF
API Management Building Blocks and Business value
WSO2
 
PPTX
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
PDF
João Emilio Santos Bento da Silva - Estratégia de APIs
DevCamp Campinas
 
PDF
Architecting an Enterprise API Management Strategy
WSO2
 
PDF
Api management best practices with wso2 api manager
Chanaka Fernando
 
PDF
5 Pillars of Building Enterprise0grade APIs
WSO2
 
PDF
API Governance and Monetization - The evolution of API governance
WSO2
 
PDF
Understanding API Management from basic to advanced
vivekbagri7
 
PDF
Extend soa with api management Doag18
Vinay Kumar
 
PDF
Apidays Paris 2023 - Building an Inventory, Maria Teresa Pereira, KPMG Portugal
apidays
 
PDF
apidays Munich 2025 - Developer Portals, API Catalogs, and Marketplaces, Miri...
apidays
 
PDF
Extend soa with api management Sangam18
Vinay Kumar
 
PDF
I am sorry Developer, your API just became a Product.pdf
Francisco Picolini
 
PDF
API Products: The Role of an API Product Manager
WSO2
 
PDF
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
WSO2
 
PDF
Crafting an API Strategy with an API Marketplace
WSO2
 
PPT
Effective API Design
Bansilal Haudakari
 
PDF
Role of API Management in an API led Digital Economy
WSO2
 
PPTX
Apigee Edge Product Demo
Apigee | Google Cloud
 
Smartone v1.0
Jinyean Tan
 
API Management Building Blocks and Business value
WSO2
 
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
João Emilio Santos Bento da Silva - Estratégia de APIs
DevCamp Campinas
 
Architecting an Enterprise API Management Strategy
WSO2
 
Api management best practices with wso2 api manager
Chanaka Fernando
 
5 Pillars of Building Enterprise0grade APIs
WSO2
 
API Governance and Monetization - The evolution of API governance
WSO2
 
Understanding API Management from basic to advanced
vivekbagri7
 
Extend soa with api management Doag18
Vinay Kumar
 
Apidays Paris 2023 - Building an Inventory, Maria Teresa Pereira, KPMG Portugal
apidays
 
apidays Munich 2025 - Developer Portals, API Catalogs, and Marketplaces, Miri...
apidays
 
Extend soa with api management Sangam18
Vinay Kumar
 
I am sorry Developer, your API just became a Product.pdf
Francisco Picolini
 
API Products: The Role of an API Product Manager
WSO2
 
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
WSO2
 
Crafting an API Strategy with an API Marketplace
WSO2
 
Effective API Design
Bansilal Haudakari
 
Role of API Management in an API led Digital Economy
WSO2
 
Apigee Edge Product Demo
Apigee | Google Cloud
 
Ad

More from WSO2 (20)

PDF
Demystifying CMS-0057-F - Compliance Made Seamless with WSO2
WSO2
 
PDF
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
WSO2
 
PDF
Modern Platform Engineering with Choreo - The AI-Native Internal Developer Pl...
WSO2
 
PDF
Application Modernization with Choreo - The AI-Native Internal Developer Plat...
WSO2
 
PDF
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
WSO2
 
PDF
Platformless Modernization with Choreo.pdf
WSO2
 
PDF
Application Modernization with Choreo for the BFSI Sector
WSO2
 
PDF
Choreo - The AI-Native Internal Developer Platform as a Service: Overview
WSO2
 
PDF
[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service
WSO2
 
PPTX
WSO2Con 2025 - Building AI Applications in the Enterprise (Part 1)
WSO2
 
PPTX
WSO2Con 2025 - Building Secure Business Customer and Partner Experience (B2B)...
WSO2
 
PPTX
WSO2Con 2025 - Building Secure Customer Experience Apps
WSO2
 
PPTX
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
PPTX
WSO2Con 2025 - Unified Management of Ingress and Egress Across Multiple API G...
WSO2
 
PPTX
WSO2Con 2025 - How an Internal Developer Platform Lets Developers Focus on Code
WSO2
 
PPTX
WSO2Con 2025 - Architecting Cloud-Native Applications
WSO2
 
PDF
Mastering Intelligent Digital Experiences with Platformless Modernization
WSO2
 
PDF
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
PDF
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
PDF
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 
Demystifying CMS-0057-F - Compliance Made Seamless with WSO2
WSO2
 
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
WSO2
 
Modern Platform Engineering with Choreo - The AI-Native Internal Developer Pl...
WSO2
 
Application Modernization with Choreo - The AI-Native Internal Developer Plat...
WSO2
 
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
WSO2
 
Platformless Modernization with Choreo.pdf
WSO2
 
Application Modernization with Choreo for the BFSI Sector
WSO2
 
Choreo - The AI-Native Internal Developer Platform as a Service: Overview
WSO2
 
[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service
WSO2
 
WSO2Con 2025 - Building AI Applications in the Enterprise (Part 1)
WSO2
 
WSO2Con 2025 - Building Secure Business Customer and Partner Experience (B2B)...
WSO2
 
