SlideShare une entreprise Scribd logo

How to Get Your Business Selling in the API Economy

Télécharger en tant que PPTX, PDF
Akana
Akana
1  sur  23
How to Get Your Business Selling in the API Economy Moderator: David Chiu, Commerce Strategist, Elastic Path Presenter: Andrew Lau, Commerce Architect, Elastic Path Presenter: Sachin Agarwal, VP Product Marketing, SOA Software
SOA Software • SOA Software is an API Management and SOA Governance leader • More than 300 customers – many Fortune 1000 • On-Premise and Cloud offerings • Gartner and Forrester leader
Elastic Path • Elastic Path software adds omnichannel ecommerce, subscriptions, and enhanced connectivity to digital engagement platforms • Enables companies to deliver a truly complete customer experience • Run the world’s #1 Ecommerce Blog Get Elastic www.getelastic.com • Every year, we generate billions of dollars in digital revenue for the world’s best brands
What is an API? Your APIYour Customers Your Application
The API Economy
Capture new Opportunities with APIs  Drive Innovation  Increase Reach  Support New Devices  Discover New Business Models  Increase Partner Network
Adopting an API Strategy
Securing your Digital Channels • Authenticate the user • Control what the App can can access • Rate Limit access • Protect from hackers • PCI compliance Au/Az/SSO Licensing Quota Management Protection
Security Cross-cutting Security • Aspects that cut across a given API should be offloaded to a Gateway. • Examples: Throttling, App IDs and Keys, Security certificates Roles-based Access Control • If multiple roles are intrinsic to your API, these are best modeled and handled by the API itself. • Finer-grained hypermedia resources makes offloading to an API gateway difficult
Authentication/Authorization/SSO Control and restrict access to your APIs Make it easy yet secure
Security OAuth is hard Really really hard... Test that your API works with different API Gateways. Confirmation that the API architecture correctly separates concerns: Authentication, Identity, Access Control
Licensing Package your APIs in different ways Restrict what the App can access
Quota Management/Rate Limiting Restrict the number of calls an App can make Apply controls based on context, affinity, segmentation etc.
Performance & Reporting API Monitoring • Aggregated metrics such as response, SLA thresholds, error/failure rates can be pushed out to an external system Reporting • Domain specific data, such as those in context of the API subject and resource, should be captured by the API
Protection Protect from Denial of Service and other forms of attack Scan APIs for viruses and malformed content
Scaling Your APIs Caching for quick access globally Paging to improve User Experience
Developer Community The DX Experience • The end to end experience is now key. Sign-up, access requests, interactive docs, timely support are now the expectation. DX is not just having a beautiful API design. API portals are marketing tools • The API sign-up process should be treated as a marketing activity. Track funnel, metrics, campaigns. • Build it and they will come doesn’t apply in a world where APIs are readily available
API Orchestration and Mediation Aggregate multiple backend services Selectively call services based on business logic≈
Mediation • Mediation is key to abstracting back-end changes from the client applications • Common commerce example: Abstracting the payment gateways.
Versioning • Hypermedia can be versionless • Clients need to follow the rules: o Enter only via the entry points o Always follow links o Ignore relationships you don’t recognize o Deprecate relationships like traditional API methods • Hypermedia doesn’t have to be versionless o Leverage the Gateway to support multiple versions
Transformation • Competing Media Types are healthy o Siren, HAL, Collection+JSON, Collection.Doc are just the start • Content Types are no longer as polarizing. JSON is winning, XML is still useful. What other content types we will want to utilize in the future?
Summary Slide Digital Commerce + Content Management + API management Call to action
Discussion with SOA Software & Elastic Path If you have questions please reach out to us at info@elasticpath.com

Recommandé

2001 Complete
2001 Complete2001 Complete
2001 CompleteAl Baha University
 
ISOS mini case study_ACC Chaibasa SAP Phase IIa roll out
ISOS mini case study_ACC Chaibasa SAP Phase IIa roll outISOS mini case study_ACC Chaibasa SAP Phase IIa roll out
ISOS mini case study_ACC Chaibasa SAP Phase IIa roll outAnwesh Kumar Chakraborty
 
Plan de trabajo de desfile 2015
Plan de trabajo de desfile 2015Plan de trabajo de desfile 2015
Plan de trabajo de desfile 2015Huapo Yaccita El Unico
 
The Latest in API Orchestration, Mediation, and Integration
The Latest in API Orchestration, Mediation, and IntegrationThe Latest in API Orchestration, Mediation, and Integration
The Latest in API Orchestration, Mediation, and IntegrationAkana
 
Deconstructing API Security
Deconstructing API SecurityDeconstructing API Security
Deconstructing API SecurityAkana
 
