SlideShare a Scribd company logo

API Governance in the Enterprise

Download as PPTX, PDF
Apigee | Google Cloud
Apigee | Google Cloud

Consultant Robert Broeckelmann shares his experience of implementing API management in a large enterprise and will share how to: - define API governance - explore the goals, requirements, implementation of API governance - look at lessons learned from implementing one enterprise customer's API governance process

Technology
1 of 27
©2016 Apigee Corp. All Rights Reserved. API Governance in the Enterprise Robert Broeckelmann, Levvel Dino Chiesa, Apigee
©2016 Apigee Corp. All Rights Reserved. Slideshare slideshare.com/apigee Apigee Community https://community.apigee.com YouTube youtube.com/apigee
Presentation Title API Governance In The Enterprise Robert C. Broeckelmann Jr.
DISCLAIMERS • What we present here is one of numerous possible ways to use Apigee technology. Your situation and requirements will probably differ. • As always, test things in a non-production environment prior to using anything in production. • We are not responsible for spontaneous combustion of the known universe or any other undesirable outcomes associated with using what is discussed here. 3
AGENDA • What is API Management? • API Management--The Full Stack • API Management Solution Architecture • What Is API Governance? • One Organization’s Requirements • API Lifecycle Management • API Governance Ties Into... • Lessons Learned • Questions 4
WHAT IS API MANAGEMENT? Allows an organized approach to using APIs to open up an organization or system’s data so that it can be utilized by other parts of the organization or third-parties in new and useful ways. 5
WHAT IS API MANAGEMENT? From a business perspective, API Management is a revolution; from a technical perspective, it is an evolution of the earlier Service Oriented Architecture (SOA) paradigm. 6
WHAT IS API MANAGEMENT? Spans B2E, B2C, B2B User Spaces Spans Mobile, Integration, Identity, Security concerns. 7
WHAT IS API MANAGEMENT? • The process of publishing, promoting, and overseeing APIs in a secure, scalable environment • Ensuring that developers and partners are productive • Managing, securing, and mediating your API traffic • Allowing an organization to grow their API program to meet increasing demands • Enabling the monetization of APIs • The intersection of technology, business, organization, and integration concerns 8
THE API MANAGEMENT ”FULL STACK” 9 Data Modeling Interface Modeling API Management Solution Management Portal Developer Portal API Gateway Registry & Repository Identity Stack Application Infrastructure Monitoring User Repositor y Federatio n User Provisioni ng Applicatio n Firewall Reverse Proxy DevOps Logging
API MANAGEMENT SOLUTION ARCHITECTURE 10
WHAT IS API GOVERNANCE? API Governance is also part of API Management… … probably the most important part. 11
WHAT IS API GOVERNANCE? Governance is not a bad thing; though, your experiences with it would, probably, make you disagree. In fact, for anything to be truly adopted by the enterprise, it must have adequate and functional governance. The trick is to strike the right balance. Self-service and automation is the key to making the governance process(es) workable. 12
WHAT IS API GOVERNANCE? Allows for a policy driven approach (vs. ad hoc) to enforcement; not just runtime, but throughout the design and development process •single point to manage policies and enforcement. 13
WHAT IS API GOVERNANCE? API governance includes: ●tracking what (API) is deployed where (environment) ●tracking who is calling what ●how is it (API) protected? ●defining interface standards ●gathering statistics (about API consumers, APIs, and the Developer Portal) ●API versioning ●JSON (or XML) Schema versioning ●tracking routing information ●tracking what policy should be applied to it (API) ●sun-setting (retiring a version of the API) 14
One Organization’s Requirements • Every organization’s governance requirements will have some unique aspects. • There will also be a large amount of overlap. • Example Requirements this organization had • Isolation between Non-Production and Production. Two Apigee organizations; (NP: 3 environments, PRD: 1 environment) • Four environments included in SDLC (Software Development Life Cycle) • Organization uses Swagger 2.0 to describe interfaces
One Organization’s Requirements •Requirements • 3rd Party IdP (Azure Active Directory) used • AAD acts as token generator for all actors. Apigee customized to work with AAD-produced tokens. • came from the organization's IAM and Information Security teams. • drove much complexity • Top-down development methodology utilized. • Building a program that supports the entire business. Rather than a particular line of business or development group. • Many different concerns. 16
API LIFECYCLE MANAGEMENT API Lifecycle Management (which tracks the interface’s life-cycle, not the implementation) is part of API Governance. The details will vary, but this basically describes the promotion process (life-cycle) of an API version from initial concept, to definition, to the lowest-level development environment, to production, and eventually to sun-setting. 17
API LIFECYCLE MANAGEMENT Suppose your organization has the following environments: • Unit Test Environment • Quality Assurance Environment • Load Test Environment • Production Environment Now, let’s assume that your API life-cycle captures the following additional steps: • Inception (identification of a business or technical need) • Definition (interface definition) • Development • Sun-setting (retiring a version of the API) The API Lifecycle will account for all of these states 18
API GOVERNANCE TIES INTO API Governance ties into: • Change Management • Asset Management • Configuration Management • Legacy SOA Governance (with the goal of eventually replacing it) • Quality Assurance • Information Security • IT Auditing Within Enterprise IT all of these things are interrelated. The processes and organization should reflect this. Yes, it sounds heavy weight. But, effective self-service and good processes makes all the difference in the world. 19
DEVOPS TIE-IN API Governance ties into DevOps •The Developer Portal provides a self-service platform to allow developers to  register with the system  create applications  provision credentials  subscribe to APIs  view documentation  other activities •The Developer Portal can also  increase development and decrease cycle time  decrease Mean Time To Resolution (MTTR)  enable stakeholder-level overview  ease compliance and reporting 20
LESSONS LEARNED Most small to medium sized organizations can probably use the Apigee developer portal and built-in processes out of the box without significant modification. • The enterprise IT organization is different. Different = messy details. • There are exceptions to every rule (including this one). • There is probably a small or medium sized organization out there that has had to deal with these issues. 21
LESSONS LEARNED Not all organizations are focused on opening their data up to arbitrary third parties. It may be that internal development teams and B2B Business Partner development teams are the primary focus of the API Management Developer Portal. • Not the API Management use case we often hear about, but very important for many organizations. • Anything that involves interacting with many development teams outside of your control can benefit from an API Management solution to better manage and communicate with those actors. 22
LESSONS LEARNED For this organization, API Governance was an evolution of SOA Governance paradigm that was already in place. • Not starting from scratch. Executive sponsorship, buy-in from business/senior management is critical. 23
LESSONS LEARNED Integration with a Third Party Identity Provider is likely imperative in a large organization. • Is Apigee Edge or the third-party IdP issuing tokens to API consumers? If third-party IdP, introduces much complexity to Edge. If so, applications must be registered with the third-party IdP and Apigee Edge. If the third-party IdP is issuing tokens, necessitates replicating client identifiers into Apigee Edge's IdP for Quota Enforcement and Business Analytics. 24
LESSONS LEARNED • The group that is supporting your Apigee Edge API Gateway may not be the same group that supports the Developer Portal infrastructure. Different skill sets. • Drupals/PHP vs. Javascript/node.js/Edge Policy • Apigee Developer Portal did not have good support for multiple endpoints for the same API. Had to import the same Swagger for each endpoint (one endpoint per environment).
Thank you

