Type to SearchView Tags
Home

Why Every Organization might go for the API Management
Sathish Gurumoorthy - Senior Technical Manager ,Engineering R&D Services | August 1, 2017
511 Views

Tags :
Related Blogs

Engineering Support Services in the Era of Digital Transformation

Prabhash Ojha

Voice Technology : Now You are talking !!!!!

Ajay Kumar Sharma

Life,Death and CloudComputing

Jasbir Singh Dhaliwal

Before looking at API Management, let’s start with what is the buzz word of API all about? With the increase of Mobility & SOA and with the advent of MicroServices, it is the need for a comprehensive design to expose services as API and enable better integration, re-use, and agility

So now let’s assume we started designing applications that expose API as services. Take an example of an organization exposing certain services and that are being consumed by some of its Mobile Apps, Web Apps, and other microservices. Below is the typical service consumption integration.

API Management

Now this design imposes a lot of problems; a few of the key issues are

  • Consumers are vulnerable to dynamic change of service endpoints
  • Not flexible on throttling needs of different kind of consumers
  • Authentication and Authorization, Security, Policy enforcements are to be managed separately

To solve these problems, we shall apply a pattern called “API Gateway”. An API Gateway provides a single point of entry for all the services exposed as a proxy. This shall provide the design flexibility to handle the below

  • Apply Security and Policy enforcement centrally
  • Apply Authentication and Authorization
  • Not vulnerable to dynamic change of service endpoints
  • Monitor service usage
  • Route to appropriate service endpoint
  • Message transformation as required

API management

Now having known about API and the design pattern of API Gateway implementation, what are the key challenges now in the implementation?

  • How the API shall be published and promoted?
  • How the API shall be accessed with the required security, access controls, and policy enforcements?
  • How the API shall be released and maintained at different versions to support multiple consumers?
  • How the API can transform/aggregate the data across different services?
  • How the API usage shall be tracked and controlled?
  • How the API documentation shall be managed?
  • How the API service contract shall be established?

API Management provides features that shall help on solving the above challenges. 

Transformation

A typical API Management provides the below feature set

Function

Features

API Core
  • Gateway
  • Routing services (Endpoint based, Traffic based, Custom)
  • Transformation and Translation
  • Orchestration/API Chaining

API Management
  • Design and Develop
  • Publish and Monitor
  • Monetization and Billing
  • Analytics
  • Documentation and Swagger Definitions

API Security
  • Integration to Enterprise Identity Providers
  • Policy management and enforcement
  • API Key Management
  • Authentication and Authorization techniques – OAuth, JWT, JWS, JWE, SAML

API Design & Development
  • IDE and Plug-ins for visual design
  • Accelerators – Templates, Connectors, Drag and Drop
  • Integration to CI and DevOps tool set

Endpoint Deployment Support
  • On-premise
  • Hybrid
  • Cloud
  • Scalability & Concurrency

How does the ESB differ from this API Management?

 

Enterprise Service Bus

API Management

ESB & API Management
  • ESBs are designed for enterprise integrations that enable Service Oriented Architecture and establish a common communication channel for integrating heterogeneous applications.
  • It lets different enterprise applications to integrate and communicate between them.
  • Modern applications that includes Web, MicroServices & cloud based Apps exposes API for the other internal & external systems to consume. These API are a lightweight and powerful way of integration and exposing of business functions.
  • API Gateway provides a platform to secure and consume these API exposed across the applications and lets other applications or clients to consume.
  • API Management provides a platform from design to publish API and monetize out of it.

Core Features

Orchestration, Transformation, Mediation, Transportation, and Security

Gateway, Security, API Lifecycle Management (Design, Develop, Publish and Manage), Monitor and Monetize, API Chaining, Limited transformation.

ESB and API Management are intended for two different purposes. Though certain functions of API Management overlap with the ESB, it provides the platform that focuses on API Management & Consumption. By letting an Organization expose their API to the external Consumers, it helps the Organization to monetize.

 “Most importantly API Management lets Organization expose their API to the external Consumers, and helps Organization monetize”.

Some popular API Management tools:

  • CA Layer 7
  • IBM API Connect
  • Apigee (Google has acquired recently)
  • Mulesoft
  • Mashery
More from Sathish Gurumoorthy
Microservices

Few Myths on MicroServices

1,097