WSO2- OSC Korea - Accelerating Digital Businesses with APIs

Accelerating Digital Businesses with APIs
API로 디지털 비즈니스 가속화하기

Hello!
Sue Chang
sue.chang@osckorea.com
Marketing & Business Success Director, OSC Korea

OSC Korea : What Do We Do?
▪ Korea(HQ), China, Japan, Malaysia, Taiwan,
Singapore
▪ Opensource(O), Security(S), Content Delivery(C)
- IT Business Platform 운영
▪ K8S PaaS 플랫폼, APM, API Gateway, Chaos
Engineering, DB Replication, etc.
▪ 리눅스 재단 산하 다양한 프로젝트 (Hyperledger,
Cloud Foundry, CNCF등) 활동
▪ 리눅스 재단 공인 교육센터 운영 (Kubernetes 시스
템 어드민, 개발자 과정 운영)
▪ Cloud Migration, MSA, Cloud Native : Public &
Private Cloud
▪ 주요 프로젝트에 AA, TA, SA, DA 등, 핵심 Tech.
Architect 조직 지원
▪ 오픈소스 기반 프로젝트 지원 (Apach Kafka, Druid,
Rancher, Kubernetes, KrakenD)
1 OSC Korea : A part of OSC Asia Group 2
3 4
Open source Community Governance
Consulting & Professional Service : Digital
Transformation
WSO2 & OSC Korea Partnership
▪ WSO2 국내 기술지원
▪ Enterprise 고객사 구축지원
▪ Reference 아키텍쳐 / Pilot 프로젝트 지원
▪ WSO2 전담 엔지니어 및 개발자 지원

Hello!
Wishwa Perera
wishwa@wso2.com
Channels Sales - APAC and ANZ
Natasha Wijesekare
natasha@wso2.com
Associate Lead Solutions Engineer

5
700+ Employees
50% in engineering
500+ Customers
Around the world
(139 New in 2020)
100% Open Source
Flexible deployment; faster time-
to-market
Founded in 2005
Backed by Cisco and Toba
Capital
Global Presence
Colombo, New York, London,
Mountain View, São Paulo,
Sydney, Berlin, Mexico, Italy
16% YoY Growth

6
Unlock New Opportunities
Reap the benefits of digital transformation to
deliver enhanced services, applications, and
experiences.
Microservices, Containers, and Beyond!
Extensibility to provide enhanced offerings for
your customers today—and over the years to
come.
Cost Effective
A competitive pricing structure that doesn’t make
you sacrifice key features.
Accelerate Time-to-Market
Rapidly deliver your core value proposition through
digital products.
The WSO2 Advantage WSO2 API Manager
WSO2 Enterprise Integrator
WSO2 Identity Server
WSO2 Strategic Consulting
WSO2 Open Healthcare
WSO2 Open Banking

7
“The solution is well-suited to buyers with
strategies that combine integration, APIs,
and microservices.”
A Leader in the Forrester WaveTM:
API Management Solutions, Q3 2020
Industry Recognition

8
“WSO2 Identity Server is a strong performer
among the 13 CIAM providers that matter
most according to Forrester Research, Inc..”
A Strong Performer in the Forrester
WaveTM: Customer Identity and
Access Management, Q4 2020

9
“WSO2 has a good reputation in IAM and is quickly
expanding in the CIAM market…”
An Overall Leader in KuppingerCole’s
Leadership Compass: CIAM Platforms,
2020

10
WSO2 API Manager
Addresses full API lifecycle
management operations. Open,
extensible, customizable.
WSO2 Enterprise Integrator
Hybrid integration platform for quick,
iterative integration of any application,
data, or system.
WSO2 Identity Server
Federates and manages identities
across both cloud service and enterprise
environments.
WSO2 Technology
WSO2 Open Banking
A purpose-built technology platform for
global open banking.
WSO2 Open Healthcare
Towards greater interoperability with a
proven integration platform and FHIR®.
WSO2 Strategic Consulting
Streamline your business objectives and
rapidly achieve key results.
Together, with hundreds of the world’s largest corporations, leading universities, and governments, we execute in
excess of 6 trillion transactions, expose more than 200,000 APIs, and manage over 100 million identities every
single year.