Recommended

Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyWSO2
 
API Governance
API Governance API Governance
API Governance Sunil Kuchipudi
 
API strategy with IBM API connect
API strategy with IBM API connectAPI strategy with IBM API connect
API strategy with IBM API connectKellton Tech Solutions Ltd
 
Apigee Edge Product Demo
Apigee Edge Product DemoApigee Edge Product Demo
Apigee Edge Product DemoApigee | Google Cloud
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security LifecycleApigee | Google Cloud
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products OverviewApigee | Google Cloud
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee | Google Cloud
 
API for Beginners
API for BeginnersAPI for Beginners
API for BeginnersGustavo De Vita
 

Recommended

Architecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyArchitecting an Enterprise API Management Strategy
Architecting an Enterprise API Management StrategyWSO2
 
API Governance
API Governance API Governance
API Governance Sunil Kuchipudi
 
API strategy with IBM API connect
API strategy with IBM API connectAPI strategy with IBM API connect
API strategy with IBM API connectKellton Tech Solutions Ltd
 
Apigee Edge Product Demo
Apigee Edge Product DemoApigee Edge Product Demo
Apigee Edge Product DemoApigee | Google Cloud
 
API Security Lifecycle
API Security LifecycleAPI Security Lifecycle
API Security LifecycleApigee | Google Cloud
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products OverviewApigee | Google Cloud
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee | Google Cloud
 
