Post on 14-Feb-2017
transcript
@windley
The University API PhillipJ.Windley,Ph.D.BrighamYoungUniversityh>p://www.windley.com
@windley
Designing and Developing a University API
Nuwan Bandara Solutions Architect WSO2 inc. @nuwanbando
Phil Windley Enterprise Architect Brigham Young University @windley
@windley
@windley
@windley 5
SoCwareisEaEngtheWorld!More and more major businesses and industries are being run on so;ware and delivered as online services—from movies to agriculture to naAonal defense. Many of the winners are Silicon Valley-style entrepreneurial technology companies that are invading and overturning established industry structures. Over the next 10 years, I expect many more industries to be disrupted by so;ware, with new world-beaAng Silicon Valley companies doing the disrupAon in more cases than not. - Marc Andreessen
“
”
@windley
@windley
@windley
{“answer”: “University API”}
@windley
@windley
Googlehttp://facebook.com
Web Page Title
1.Lorem ipsum dolor sit amet consectateur nonummy lorenzino.
2.Interdum volgus videt, est ubi peccat. 3.Si veteres ita miratur laudatque poetas4.Ut nihil anteferat, nihil illis comparet, errat. 5.Si quaedam nimis antique
• Alpha• Bravo• Charlie• Delta• Echo• Foxtrot• Golf• Hotel• India• Juliet• Kilo• Lima• Mike• November• Oscar• Papa• Quebec• Romeo• Sierra• Tango• Uniform• Victor• Whiskey• X-Ray• Yankee• Zulu
@windley
Googlehttp://facebook.com
Web Page Title
1.Lorem ipsum dolor sit amet consectateur nonummy lorenzino.
2.Interdum volgus videt, est ubi peccat. 3.Si veteres ita miratur laudatque poetas4.Ut nihil anteferat, nihil illis comparet, errat. 5.Si quaedam nimis antique
• Alpha• Bravo• Charlie• Delta• Echo• Foxtrot• Golf• Hotel• India• Juliet• Kilo• Lima• Mike• November• Oscar• Papa• Quebec• Romeo• Sierra• Tango• Uniform• Victor• Whiskey• X-Ray• Yankee• Zulu
Carrier 12:00 PM
1. Lorem ipsum dolor sit amet consectateur nonummy lorenzino.
2. Interdum volgus videt, est ubi peccat.
3. Si veteres ita miratur laudatque poetas
4. Ut nihil anteferat, nihil illis comparet, errat.
5. Si quaedam nimis antique
API
@windley
API
Googlehttp://facebook.com
Web Page Title
1.Lorem ipsum dolor sit amet consectateur nonummy lorenzino.
2.Interdum volgus videt, est ubi peccat. 3.Si veteres ita miratur laudatque poetas4.Ut nihil anteferat, nihil illis comparet, errat. 5.Si quaedam nimis antique
• Alpha• Bravo• Charlie• Delta• Echo• Foxtrot• Golf• Hotel• India• Juliet• Kilo• Lima• Mike• November• Oscar• Papa• Quebec• Romeo• Sierra• Tango• Uniform• Victor• Whiskey• X-Ray• Yankee• Zulu
Carrier 12:00 PM
1. Lorem ipsum dolor sit amet consectateur nonummy lorenzino.
2. Interdum volgus videt, est ubi peccat.
3. Si veteres ita miratur laudatque poetas
4. Ut nihil anteferat, nihil illis comparet, errat.
5. Si quaedam nimis antique
API
Carrier 12:00 PM
1. Lorem ipsum dolor sit amet consectateur nonummy lorenzino.
2. Interdum volgus videt, est ubi peccat.
3. Si veteres ita miratur laudatque poetas
4. Ut nihil anteferat, nihil illis comparet, errat.
5. Si quaedam nimis antique
@windley
@windley
@windley
@windley
@windley 17
BakeyourbusinessmodelintoyourAPI-JohnMusserFounder,ProgrammableWeb
“ ”
Principle #1: Design Business-Oriented APIs
@windley
collection
resourceresourceresource
A Collection with Resources
collection
A Sub-collection with Sub-resources
resource
sub-collectionresource
@windley
/students/instructors/courses/classes/locations/programs/colleges/departments
@windley
@windley
Principle #2: Ensure interfaces are open, extensible, and published
@windley
GET /studentsGET /students?major=CS
GET /students/:idGET /students/:id?fieldset=transcripts
@windley
POST /students
{id: ... first_name: ... last_name: ... ...