11
Flagship Customer Examples
Applied uses across every industry and geography
Healthcare Government Education Retail Technology
Financial Telecom
Transport

API
12
API
Business capability delivered
over the internet for internal and
external consumers
Standard web
protocols
Access by third
parties
Network
accessible
Well defined
interfaces

13
Many Consumers and Providers
Consumer 1
Consumer 2
Consumer 3
Consumer x
Consumer 4
Consumer 5
Provider 1
Provider 2
Provider 3
Provider x

14
Many Consumers and Providers
Consumer 1
Consumer 2
Consumer 3
Consumer x
Consumer 4
Consumer 5
Provider 1
Provider 2
Provider 3
Provider x
In-House Auth
Mechanisms
No
Documentation
Legacy
Protocols

15
Solution: Managed Provider/Consumer Interactions through APIs?
Authentication
Authorization
QoS
Monitoring
APIs APIs
Consumer 1
Consumer 2
Consumer 3
Consumer x
Consumer 4
Consumer 5
Provider 1
Provider 2
Provider 3
Provider x

16
Solution
Telco Services Business Capabilities
Composition Layer (API Facade)
API Management
Applications
APIs
APIs
APIs APIs
In-House
Auth
Mechanism
No Proper
Documentation
No
Analytics
Consumers
APIs APIs
API
MANAGER
ENTERPRISE
INTEGRATOR

17
Managed API
MANAGED
API
Actively advertised
and subscribable
Secured authenticated
authorized protected
Monitored and
monetized
High quality of service
Service Level
Agreements (SLA)

18
Expose APIs to Public
Expose
API
to
Public
Reduce duplication and rework
Innovative ways to build new solutions
Increase growth potential and
partnership advancements
Increase collaborative development

WSO2 API Manager
An open source approach to addressing any spectrum of API lifecycle, monetization and
policy enforcement.

20
What is API Manager?
API MANAGER
API MANAGER

WSO2 API Manager: Features
21
Design and
Prototype APIs
Control Access and
Enforce Security
Offer a rich
Developer Portal Manage Developer
Community
Manage and Scale
API Traffic
Monitor and
Monetize Plug, extend and
theme
Deploy easily in
Your Enterprise
Support Multiple
Tenants
Publish and
govern API usage

WSO2 API Manager: Benefits
22
Reduce
Technology Risk
Make Data-driven
Decisions
Deploy On-premise,
Cloud or Both
Increase Team
Efficiency
Fit Into Multiple
Architectures
Enhance
API Security Reduce Future
Investments

Components in WSO2 API Manager

25
API Publisher
Develop
Monitor Publish
Manage
● Register APIs
● Associate SLA
● Associate Security Requirements
● Associate Rate Limits/Throttling
● API Lifecycle
● API Versions
● API Policies
● API Keys
● Monitor API Behavior
● Monitor API Consumers
● Gather Consumer
Requirements
● Develop APIs / API Changes
● Create API Docs

27
Developer Portal
The Application Developer Portal known as the API Store
Find
Evaluate Explore
Subscribe
● View ratings, comments
● Download help and docs
● Try it online
● Ask questions to owner
● Register applications
● Obtain key
● Subscribe to API
● Subscribe to API changes
● Rate API
● Share comments
● Feature requests
● Participate in forums
● View top used, new featured APIs
● Search by name, tag or provider
● Save searches

Gateways - API Runtime options
Hybrid option: Gateways close to services, Mgt. plane on cloud
Multiple Gateway options
29
● Micro-GW : Immutable, container native, ideal for greenfield projects
● Regular : Robust, API driven, ideal for brownfield projects
● Both use the same management plane
● Both can be used together in the same deployment
● Both can scale without management plane
● Gateways are identity provider agnostic -> Can work with any key manager as long as
trust is established and a signed token is used

Standard Gateway
● The entry point (gateway) into your internal/external APIs.
● The enforcement point of all the security, rate limiting and message mediation
policies.
● The agent which provides the analytics engine with the business insights it needs.
● Caches responses from target APIs to reduce load on the back-end services.
● Supports SOAP and Websockets in addition to REST
● Config driven mediation support
30
Gateway
Key Manager
Traffic
Manager
<REST>
<SOAP
>
<WebSocket>
HTTP
HTTP
HTTP
HTTP
JMS
HTTP

Key Manager
● Scalable and flexible authentication and authorization policy enforcement based on OAuth
2.0 and other protocols.
● Integration with third party authorization services
● Supports a wide range of application types such as mobile, web, SPA, wearable devices,
biometrics, etc
● Social integration for login via social networks and other IDPs.
31

Authorization & Introspection
Developer Portal
(Store)
Gateway
Authentication
Authorization
Client Management
Token Management
Introspection
Revocation
Federation
● Secure Token Service can be replaced with any 3rd party product
● External Identity Providers can also be used or federated into for authentication
Register User
Retrieve, Update,
Delete [client_id]
Token Introspection
Create Token
Revoke Token
<<Auth / Secure Token Service>>
32

Traffic Manager
● Real-time decision making based on event history
● Rate limits used for billing and metering purposes
● Fair usage policy enforcements
● Rate limits based on user privilege, location, device type, etc.
● Protection for internal and external environments from rogue clients
33
<Request Event>
Gateway
Gateway
Traffic Manager
Message Broker
Policy Designer
<Throttle Event> <Throttle Event>
< Policy>