API for Beginners
API for BeginnersAPI for Beginners
API for BeginnersGustavo De Vita
 
API Management in Digital Transformation
API Management in Digital TransformationAPI Management in Digital Transformation
API Management in Digital TransformationAditya Thatte
 
Mapping out your API Strategy - 4.20.11 Webinar slides
Mapping out your API Strategy - 4.20.11 Webinar slidesMapping out your API Strategy - 4.20.11 Webinar slides
Mapping out your API Strategy - 4.20.11 Webinar slidesApigee | Google Cloud
 
API Strategy Introduction
API Strategy IntroductionAPI Strategy Introduction
API Strategy IntroductionDoug Gregory
 
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)Sumanth Donthi
 
APIdays London 2019 - Selecting the best API Governance for your organisation...
APIdays London 2019 - Selecting the best API Governance for your organisation...APIdays London 2019 - Selecting the best API Governance for your organisation...
APIdays London 2019 - Selecting the best API Governance for your organisation...apidays
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
Driving API Economy with Apigee.pptx
Driving API Economy with Apigee.pptxDriving API Economy with Apigee.pptx
Driving API Economy with Apigee.pptxssuseree0a28
 
How to Execute a Successful API Strategy
How to Execute a Successful API StrategyHow to Execute a Successful API Strategy
How to Execute a Successful API StrategyMatt McLarty
 
API Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesAPI Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesSlideTeam
 
API Frenzy: API Strategy 101
API Frenzy: API Strategy 101API Frenzy: API Strategy 101
API Frenzy: API Strategy 101Akana
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays
 
Definitive Guide to API Management
Definitive Guide to API ManagementDefinitive Guide to API Management
Definitive Guide to API ManagementApigee | Google Cloud
 
What is APIGEE? What are the benefits of APIGEE?
What is APIGEE? What are the benefits of APIGEE?What is APIGEE? What are the benefits of APIGEE?
What is APIGEE? What are the benefits of APIGEE?IQ Online Training
 
Architecture for the API-enterprise
Architecture for the API-enterpriseArchitecture for the API-enterprise
Architecture for the API-enterpriseApigee | Google Cloud
 
02 api gateway
02 api gateway02 api gateway
02 api gatewayJanani Velmurugan
 
API Management Part 1 - An Introduction to Azure API Management
API Management Part 1 - An Introduction to Azure API ManagementAPI Management Part 1 - An Introduction to Azure API Management
API Management Part 1 - An Introduction to Azure API ManagementBizTalk360
 
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API MarketplaceWSO2
 
Effective API Design
Effective API DesignEffective API Design
Effective API DesignBansilal Haudakari
 
WSO2 API Platform: Vision and Roadmap
WSO2 API Platform: Vision and RoadmapWSO2 API Platform: Vision and Roadmap
WSO2 API Platform: Vision and RoadmapWSO2
 
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...apidays
 
#APIOps- Agile API Development powered by API Connect
#APIOps- Agile API Development powered by API Connect#APIOps- Agile API Development powered by API Connect
#APIOps- Agile API Development powered by API Connectpramodvallanur
 

More Related Content

What's hot

API Management in Digital Transformation
API Management in Digital TransformationAPI Management in Digital Transformation
API Management in Digital TransformationAditya Thatte
 
Mapping out your API Strategy - 4.20.11 Webinar slides
Mapping out your API Strategy - 4.20.11 Webinar slidesMapping out your API Strategy - 4.20.11 Webinar slides
Mapping out your API Strategy - 4.20.11 Webinar slidesApigee | Google Cloud
 
API Strategy Introduction
API Strategy IntroductionAPI Strategy Introduction
API Strategy IntroductionDoug Gregory
 
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)Sumanth Donthi
 
APIdays London 2019 - Selecting the best API Governance for your organisation...
APIdays London 2019 - Selecting the best API Governance for your organisation...APIdays London 2019 - Selecting the best API Governance for your organisation...
APIdays London 2019 - Selecting the best API Governance for your organisation...apidays
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
Driving API Economy with Apigee.pptx
Driving API Economy with Apigee.pptxDriving API Economy with Apigee.pptx
Driving API Economy with Apigee.pptxssuseree0a28
 
How to Execute a Successful API Strategy
How to Execute a Successful API StrategyHow to Execute a Successful API Strategy
How to Execute a Successful API StrategyMatt McLarty
 
API Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesAPI Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesSlideTeam
 
