State of automation possibilities and some lesson learned while building Stamplay an API orchestration platform that help companies automating processes visually.
7. g@stamplay.com
The Rise of Shadow ITShadow IT - Worse than IT thinks
“The average enterprise uses 1,220
individual cloud services.
Up to 25 times more than
recognized by IT—who estimate
that they are using 91 cloud
services.
112% Growth YoY.”
14. g@stamplay.com
IT and the Business are still tightly coupled
Technology is now in every department and business users more than ever have the
knowledge, desire and capability to make many of their own IT decisions
IT ends up building an app with somebody outside their functional area 68% of the times
15. g@stamplay.com
API integration tooling that initially started
with business process tools has started
becoming more widespread with
workplace collaboration tools.
18. g@stamplay.com
Coding vs Programming
A fundamental distinction
New HTTP request
Lookup public contact detail
Save it on Salesforce
Post on #sales channel
Say hello via email
19. g@stamplay.com
Empower people to solve problems ETL-style
Get customer
who bought X
yesterday
Everyday
at 1am
If they use a
personal email
address
Add them on X
list for
consumers
Add them on Y
list for B2B
Create a card
to follow up
on them
Add them on
Facebok
audience
20. g@stamplay.com
“Every task that can be automated will
be. Future workers will design
automated workflows more often than
they will complete individual
workflow tasks.”
22. g@stamplay.com
What to look for in an integration platform?
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
23. g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
24. g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
25. g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
26. g@stamplay.com
Range of usability
Level of IT usability
Creation at Scale & Repeatability
Hybrid architectures
Granular Security settings
What to look for in an integration platform?
27. g@stamplay.com
IT role will be central to helping others
across the business be able to use data
by opening up resources and make sure
it’s delivered in a secure way and
organized appropriately
28. g@stamplay.com
Token based Auth
(e.g OAuth2)
Machine readable
docs (Swagger, RAML,
IO docs)
Webhooks HATEOAS
Key requirements for APIs in the automation era
Simple, consistent, flexible, friendly, explorable via URL
and use web standards where they make sense.
29. g@stamplay.com
Key requirements for APIs in the automation era
Simple, consistent, flexible, friendly, explorable via URL
and use web standards where they make sense.
Token based Auth
(e.g OAuth2)
Machine readable
docs (Swagger, RAML,
IO docs)
Webhooks HATEOAS
30. g@stamplay.com
Webhook anatomy
Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
• a verb: POST
• an explicit event type: which could be subscribed by any
user (for Github: pull_request, fork, commit, issues, etc.. )
• a payload: containing the relevant data for the related event
• including: the resource itself, the sender (user who
triggered the webhook)
• constant data structure
• a security hash: to ensure webhook was delivered by the
rightful authority
• for Github: sharing a common secret used to generate a
hash from the payload
• an ID
31. g@stamplay.com
Subscribing to events using multiple URLs
Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
• a CRUD API
• a payload URL: the server endpoint that will
receive the webhook payload
• events list: which events would you like to
subscribe to
• (optional) the content type
32. g@stamplay.com
Fine grained control on events you want to listen on
Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
33. g@stamplay.com
API for Webhooks aka REST Hooks
Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users
34. g@stamplay.com
Securing Webhooks
Webhooks are fundamental pieces of an API today and a simple notification
is no longer enough, as an API provider you need to do the heavy lifting for your users