API Analytics
34
Analytics for Business Insights and Operational Purposes
● Reports by API usage, top users, top applications, top device types, etc
● Location based reporting to identify hottest destinations
● API performance and health based reporting for operational activities.
● Usage reporting for API users as well as API providers
● Detection and prevention of possible fraud and theft
● Abnormal event detection and reporting
● Change detection of API access patterns and alerting
● API last used details for better lifecycle management

API Analytics: Architecture
35
Event Store
APPLICATION
Backend
API Analytics
Dashboards
Real Time Alerts
Admin
Summarized Statistics
API Gateway
API MANAGER
API MANAGER
Analytics
API MANAGER

Analytics: Statistical Analysis
36

Analytics: Operational
● Alerting on Abnormalities
● API Health
37

WSO2 API Microgateway for Microservices

Cloud-Nativeness & Decentralisation
●Lightweight
○ Fast boot up times (< 1s)
○ Low memory footprint(256mb)
○ Low distribution size (~ 100 MB)
●CNCF focus (e.g. docker, k8s, helm, consul)
●Stateless design principles
●Self-contained Quality-of-Service (QoS)
○ JWT-based API security
○ Independent rate-limiting
●Sidecar, Per-API, Per-subset topologies
●Observability
●Fully automated CI/CD
Functional
Linux/OS
Virtualization
Cloud
Containers
K8s, Cloud
Orchestration
Physical
39
API Micro Gateway

Developer-centric
●API developer’s Toolkit
○ Product binaries = Toolkit + Runtime
○ Developers interact with a CLI
○ to initiate a Project workspace
●Starts with Open API Specification
○ Place Open API contract in workspace
○ Install public certificate
●Build the Executable binaries
●Run and Test
○ Run on local Microgateway installation
○ Package and run on Docker container
Open API
contract
µGW
Toolkit
Certificates
Project
workspac
e
(*.balx)
executable
Container
image
k8s
artefacts
run using
µGW docker image
or
µGW Runtime
run on
Docker runtime
run on
Kubernetes
40
API Micro Gateway

41
API Micro Gateway for Microservices
● First class compatibility to work with Microservices.
● Expose Microservices as managed APIs.
● Compose one or more microservices to be exposed as an API.
● API security and rate limiting for APIs.
● Obtain business insights related to consumption of microservices.
● Access to a control plane to manage the lifecycle and versioning of exposed
interfaces (APIs).

42
Container Native; Is it only the API Microgateway?
● All WSO2 API Manager components can run on containers.
● Docker Compose and Kubernetes artifacts are available for all WSO2 components.
● Docker Compose and Kubernetes artifacts for commonly used deployment patterns
available.

Deployment Patterns for API Manager

44
API Manager Deployment Patterns
● Componentized product architecture allows flexibility to deploy the product in
different ways.
● Prebuilt deployment patterns to support multiple different use cases.
● Documents and artifacts to support these prebuilt deployment patterns.
● Flexibility to deploy parts of the system on-cloud while the rest of it can be on-
prem

45
Pattern #1: All-in-One Deployment
Minimal deployment with high availability

46
Pattern #2 - Separate Gateway and Key Manager
For high throughput scenario that requires a shorter token lifespan

47
Pattern #3 - Fully Distributed
Maintain scalability at each layer and higher flexibility at each component

48
Pattern #4 - Internal and External Gateway (on-premise)
Separate internal and external API Management with separated Gateway instances

50
Extensibility
● Mediations - writing your own mediation logic
● Security - Custom grant types and security options
● Branding - Theming UI’s and revamping pages
● Workflow - Workflows for user signup, API subscription, application creation
etc.
● API Lifecycle - Extending API Lifecycle

52
We’re making people’s lives richer by embedding financial services at the moment they’re at, and delivering
services to where the customer is at rather than making them come to us.”
Eric Halverson, SVP, head of gateway support & services at Wells Fargo
● Wells Fargo API Gateway - delivers all products and services
digitally to customers securely.
● Faster onboarding of customers (sometimes in one day).
● Customers able to perform range of functions, adding to
their convenience.
Increased
Number of Digital Services
Faster
Customer Onboarding
WSO2 Products API Manager
USA

53
● Qantas launched the platform in 2018 to speed their
development time, provide multi-channel services, and fuel
business agility.
● Within 12 months of the launch, Qantas experienced
amazing results.
We were able to successfully launch the platform with limited remote trial support. Since then, we have had
excellent support from the WSO2 team through both query support and incident troubleshooting and patching.”
Samuel Purchase, principal engineer API Management Platform at Qantas
Australia
WSO2 Products API Manager
500%
Traffic Increase
½ Cost
for Operations
10x
Published APIs

WSO2- OSC Korea - Accelerating Digital Businesses with APIs

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to WSO2- OSC Korea - Accelerating Digital Businesses with APIs

Similar to WSO2- OSC Korea - Accelerating Digital Businesses with APIs (20)

More from WSO2

More from WSO2 (20)

Recently uploaded

Recently uploaded (20)

WSO2- OSC Korea - Accelerating Digital Businesses with APIs