}
@windley
@windley
Principle #3: Support student and faculty choice.
@windley
@windley
@windley
Principle #4: Access Control Happens at the API
@windley
User
Policy Administrator
PEP
PDP
PAP
EnforcePolicy Enforcement Point
DecidePolicy Decision Point
ManagePolicy Administration Point
@windley
@windley
@windley
Authorization Server
Owner
Client
5. code
TOKEN
4. code
2. redirect
1. use 3. authorize
6.
data
request TOKEN
Resource Server
Client
@windley
@windley
Principle #5: Keep workflow below the API
@windley
@windley
ProceedCancel ProceedCancel
MWF Alexa Smith02:30pM-03:20PMMATH-105-150 Calculus I
MWFMATH-105-150 Dean Brown12:30PM-01:20PMCalculus I
Alexa SmithMATH-105-150 09:30AM-10:20AMCalculus I MWF
Alexa Smith
TIMEDAY
MATH-105-150 08:30AM-09:20AMCalculus I MWF
TITLE InstructorCOURSE
MWF Alexa Smith02:30pM-03:20PMMATH-105-150 Calculus I
MWFMATH-105-150 Dean Brown12:30PM-01:20PMCalculus I
Alexa SmithMATH-105-150 09:30AM-10:20AMCalculus I MWF
Alexa Smith
TIMEDAY
MATH-105-150 08:30AM-09:20AMCalculus I MWF
TITLE InstructorCOURSE
Missing Prerequisite
Sorry, we can’t add Math 106 to your schedule.
You’re missing a prerequisite: Math 105.
We can automatically make the change for you if you like by removing Math 106 and adding Math 105. Please select from one of the options below:
@windley
HATEOAS Hypertext as the Engine of ApplicaAon State
@windley
An ever expanding range of compuAng plaZorms are needed
to reach students
@windleySource:MorganStanleyMobileInternetReport(12/09)
@windley
Hundreds, even thousands of developers who don’t work for you must be convinced to adapt your product to the dynamic environment of various apps
@windley
@windley
@windley
Principle #7: Cloud First
@windley
@windley
Principle #8: Security is Too Important to Not Outsource
@windley
@windley
@windley
Principle #9: Focus on What’s Core
@windley
@windley
Principle #10: APIs First
@windley
API Client
API Manager / ESB / etc.
Service CompositionThrottlingAttribute Based Access Control
AuthenticationAuthorizationAddress AbstractionMonitoringPolicy EnforcementData TransformationProtocol Transformation
C Framework
PeopleSoft
Alfresco
Business Objects
Service Now
Custom Services
Java, PHP, etc.
Other Cam
pus Contributors (Library, Bookstore, etc)
Domain APIs
SOAPXMLRPC
SOAPSOAPXML RPC
REST REST
Domains
University API (REST)
@windley
@windley
Principle #11: Start Where You Are
@windley
@windley
Principles for StarAng an API IniAaAve 1. Designbusiness-orientedAPIs2. Ensureinterfacesareopen,extensible,andpublished3. Supportstudentandfacultychoice.4. ControlaccessattheAPI5. KeepworkflowbelowtheAPI6. Makedevelopersthecustomer7. Becloudfirst8. Securityistooimportanttonotoutsource9. Focusonwhat’score10. BuyandbuildAPIfirst11. Startwhereyouare
@windley
Resources
• MashupCorporaEons’• ThePhoenixProject• ImplemenEngDomainDrivenDesign• KinLaneonUniversityAPIs• windley.com
@windley
Join us on this journey • @UniversityAPI• UniversityAPIWorkshops
• Utah,February2017• ChicagoSummer2017
@windley
The enterprise integration ecosystem ❏ Connecting with research data clusters via different
protocols
❏ Exposing student data through APIs for different schools
within the university
❏ Providing computation as a service
❏ Providing storage services for academic staff
❏ Gov. cloud integration for research data
❏ Partner integration
@windley
The reference architecture
@windley
Operationalize the platform ❏ Automation
❏ Environment separation
❏ Production deployment
❏ Scalability & high availability
@windley
Automation
@windley
Environment separation
@windley
SDLC and API LC
@windley
Multi-DC deployment
@windley
The University API PhillipJ.Windley,Ph.D.BrighamYoungUniversityh>p://www.windley.com
@windley
Other issues
• OtheruniversityAPIs:serviceslikelockers,vendingmachines,health,payments,HR,calendars,assets,library,collecEons
@windley
Phillip J. Windley, Ph.D. Brigham Young University pjw@byu.edu 801.362.5611