Eat Your Microservices Elephant One Bite at a Time
Eat Your Microservices Elephant One Bite at a TimeEat Your Microservices Elephant One Bite at a Time
Eat Your Microservices Elephant One Bite at a TimeAkana
 
API Design Essentials - Akana Platform Overview
API Design Essentials - Akana Platform OverviewAPI Design Essentials - Akana Platform Overview
API Design Essentials - Akana Platform OverviewAkana
 
API Economy - The Making of a Digital Business
API Economy - The Making of a Digital BusinessAPI Economy - The Making of a Digital Business
API Economy - The Making of a Digital BusinessAkana
 

Recommandé

2001 Complete
2001 Complete2001 Complete
2001 CompleteAl Baha University
 
ISOS mini case study_ACC Chaibasa SAP Phase IIa roll out
ISOS mini case study_ACC Chaibasa SAP Phase IIa roll outISOS mini case study_ACC Chaibasa SAP Phase IIa roll out
ISOS mini case study_ACC Chaibasa SAP Phase IIa roll outAnwesh Kumar Chakraborty
 
Plan de trabajo de desfile 2015
Plan de trabajo de desfile 2015Plan de trabajo de desfile 2015
Plan de trabajo de desfile 2015Huapo Yaccita El Unico
 
The Latest in API Orchestration, Mediation, and Integration
The Latest in API Orchestration, Mediation, and IntegrationThe Latest in API Orchestration, Mediation, and Integration
The Latest in API Orchestration, Mediation, and IntegrationAkana
 
Deconstructing API Security
Deconstructing API SecurityDeconstructing API Security
Deconstructing API SecurityAkana
 
Eat Your Microservices Elephant One Bite at a Time
Eat Your Microservices Elephant One Bite at a TimeEat Your Microservices Elephant One Bite at a Time
Eat Your Microservices Elephant One Bite at a TimeAkana
 
API Design Essentials - Akana Platform Overview
API Design Essentials - Akana Platform OverviewAPI Design Essentials - Akana Platform Overview
API Design Essentials - Akana Platform OverviewAkana
 
API Economy - The Making of a Digital Business
API Economy - The Making of a Digital BusinessAPI Economy - The Making of a Digital Business
API Economy - The Making of a Digital BusinessAkana
 
Extracting Insights from your API Programs
Extracting Insights from your API ProgramsExtracting Insights from your API Programs
Extracting Insights from your API ProgramsAkana
 
Confronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraConfronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraAkana
 
API Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAPI Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAkana
 
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPowerRealizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPowerAkana
 
Architecting Mobile Solutions Using Microsoft Azure and Akana
Architecting Mobile Solutions Using Microsoft Azure and AkanaArchitecting Mobile Solutions Using Microsoft Azure and Akana
Architecting Mobile Solutions Using Microsoft Azure and AkanaAkana
 
Digital Healthcare – Realizing Interoperability with APIs
Digital Healthcare – Realizing Interoperability with APIsDigital Healthcare – Realizing Interoperability with APIs
Digital Healthcare – Realizing Interoperability with APIsAkana
 
Driving Digital Innovation with a Layered API Design Approach
Driving Digital Innovation with a Layered API Design ApproachDriving Digital Innovation with a Layered API Design Approach
Driving Digital Innovation with a Layered API Design ApproachAkana
 
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3 Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3 Akana
 
Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Akana
 
Microservices: Why Should Businesses Care?
Microservices: Why Should Businesses Care?Microservices: Why Should Businesses Care?
Microservices: Why Should Businesses Care?Akana
 
Using APIs
Using APIsUsing APIs
Using APIsAkana
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebAkana
 
Turbo-Charge DataPower to Reach Your SOA Goals
Turbo-Charge DataPower to Reach Your SOA GoalsTurbo-Charge DataPower to Reach Your SOA Goals
Turbo-Charge DataPower to Reach Your SOA GoalsAkana
 
The Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityThe Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityAkana
 
The Datacenter API
The Datacenter APIThe Datacenter API
The Datacenter APIAkana
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseAkana
 
The API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
The API Economy is Here: Facebook, Twitter, Netflix and Your IT EnterpriseThe API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
The API Economy is Here: Facebook, Twitter, Netflix and Your IT EnterpriseAkana
 
Realizing SOA and API Convergence for IBM DataPower Customers
Realizing SOA and API Convergence for IBM DataPower CustomersRealizing SOA and API Convergence for IBM DataPower Customers
Realizing SOA and API Convergence for IBM DataPower CustomersAkana
 
Rapid Mobile App to API Integration
Rapid Mobile App to API IntegrationRapid Mobile App to API Integration
Rapid Mobile App to API IntegrationAkana
 
