Ashish Pandit Louis Zelus API Manager Ashish Pandit Louis Zelus Introduction Why API? Managed APIs API Manager Demo Getting involved

Agenda Introduction to Managed API Demo Selection Criterion Challenges in implementing API Manager

Roles Roles Concerns API Developer Browse the store, Create APIs API Governance Committee Approve and Publish API Application Developer Browse the store, Subscribe to APIs IT Owner Monitor Performance View Reports Data Owner Approve Subscription Approvals

Manage APIs Creating APIs (interface, docs, samples,etc.) Advertising APIs Making APIs subscribe-able by consumers Associating SLAs Securing APIs Analytics

API Lifecycle

API Publishing and Subscription

API Manager Platform requirement Users Management (self-sign up, profile management) API publication/api store API security Statistics SLA control Throttling/Rate limit API versioning

Demo

Infrastructure Layout

Selection Open Source solution Keeping security tokens on premise Evaluated 3 Scale, CA Technologies (Layer 7), Mulesoft

Issues Data, Database issues Align authorization with existing data access policy and tools Application authorization (stateful) vs API authorization (stateless) Fine-grain authorization – ABAC, OAuth scope Enterprise APIs vs public APIs Shibboleth integration Developer Education - OAuth, Open ID Connect API Governance DB2 Database support

Questions?