API Frenzy: API Strategy 101
API Frenzy: API Strategy 101API Frenzy: API Strategy 101
API Frenzy: API Strategy 101Akana
 
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays
 
What is APIGEE? What are the benefits of APIGEE?
What is APIGEE? What are the benefits of APIGEE?What is APIGEE? What are the benefits of APIGEE?
What is APIGEE? What are the benefits of APIGEE?IQ Online Training
 
API Management Part 1 - An Introduction to Azure API Management
API Management Part 1 - An Introduction to Azure API ManagementAPI Management Part 1 - An Introduction to Azure API Management
API Management Part 1 - An Introduction to Azure API ManagementBizTalk360
 
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API MarketplaceWSO2
 
WSO2 API Platform: Vision and Roadmap
WSO2 API Platform: Vision and RoadmapWSO2 API Platform: Vision and Roadmap
WSO2 API Platform: Vision and RoadmapWSO2
 

What's hot (20)

API Management in Digital Transformation
API Management in Digital TransformationAPI Management in Digital Transformation
API Management in Digital Transformation
 
Mapping out your API Strategy - 4.20.11 Webinar slides
Mapping out your API Strategy - 4.20.11 Webinar slidesMapping out your API Strategy - 4.20.11 Webinar slides
Mapping out your API Strategy - 4.20.11 Webinar slides
 
API Strategy Introduction
API Strategy IntroductionAPI Strategy Introduction
API Strategy Introduction
 
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
 
APIdays London 2019 - Selecting the best API Governance for your organisation...
APIdays London 2019 - Selecting the best API Governance for your organisation...APIdays London 2019 - Selecting the best API Governance for your organisation...
APIdays London 2019 - Selecting the best API Governance for your organisation...
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
Driving API Economy with Apigee.pptx
Driving API Economy with Apigee.pptxDriving API Economy with Apigee.pptx
Driving API Economy with Apigee.pptx
 
How to Execute a Successful API Strategy
How to Execute a Successful API StrategyHow to Execute a Successful API Strategy
How to Execute a Successful API Strategy
 
API Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesAPI Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation Slides
 
API Frenzy: API Strategy 101
API Frenzy: API Strategy 101API Frenzy: API Strategy 101
API Frenzy: API Strategy 101
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
 
Definitive Guide to API Management
Definitive Guide to API ManagementDefinitive Guide to API Management
Definitive Guide to API Management
 
What is APIGEE? What are the benefits of APIGEE?
What is APIGEE? What are the benefits of APIGEE?What is APIGEE? What are the benefits of APIGEE?
What is APIGEE? What are the benefits of APIGEE?
 
Architecture for the API-enterprise
Architecture for the API-enterpriseArchitecture for the API-enterprise
Architecture for the API-enterprise
 
02 api gateway
02 api gateway02 api gateway
02 api gateway
 
API Management Part 1 - An Introduction to Azure API Management
API Management Part 1 - An Introduction to Azure API ManagementAPI Management Part 1 - An Introduction to Azure API Management
API Management Part 1 - An Introduction to Azure API Management
 
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
[WSO2 Summit EMEA 2020] Building an Interactive API Marketplace
 
Effective API Design
Effective API DesignEffective API Design
Effective API Design
 
WSO2 API Platform: Vision and Roadmap
WSO2 API Platform: Vision and RoadmapWSO2 API Platform: Vision and Roadmap
WSO2 API Platform: Vision and Roadmap
 

Similar to API Governance in the Enterprise

INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...apidays
 
#APIOps- Agile API Development powered by API Connect
#APIOps- Agile API Development powered by API Connect#APIOps- Agile API Development powered by API Connect
#APIOps- Agile API Development powered by API Connectpramodvallanur
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsWorksoft
 
Transforming enterprise it with containers, ap is and integration api manage...
Transforming enterprise it with containers, ap is and integration api manage...Transforming enterprise it with containers, ap is and integration api manage...
Transforming enterprise it with containers, ap is and integration api manage...Judy Breedlove
 
INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...
INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...
INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...apidays
 
Mule Meetup Calgary- API Governance & Conformance.pdf
Mule Meetup Calgary- API Governance & Conformance.pdfMule Meetup Calgary- API Governance & Conformance.pdf
Mule Meetup Calgary- API Governance & Conformance.pdfNithaJoseph4
 
