Date post: | 13-Jul-2015 |
Category: |
Presentations & Public Speaking |
Upload: | jaxlondon2014 |
View: | 216 times |
Download: | 4 times |
@pzfreo #wso2
Agenda
• Introductions and Welcome• API Economy and Vision• API Management Overview• API Management Exercise• Short Introduction to WSO2 Identity Server• Identity Server demonstration
@pzfreo #wso2
Frictionless Business
• Integration with other companies and organizations• API Management• Self-signup for developers• Almost zero cost per transaction• Approaching zero time for onboarding
@pzfreo #wso2
Managing APIs
o An API is a business capability delivered over the Internet to internal or external consumerso Network accessible function o Available using standard web protocolso With well-defined interfaceso Designed for access by third-parties
o A Managed API is:o Actively advertised and subscribe-ableo Available with SLAso Secured, authenticated, authorized and protectedo Monitored and monetized with analytics
9
@pzfreo #wso2
API Management Space
o Create APIso WSO2 Application Server, Data Services Server and ESB, any other platform
o Find and subscribe/buy APIso API Store and Governance
o Manage, secure and protect APIso API Management and Gateway
o Monitor and Monetize APIso API Monitoring and Analytics
11
@pzfreo #wso2
Core Concepts
• Components• Users and Roles• Lifecycle Management• Publisher• Store• Gateway• Deployment• Analytics
@pzfreo #wso2
Roles
o API Creatoro Designs, Implements, manages and versions API
o Understand business and technical requirements
o Cares about usage and scaling
o Seeks feedback, ratings, usage
o API Publishero Publishes, Promotes and encourages consumers to adopt APIs
o Determines usage patterns and how to best monetize asset
o Monitors and secures
o API Consumero Understands the interface definition
o Subscribes and connects application to API
o Monitors own usage and cost basis
o Provides feedback and ratings
15
@pzfreo #wso2
API Store: Social Features
o Share with fellow developers via social media or mailo Embed API link into blogs, Tweets, etc.
@pzfreo #wso2
Workflows
o Available for user self-sign up, API subscription and application creationo Provides extension point to engage custom workflow. Default sample implementation
leverages WSO2 Business Process Server, but other engines could be used.
@pzfreo #wso2
API Access Tokenso OAuth2 standard compliant
o Supports multiple grant types o SAML, IWA/NTLM
o Client credential, Implicit, Password
o Pre-generated Access Token: can be used from an application, to identify the application itself
o On-demand Access Token: generated via API call, using Consumer Key and Consumer Secret - Identifies the end user of an application (web applications, mobile applications)
24
@pzfreo #wso2
Other deployment aspects
• Support for staging and migration between environments
• Support for separate gateways for Prod and Sandbox• Support for splitting into DMZ / Intranet zones• Highly flexible architecture
@pzfreo #wso2
Analytics
o API Manager supports out of the box:o Google Analyticso WSO2 Business Activity Monitor Analytics
28
@pzfreo #wso2
Why Analytics are important
• Build confidence in the API model• Understand your customer
– Not just the developer but also the end-user
• Help manage services and versions– Understand when deprecated services can be retired
• Plan better– Monitor the growth of aggregated API traffic– Monitor the growth of specific apps
29
@pzfreo #wso2
Hands on
• Use the API Publisher – As a creator and a publisher
• Sign up as a third-party developer• Subscribe to an API• Utilize production and sandbox endpoints• View analytics and usage stats• Version an API (extension)
@pzfreo #wso2
Hands on setup
• VirtualBox VM• Ultra-simple node.js backend• Pre-configured API manager and Business Activity Monitor
– Installed– Configured to work together– Setup to use hostname apimgr– Added users and roles
• A subset of the “Quick Start Guide” http://freo.me/am170-qs
@pzfreo #wso2
Multi-Factor Authentication
• Something you just forgot• Something you just lost• Some part of your body you just injured
@pzfreo #wso2
Demo
• Quick overview of Identity Server console• Set up of Salesforce domain• Definition of the SP in IS• Demonstrate login• Show Facebook App definition• Show Facebook Configuration in IS• Change to use Facebook• Login with Facebook
@pzfreo #wso2
Carbon Combinations• Identity Server + Governance Registry• Identity Server + BAM + CEP • Identity Server + API Manager • Identity Server + App Manager • Identity Server + Business Process Server• Etc…
50
@pzfreo #wso2
App Manager Launching Q4
*
IdP (WSO2 Identity Server)
(WSO2 Business Activity Monitor)
@pzfreo #wso2
More about WSO2
• All 100% Open Source under the Apache License• A complete middleware platform• Sessions @ JAX:
– Keynote – Connecting the World (Tuesday 9am)– Understanding Real Time Event Processing through Football
• Senaka Fernando – Tuesday 11:45am– Apache Stratos: the PaaS from Apache
• Lakmal Warusawithana – Wednesday 11:30am