APIsecure 2023 - The world's first and only API security conference
March 14 & 15, 2023
API orchestration: to build resilient applications
Cherish Santoshi, Sr. Developer Relations Engineer at Orkes
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
3. Typical API Architecture
On Premises Cloud
Developer
Services
Developer
Portal
• Internal
• External
• Partner
Management
Services
API Management
Service
Management
Platform
Management
Security Services
API & WS Security
• Authentication
• Authorization
• Threat Protection
• Data Privacy
• PCIDSS
Analytics Services
API Analytics
• Operational
• Consumer
• Business
Customer’s BI
Federation
Single Sign-On
Access Control
Mobile Web Partners Services Social IoT
Interaction Layer
API & Service Gateway
Micro Orchestration Mediation Transformation Traffic Management
Traditional Integration Layer
Service
Mediation
Messaging Connectivity
Application Layer
Business Rules Business Process Orchestration Service Orchestration Sense & Response
Information Management layer
6. What is API Orchestration
API orchestration refers to the process of integrating
and managing multiple APIs to perform a unified
task and create a seamless user experience.
API orchestration can involve splitting, merging, or
routing data to different APIs, depending on the
desired outcome.
7. How does an Orchestration
layer help?
Data
Transformation
Runtime
management
Integrating
language
systems
Authentication
and RBAC
Observability
and debugging
in Distributed
applications
1. 2. 3. 4. 5.
8. Data Transformation
Not every request for data is
delivered or received using a
common format.
Both the client and the server
could need the data answers to
be transmitted in a certain
format, requiring data
transformation to enable
communication in a standard
call format.
Using its transformation capabilities, the
orchestration layer can intervene to
guarantee that payloads are prepared
appropriately.
9. Runtime management
The orchestration layer can
intervene before requests
reach your API backend by
treating each component of
your application as a
collection of microservices.
Regarding security, this has a lot of
benefits (runtime policies checking for
malicious code threats). As a result,
protocols, data validation, and error
handling/logging are standardised.
10. Integrating legacy system
Language agnostic
Orchestration platforms like
Conductor can help you
connect with your legacy
systems.
Mixing of API types, such as REST and
SOAP, can lead to major headaches
when trying to use multiple APIs
together. In steps, the orchestration layer
normalises the data structures. This
manages the flow of data and lets you
communicate with the most neglected
APIs and microservices.
11. Role-based permissions
systems can be deployed
since the orchestration layer
can handle the authentication
flow between microservices.
This enables you to grant chosen
people that fit a particular role
access to only specific data.
Authentication and Role Based
Access Control