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...Nordic APIs
 
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...apidays
 
Meetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfMeetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfLuca Mattia Ferrari
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIsWSO2
 
apidays New York 2023 - Make API Governance work in your unified API Strategy...
apidays New York 2023 - Make API Governance work in your unified API Strategy...apidays New York 2023 - Make API Governance work in your unified API Strategy...
apidays New York 2023 - Make API Governance work in your unified API Strategy...apidays
 
Cutting Agency IT Costs, Growing Innovation
Cutting Agency IT Costs, Growing InnovationCutting Agency IT Costs, Growing Innovation
Cutting Agency IT Costs, Growing InnovationApigee | Google Cloud
 
APIs in the Enterprise - Lessons Learned
APIs in the Enterprise - Lessons Learned APIs in the Enterprise - Lessons Learned
APIs in the Enterprise - Lessons Learned Apigee | Google Cloud
 
Api management introduction and product overview v1.0 2014.08.28
Api management introduction and product overview v1.0 2014.08.28Api management introduction and product overview v1.0 2014.08.28
Api management introduction and product overview v1.0 2014.08.28floridawusergroup
 
Manage your ap is securely and easily ibm apim 4.0
Manage your ap is securely and easily ibm apim 4.0Manage your ap is securely and easily ibm apim 4.0
Manage your ap is securely and easily ibm apim 4.0sflynn073
 
Rethinking Segregation of Duties: Where Is Your Business Most Exposed?
Rethinking Segregation of Duties: Where Is Your Business Most Exposed?Rethinking Segregation of Duties: Where Is Your Business Most Exposed?
Rethinking Segregation of Duties: Where Is Your Business Most Exposed?SAPinsider Events
 
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Hamida Rebai Trabelsi
 
apidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgir
apidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgirapidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgir
apidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgirapidays
 

Similar to API Governance in the Enterprise (20)

INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
 
#APIOps- Agile API Development powered by API Connect
#APIOps- Agile API Development powered by API Connect#APIOps- Agile API Development powered by API Connect
#APIOps- Agile API Development powered by API Connect
 
Agile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged ApplicationsAgile-plus-DevOps Testing for Packaged Applications
Agile-plus-DevOps Testing for Packaged Applications
 
Transforming enterprise it with containers, ap is and integration api manage...
Transforming enterprise it with containers, ap is and integration api manage...Transforming enterprise it with containers, ap is and integration api manage...
Transforming enterprise it with containers, ap is and integration api manage...
 
INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...
INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...
INTERFACE by apidays 2023 - Governance Doesn't Have to be a Dirty Word, Jason...
 
Mule Meetup Calgary- API Governance & Conformance.pdf
Mule Meetup Calgary- API Governance & Conformance.pdfMule Meetup Calgary- API Governance & Conformance.pdf
Mule Meetup Calgary- API Governance & Conformance.pdf
 
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...
 
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
APIdays Paris 2018 - Creating an API economy business strategy Alan Glickenho...
 
Meetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfMeetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdf
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
 
apidays New York 2023 - Make API Governance work in your unified API Strategy...
apidays New York 2023 - Make API Governance work in your unified API Strategy...apidays New York 2023 - Make API Governance work in your unified API Strategy...
apidays New York 2023 - Make API Governance work in your unified API Strategy...
 
Cutting Agency IT Costs, Growing Innovation
Cutting Agency IT Costs, Growing InnovationCutting Agency IT Costs, Growing Innovation
Cutting Agency IT Costs, Growing Innovation
 
APIs in the Enterprise - Lessons Learned
APIs in the Enterprise - Lessons Learned APIs in the Enterprise - Lessons Learned
APIs in the Enterprise - Lessons Learned
 
Api management introduction and product overview v1.0 2014.08.28
Api management introduction and product overview v1.0 2014.08.28Api management introduction and product overview v1.0 2014.08.28
Api management introduction and product overview v1.0 2014.08.28
 
Manage your ap is securely and easily ibm apim 4.0
Manage your ap is securely and easily ibm apim 4.0Manage your ap is securely and easily ibm apim 4.0
Manage your ap is securely and easily ibm apim 4.0
 
TEC-Roundtable-API
TEC-Roundtable-APITEC-Roundtable-API
TEC-Roundtable-API
 
Rethinking Segregation of Duties: Where Is Your Business Most Exposed?
Rethinking Segregation of Duties: Where Is Your Business Most Exposed?Rethinking Segregation of Duties: Where Is Your Business Most Exposed?
Rethinking Segregation of Duties: Where Is Your Business Most Exposed?
 