Powering Internal API Communities
Powering Internal API CommunitiesPowering Internal API Communities
Powering Internal API CommunitiesAkana
 

Contenu connexe

Plus de Akana

Extracting Insights from your API Programs
Extracting Insights from your API ProgramsExtracting Insights from your API Programs
Extracting Insights from your API ProgramsAkana
 
Confronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraConfronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraAkana
 
API Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAPI Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAkana
 
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPowerRealizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPowerAkana
 
Architecting Mobile Solutions Using Microsoft Azure and Akana
Architecting Mobile Solutions Using Microsoft Azure and AkanaArchitecting Mobile Solutions Using Microsoft Azure and Akana
Architecting Mobile Solutions Using Microsoft Azure and AkanaAkana
 
Digital Healthcare – Realizing Interoperability with APIs
Digital Healthcare – Realizing Interoperability with APIsDigital Healthcare – Realizing Interoperability with APIs
Digital Healthcare – Realizing Interoperability with APIsAkana
 
Driving Digital Innovation with a Layered API Design Approach
Driving Digital Innovation with a Layered API Design ApproachDriving Digital Innovation with a Layered API Design Approach
Driving Digital Innovation with a Layered API Design ApproachAkana
 
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3 Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3 Akana
 
Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Akana
 
Microservices: Why Should Businesses Care?
Microservices: Why Should Businesses Care?Microservices: Why Should Businesses Care?
Microservices: Why Should Businesses Care?Akana
 
Using APIs
Using APIsUsing APIs
Using APIsAkana
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebAkana
 
Turbo-Charge DataPower to Reach Your SOA Goals
Turbo-Charge DataPower to Reach Your SOA GoalsTurbo-Charge DataPower to Reach Your SOA Goals
Turbo-Charge DataPower to Reach Your SOA GoalsAkana
 
The Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityThe Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityAkana
 
The Datacenter API
The Datacenter APIThe Datacenter API
The Datacenter APIAkana
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseAkana
 
The API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
The API Economy is Here: Facebook, Twitter, Netflix and Your IT EnterpriseThe API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
The API Economy is Here: Facebook, Twitter, Netflix and Your IT EnterpriseAkana
 
Realizing SOA and API Convergence for IBM DataPower Customers
Realizing SOA and API Convergence for IBM DataPower CustomersRealizing SOA and API Convergence for IBM DataPower Customers
Realizing SOA and API Convergence for IBM DataPower CustomersAkana
 
Rapid Mobile App to API Integration
Rapid Mobile App to API IntegrationRapid Mobile App to API Integration
Rapid Mobile App to API IntegrationAkana
 
Powering Internal API Communities
Powering Internal API CommunitiesPowering Internal API Communities
Powering Internal API CommunitiesAkana
 

Plus de Akana (20)

Extracting Insights from your API Programs
Extracting Insights from your API ProgramsExtracting Insights from your API Programs
Extracting Insights from your API Programs
 
Confronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraConfronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking Era
 
API Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAPI Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of Microservices
 
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPowerRealizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
Realizing Hybrid Cloud: Using IBM Bluemix, APIs, and DataPower
 
Architecting Mobile Solutions Using Microsoft Azure and Akana
Architecting Mobile Solutions Using Microsoft Azure and AkanaArchitecting Mobile Solutions Using Microsoft Azure and Akana
Architecting Mobile Solutions Using Microsoft Azure and Akana
 
Digital Healthcare – Realizing Interoperability with APIs
Digital Healthcare – Realizing Interoperability with APIsDigital Healthcare – Realizing Interoperability with APIs
Digital Healthcare – Realizing Interoperability with APIs
 
Driving Digital Innovation with a Layered API Design Approach
Driving Digital Innovation with a Layered API Design ApproachDriving Digital Innovation with a Layered API Design Approach
Driving Digital Innovation with a Layered API Design Approach
 
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3 Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
Securing Your APIs against the Recent Vulnerabilities in SSLv2/SSLv3
 
Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?Making Sense of Hypermedia APIs – Hype or Reality?
Making Sense of Hypermedia APIs – Hype or Reality?
 
Microservices: Why Should Businesses Care?
Microservices: Why Should Businesses Care?Microservices: Why Should Businesses Care?
Microservices: Why Should Businesses Care?
 