WSO2Con 2025 - Building Secure Customer Experience Apps
WSO2
 
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
WSO2Con 2025 - Unified Management of Ingress and Egress Across Multiple API G...
WSO2
 
WSO2Con 2025 - How an Internal Developer Platform Lets Developers Focus on Code
WSO2
 
WSO2Con 2025 - Architecting Cloud-Native Applications
WSO2
 
Mastering Intelligent Digital Experiences with Platformless Modernization
WSO2
 
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 

Recently uploaded (20)

PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PPTX
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
Doc9.....................................
SofiaCollazos
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Doc9.....................................
SofiaCollazos
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 

[WSO2Con EU 2018] WSO2 API Manager - Why, What, How, and What's Next

  • 1. Director, API Architecture WSO2 API Manager: Why, What, How, and What's Next Nuwan Dias
  • 2. Why do you need API Management? Image source: blog.dailysteak.co
  • 3. APIs are essential to address the problem of app explosion ● Demand for consumption is on the rise. (easier/convenient ways to consume information and services). ● Demand for consumption is driving digital transformation. ● Digital transformation creates opportunity for $$. ● APIs are the key to enabling digital transformation.
  • 4. What do you need from an API Management System? 1. Creating and publishing APIs. 2. API security and rate limiting. 3. Platform for discovering, searching and consuming APIs. 4. API governance and lifecycle management. 5. API analytics, specialization and evolution.
  • 5. Maslow’s hierarchy of needs Image source: verywellmind.com
  • 6. What do you need from an API Management System? 1. Creating and publishing APIs. - Physiological needs. 2. API security and rate limiting. - Safety needs. 3. Platform for discovering, searching and consuming APIs - Love and belonging needs. 4. API governance and lifecycle management. - Esteem needs. 5. API analytics, specialization and evolution - Self actualization needs.
  • 7. Creating and publishing APIs Defining the contract between the API provider and the API consumers - The API developer portal.
  • 8. API Design - Import Definition
  • 9. API Design - Start new
  • 10. API Design - Resource Definition
  • 13. API Security and Rate Limiting Allow verified, permitted and controlled access into your assets - API Gateways.
  • 14. API Gateways: The enforcement point of all policies
  • 15. API Security ● Trusted Sub-systems ○ Mutual TLS ○ Basic Authentication ● Delegated Authentication ○ OAuth2.0 ● Authorization ○ OAuth2.0 Scopes ○ OIDC ○ XACML ● CORS
  • 19. Rate Limiting ● Quotas: for monetization ○ By number of requests or bytes ● Fair usage policy ● Entry point control rules ● Protection from over usage ● Custom policies
  • 20. API Consumption The need for APIs to be easily discoverable, searchable and consumable - The app developer portal.
  • 21. API Discovery: Registry of APIs ● Paginated listing of APIs ● Tags ● Groups
  • 24. Consuming the API ● API documentation ● API testing ● SDKs ● Developer tooltips
  • 25. API Governance and Lifecycle Management Formalizing the evolution of APIs and assurance of standards and practices.
  • 26. API Versioning ● Different version formats. ● Backwards compatibility and transitioning of apps to use the latest and greatest version. ● Running multiple versions in parallel. ● Deep copy of documents and policies ● Transitioning current subscribers to latest version ● Notifying current subscribers.
  • 27. Declaration and execution of custom defined API lifecycles.
  • 28. Execution of custom defined workflows for.. ● API state transitions ● Developer onboarding ● Application registration ● API subscriptions ● Generation of application keys
  • 29. Tooling for automation of CI/CD processes
  • 30. API Analytics and specialization ● Observing and reacting to abnormalities and trends. ● Optimizing the value chain of APIs by specializing and scaling.
  • 31. API Analytics: Business Insights ● Business performance ● New opportunities ● Expansions ● Promotions ● EOLs ● Achievers ● Laggards
  • 32. API Analytics: Operational ● Performance metrics ● Abnormalities ● Trends ● Tracing ● Debugging ● Alerting
  • 33. Specialization and evolution of APIs ● Different API types ○ SOAP APIs ○ gRPC APIs ○ Websockets ○ Event streams ● API gateways evolving into microgateways
  • 34. Whats Next? How do we address the trillion endpoints problem?
  • 36. What’s Next? ● Developer first APIs and microgateways. ● Integration with service mesh technologies. ● Dynamic service discovery: etcd, consul, etc. ● Dynamic APIs: Short lived APIs that adapt and evolve or die. ● Serverless API gateways. ● API Management for event driven architectures. ● Embedded/Native API management on large scale-cloud infrastructures.