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...
 
API Strategy in Cloud
API Strategy in CloudAPI Strategy in Cloud
API Strategy in Cloud
 
apidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgir
apidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgirapidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgir
apidays LIVE LONDON - API platform strategy and operating models by Kiran Nadgir
 

More from Apigee | Google Cloud

Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Apigee | Google Cloud
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldApigee | Google Cloud
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Apigee | Google Cloud
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketApigee | Google Cloud
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsApigee | Google Cloud
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessApigee | Google Cloud
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorApigee | Google Cloud
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailApigee | Google Cloud
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranApigee | Google Cloud
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!Apigee | Google Cloud
 

More from Apigee | Google Cloud (20)

How Secure Are Your APIs?
How Secure Are Your APIs?How Secure Are Your APIs?
How Secure Are Your APIs?
 
Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)
 
Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
 
Ticketmaster at a glance
Ticketmaster at a glanceTicketmaster at a glance
Ticketmaster at a glance
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First World
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management Market
 
Walgreens at a glance
Walgreens at a glanceWalgreens at a glance
Walgreens at a glance
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices Deployments
 
Pitney Bowes at a glance
Pitney Bowes at a glancePitney Bowes at a glance
Pitney Bowes at a glance
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices Success
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet Kapoor
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg Brail
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant Jhingran
 
London Adapt or Die: Opening Keynot
London Adapt or Die: Opening KeynotLondon Adapt or Die: Opening Keynot
London Adapt or Die: Opening Keynot
 
London Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynoteLondon Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynote
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!
 