Using APIs
Using APIsUsing APIs
Using APIs
 
Unified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the WebUnified Security for Mobile, APIs and the Web
Unified Security for Mobile, APIs and the Web
 
Turbo-Charge DataPower to Reach Your SOA Goals
Turbo-Charge DataPower to Reach Your SOA GoalsTurbo-Charge DataPower to Reach Your SOA Goals
Turbo-Charge DataPower to Reach Your SOA Goals
 
The Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityThe Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and Quality
 
The Datacenter API
The Datacenter APIThe Datacenter API
The Datacenter API
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
 
The API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
The API Economy is Here: Facebook, Twitter, Netflix and Your IT EnterpriseThe API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
The API Economy is Here: Facebook, Twitter, Netflix and Your IT Enterprise
 
Realizing SOA and API Convergence for IBM DataPower Customers
Realizing SOA and API Convergence for IBM DataPower CustomersRealizing SOA and API Convergence for IBM DataPower Customers
Realizing SOA and API Convergence for IBM DataPower Customers
 
Rapid Mobile App to API Integration
Rapid Mobile App to API IntegrationRapid Mobile App to API Integration
Rapid Mobile App to API Integration
 
Powering Internal API Communities
Powering Internal API CommunitiesPowering Internal API Communities
Powering Internal API Communities
 

How to Get Your Business Selling in the API Economy

  • 1. How to Get Your Business Selling in the API Economy Moderator: David Chiu, Commerce Strategist, Elastic Path Presenter: Andrew Lau, Commerce Architect, Elastic Path Presenter: Sachin Agarwal, VP Product Marketing, SOA Software
  • 2. SOA Software • SOA Software is an API Management and SOA Governance leader • More than 300 customers – many Fortune 1000 • On-Premise and Cloud offerings • Gartner and Forrester leader
  • 3. Elastic Path • Elastic Path software adds omnichannel ecommerce, subscriptions, and enhanced connectivity to digital engagement platforms • Enables companies to deliver a truly complete customer experience • Run the world’s #1 Ecommerce Blog Get Elastic www.getelastic.com • Every year, we generate billions of dollars in digital revenue for the world’s best brands
  • 4. What is an API? Your APIYour Customers Your Application
  • 6. Capture new Opportunities with APIs  Drive Innovation  Increase Reach  Support New Devices  Discover New Business Models  Increase Partner Network
  • 7. Adopting an API Strategy
  • 8. Securing your Digital Channels • Authenticate the user • Control what the App can can access • Rate Limit access • Protect from hackers • PCI compliance Au/Az/SSO Licensing Quota Management Protection
  • 9. Security Cross-cutting Security • Aspects that cut across a given API should be offloaded to a Gateway. • Examples: Throttling, App IDs and Keys, Security certificates Roles-based Access Control • If multiple roles are intrinsic to your API, these are best modeled and handled by the API itself. • Finer-grained hypermedia resources makes offloading to an API gateway difficult
  • 10. Authentication/Authorization/SSO Control and restrict access to your APIs Make it easy yet secure
  • 11. Security OAuth is hard Really really hard... Test that your API works with different API Gateways. Confirmation that the API architecture correctly separates concerns: Authentication, Identity, Access Control
  • 12. Licensing Package your APIs in different ways Restrict what the App can access
  • 13. Quota Management/Rate Limiting Restrict the number of calls an App can make Apply controls based on context, affinity, segmentation etc.
  • 14. Performance & Reporting API Monitoring • Aggregated metrics such as response, SLA thresholds, error/failure rates can be pushed out to an external system Reporting • Domain specific data, such as those in context of the API subject and resource, should be captured by the API
  • 15. Protection Protect from Denial of Service and other forms of attack Scan APIs for viruses and malformed content
  • 16. Scaling Your APIs Caching for quick access globally Paging to improve User Experience
  • 17. Developer Community The DX Experience • The end to end experience is now key. Sign-up, access requests, interactive docs, timely support are now the expectation. DX is not just having a beautiful API design. API portals are marketing tools • The API sign-up process should be treated as a marketing activity. Track funnel, metrics, campaigns. • Build it and they will come doesn’t apply in a world where APIs are readily available
  • 18. API Orchestration and Mediation Aggregate multiple backend services Selectively call services based on business logic≈
  • 19. Mediation • Mediation is key to abstracting back-end changes from the client applications • Common commerce example: Abstracting the payment gateways.
  • 20. Versioning • Hypermedia can be versionless • Clients need to follow the rules: o Enter only via the entry points o Always follow links o Ignore relationships you don’t recognize o Deprecate relationships like traditional API methods • Hypermedia doesn’t have to be versionless o Leverage the Gateway to support multiple versions
  • 21. Transformation • Competing Media Types are healthy o Siren, HAL, Collection+JSON, Collection.Doc are just the start • Content Types are no longer as polarizing. JSON is winning, XML is still useful. What other content types we will want to utilize in the future?
  • 22. Summary Slide Digital Commerce + Content Management + API management Call to action
  • 23. Discussion with SOA Software & Elastic Path If you have questions please reach out to us at info@elasticpath.com