Recently uploaded

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

API Governance in the Enterprise

  • 1. ©2016 Apigee Corp. All Rights Reserved. API Governance in the Enterprise Robert Broeckelmann, Levvel Dino Chiesa, Apigee
  • 2. ©2016 Apigee Corp. All Rights Reserved. Slideshare slideshare.com/apigee Apigee Community https://community.apigee.com YouTube youtube.com/apigee
  • 3. Presentation Title API Governance In The Enterprise Robert C. Broeckelmann Jr.
  • 4. DISCLAIMERS • What we present here is one of numerous possible ways to use Apigee technology. Your situation and requirements will probably differ. • As always, test things in a non-production environment prior to using anything in production. • We are not responsible for spontaneous combustion of the known universe or any other undesirable outcomes associated with using what is discussed here. 3
  • 5. AGENDA • What is API Management? • API Management--The Full Stack • API Management Solution Architecture • What Is API Governance? • One Organization’s Requirements • API Lifecycle Management • API Governance Ties Into... • Lessons Learned • Questions 4
  • 6. WHAT IS API MANAGEMENT? Allows an organized approach to using APIs to open up an organization or system’s data so that it can be utilized by other parts of the organization or third-parties in new and useful ways. 5
  • 7. WHAT IS API MANAGEMENT? From a business perspective, API Management is a revolution; from a technical perspective, it is an evolution of the earlier Service Oriented Architecture (SOA) paradigm. 6
  • 8. WHAT IS API MANAGEMENT? Spans B2E, B2C, B2B User Spaces Spans Mobile, Integration, Identity, Security concerns. 7
  • 9. WHAT IS API MANAGEMENT? • The process of publishing, promoting, and overseeing APIs in a secure, scalable environment • Ensuring that developers and partners are productive • Managing, securing, and mediating your API traffic • Allowing an organization to grow their API program to meet increasing demands • Enabling the monetization of APIs • The intersection of technology, business, organization, and integration concerns 8
  • 10. THE API MANAGEMENT ”FULL STACK” 9 Data Modeling Interface Modeling API Management Solution Management Portal Developer Portal API Gateway Registry & Repository Identity Stack Application Infrastructure Monitoring User Repositor y Federatio n User Provisioni ng Applicatio n Firewall Reverse Proxy DevOps Logging
  • 12. WHAT IS API GOVERNANCE? API Governance is also part of API Management… … probably the most important part. 11
  • 13. WHAT IS API GOVERNANCE? Governance is not a bad thing; though, your experiences with it would, probably, make you disagree. In fact, for anything to be truly adopted by the enterprise, it must have adequate and functional governance. The trick is to strike the right balance. Self-service and automation is the key to making the governance process(es) workable. 12
  • 14. WHAT IS API GOVERNANCE? Allows for a policy driven approach (vs. ad hoc) to enforcement; not just runtime, but throughout the design and development process •single point to manage policies and enforcement. 13
  • 15. WHAT IS API GOVERNANCE? API governance includes: ●tracking what (API) is deployed where (environment) ●tracking who is calling what ●how is it (API) protected? ●defining interface standards ●gathering statistics (about API consumers, APIs, and the Developer Portal) ●API versioning ●JSON (or XML) Schema versioning ●tracking routing information ●tracking what policy should be applied to it (API) ●sun-setting (retiring a version of the API) 14
  • 16. One Organization’s Requirements • Every organization’s governance requirements will have some unique aspects. • There will also be a large amount of overlap. • Example Requirements this organization had • Isolation between Non-Production and Production. Two Apigee organizations; (NP: 3 environments, PRD: 1 environment) • Four environments included in SDLC (Software Development Life Cycle) • Organization uses Swagger 2.0 to describe interfaces
  • 17. One Organization’s Requirements •Requirements • 3rd Party IdP (Azure Active Directory) used • AAD acts as token generator for all actors. Apigee customized to work with AAD-produced tokens. • came from the organization's IAM and Information Security teams. • drove much complexity • Top-down development methodology utilized. • Building a program that supports the entire business. Rather than a particular line of business or development group. • Many different concerns. 16
  • 18. API LIFECYCLE MANAGEMENT API Lifecycle Management (which tracks the interface’s life-cycle, not the implementation) is part of API Governance. The details will vary, but this basically describes the promotion process (life-cycle) of an API version from initial concept, to definition, to the lowest-level development environment, to production, and eventually to sun-setting. 17
  • 19. API LIFECYCLE MANAGEMENT Suppose your organization has the following environments: • Unit Test Environment • Quality Assurance Environment • Load Test Environment • Production Environment Now, let’s assume that your API life-cycle captures the following additional steps: • Inception (identification of a business or technical need) • Definition (interface definition) • Development • Sun-setting (retiring a version of the API) The API Lifecycle will account for all of these states 18
  • 20. API GOVERNANCE TIES INTO API Governance ties into: • Change Management • Asset Management • Configuration Management • Legacy SOA Governance (with the goal of eventually replacing it) • Quality Assurance • Information Security • IT Auditing Within Enterprise IT all of these things are interrelated. The processes and organization should reflect this. Yes, it sounds heavy weight. But, effective self-service and good processes makes all the difference in the world. 19
  • 21. DEVOPS TIE-IN API Governance ties into DevOps •The Developer Portal provides a self-service platform to allow developers to  register with the system  create applications  provision credentials  subscribe to APIs  view documentation  other activities •The Developer Portal can also  increase development and decrease cycle time  decrease Mean Time To Resolution (MTTR)  enable stakeholder-level overview  ease compliance and reporting 20
  • 22. LESSONS LEARNED Most small to medium sized organizations can probably use the Apigee developer portal and built-in processes out of the box without significant modification. • The enterprise IT organization is different. Different = messy details. • There are exceptions to every rule (including this one). • There is probably a small or medium sized organization out there that has had to deal with these issues. 21
  • 23. LESSONS LEARNED Not all organizations are focused on opening their data up to arbitrary third parties. It may be that internal development teams and B2B Business Partner development teams are the primary focus of the API Management Developer Portal. • Not the API Management use case we often hear about, but very important for many organizations. • Anything that involves interacting with many development teams outside of your control can benefit from an API Management solution to better manage and communicate with those actors. 22
  • 24. LESSONS LEARNED For this organization, API Governance was an evolution of SOA Governance paradigm that was already in place. • Not starting from scratch. Executive sponsorship, buy-in from business/senior management is critical. 23
  • 25. LESSONS LEARNED Integration with a Third Party Identity Provider is likely imperative in a large organization. • Is Apigee Edge or the third-party IdP issuing tokens to API consumers? If third-party IdP, introduces much complexity to Edge. If so, applications must be registered with the third-party IdP and Apigee Edge. If the third-party IdP is issuing tokens, necessitates replicating client identifiers into Apigee Edge's IdP for Quota Enforcement and Business Analytics. 24
  • 26. LESSONS LEARNED • The group that is supporting your Apigee Edge API Gateway may not be the same group that supports the Developer Portal infrastructure. Different skill sets. • Drupals/PHP vs. Javascript/node.js/Edge Policy • Apigee Developer Portal did not have good support for multiple endpoints for the same API. Had to import the same Swagger for each endpoint (one endpoint per environment).