Api governance (APIdays Mediterránea)

21
20 meetups 716 api addicts 16.00 0 visualiza tions 9K 3K 2K

Transcript of Api governance (APIdays Mediterránea)

Page 1: Api governance (APIdays Mediterránea)

20meetups

716api addicts

16.000

visualizations

9K3K 2K

Page 2: Api governance (APIdays Mediterránea)

/[email protected]

{ “name”:”Marco Antonio Sanz”,

“positions”: [

“CEO at CloudAppi” , “CEO at LeadGods”,

“Api Envangelist at ApiAddicts”, “Teacher at ufv”

] }

Who am i?

@MarAntonio82

Page 3: Api governance (APIdays Mediterránea)

Introduction

The vertical applications have the front end and the back end in the same location. The front end speaks with the back end using objects.

What vertical application means?

Page 4: Api governance (APIdays Mediterránea)

Introduction

In company there can be a lot of applications deployed into the organization. You can have applications for human resources, sellers, buyers...

How many applications can be in the company ?

Page 5: Api governance (APIdays Mediterránea)

Introduction

Sometimes it uses files, the other times it uses apis, soap… this is a not efficient!!!

How the communication between us work?

Page 6: Api governance (APIdays Mediterránea)

Introduction

And, all is more complicated if you expose information to other organizations

Page 7: Api governance (APIdays Mediterránea)

API Governance

➢ Define resources➢ Versioning policy➢ Security policy➢ Define the standard to define the apis➢ Define the standard to deploy the apis➢ Documentation➢ Monitorization➢ Testing➢ Billing➢ Environment

General considerations

Page 8: Api governance (APIdays Mediterránea)

API Governance

Define objects and their attributes into organization:Userdata: {“name”:”Manolo”,”edad”:”12”}

Define the resources

Page 9: Api governance (APIdays Mediterránea)

API GovernanceVersioning➢ Url versioning

GET XXX/ejemplo/v1.0/users/

➢ Header versioningAccept: application/vnd.company.myapp-v3+json Content-Type: application/vnd.company.myapp-v3+json

➢ When the version of api should be changed?

➢ How to deal with breaking backwards compatibility?

Page 10: Api governance (APIdays Mediterránea)

API Governance

➢ Api Manager? ➢ Authentication 2 / 3

○ 2 => applications○ 3 => final users

➢ do you implemented a personal system authentication or do you use a standard?

➢ Security into the apis. ¿do you control information?○ scopes○ Resources and methods

Security

http://www.slideshare.net/MarcoAntonioSanzMoli/seguridad-en-las-apis

https://www.modsecurity.org/about.html
Page 11: Api governance (APIdays Mediterránea)

➢ Restful?? level of achievement?➢ HTTP error codes➢ Format of entry parameters➢ Special entry parameters➢ Input/Output format➢ HTTP Verbs➢ Paging➢ URL levels➢ Hypermedia➢ Granularity of services

Standard definition

http://www.slideshare.net/MarcoAntonioSanzMoli/taller-definicin-de-apis

API Governance

https://www.modsecurity.org/about.html
Page 12: Api governance (APIdays Mediterránea)

API Governance

➢ frameworks? ➢ Spring data rest / hateoas (java)➢ restify / express (node.js)➢ SDK: For what languages? Development

philosophy of SDK➢ Should we start some code generator?

Standard development

http://www.slideshare.net/MarcoAntonioSanzMoli/taller-desarrollo-de-apis

https://www.modsecurity.org/about.html
Page 13: Api governance (APIdays Mediterránea)

API Governance

➢ Documentation format○ Doc○ HTML○ RAML / Swagger

➢ Where do we leave the documentation for developers? Present version / previous versions - who manages the update documentation?

Documentation

Page 14: Api governance (APIdays Mediterránea)

API Governance

➢ Statistics of use○ Number of requests per app○ Number of requests per user (if

it’s possible)○ Number of requests per

resource Number of requests per developer

○ Number of requests per http code response

➢ Alerts

Monitoring

Page 15: Api governance (APIdays Mediterránea)

API Governance

➢ Integrations tests.○ ¿Do you develop your integration tests?○ ¿Do you use external tools to implement

tests?➢ ¿Do you go to automatize tests?

○ Jenkins / jmeter / soapui / postman➢ ¿what can i test?

○ Data○ Http code response

Testing

Page 16: Api governance (APIdays Mediterránea)

API Governance

➢ Payment methods○ Api Managers can help me

➢ Billing model○ Requests○ Services○ Data (Scopes?)

➢ Can you afford to pay a developer for using your

Billing

http://www.slideshare.net/MarcoAntonioSanzMoli/las-apis-como-modelo-de-negocio

Page 17: Api governance (APIdays Mediterránea)

API Governance

➢ Pre-production○ Real data?○ Generated data?

➢ Production○ Support

➢ Sandbox?

Environments

http://www.slideshare.net/MarcoAntonioSanzMoli/las-apis-como-modelo-de-negocio

Page 18: Api governance (APIdays Mediterránea)

API Governance

➢ Steps○ Definition

➢ Fake?➢ Develope➢ Testing / validation➢ Implementation➢ Obsolescence

Methodology

http://www.slideshare.net/MarcoAntonioSanzMoli/mada-metodologa-gil-de-desarrollo-de-ap-is-37095756

Page 19: Api governance (APIdays Mediterránea)

API Governance

➢ Create and manage consumer apis ➢ Get api access key➢ Testing api tools➢ Documentation / samples / SDKs➢ Monitoring➢ Payment➢ Statistics

Developer centerThere is an application for developers. Some features

Page 20: Api governance (APIdays Mediterránea)

Any questions?

Page 21: Api governance (APIdays Mediterránea)

Email:

[email protected]

Web:

➢ www.apiaddicts.org

➢ http://Apiaddicts.leadgods.com

Follow us: Linkedin: ➢ https://www.linkedin.com/company/apiaddic

ts

Twitter: @apiaddicts

Facebook:

➢ https://www.facebook.com/pages/APIAddicts

Meetup:

➢ http://www.meetup.com/es-ES/ApiAddicts

Contact

mailto:[email protected]
http://Apiaddicts.leadgods.com/
https://www.linkedin.com/company/apiaddicts
https://www.linkedin.com/company/apiaddicts
https://www.linkedin.com/company/apiaddicts
https://twitter.com/apiaddicts
https://www.facebook.com/pages/APIAddicts
http://www.meetup.com/es-ES/ApiAddicts

Rexión mediterránea

Rexión mediterránea

ITIL. Segmento GRC Enfoque IT Governance Segmento CRM Segmento E-Governance Otros Segmentos.

ITIL. Segmento GRC Enfoque IT Governance Segmento CRM Segmento E-Governance Otros Segmentos.

Taller sm governance smuhu

Taller sm governance smuhu

Gestar Proyectos. Segmento GRC IT Governance Segmento CRM Segmento E-Governance Otros Segmentos.

Gestar Proyectos. Segmento GRC IT Governance Segmento CRM Segmento E-Governance Otros Segmentos.

Curso de Sports Governance

Curso de Sports Governance

Governance Manual

Governance Manual

Gestar Help Desk. Segmento GRC IT Governance Segmento CRM Segmento E-Governance Otros Segmentos.

Gestar Help Desk. Segmento GRC IT Governance Segmento CRM Segmento E-Governance Otros Segmentos.

Cocina mediterránea

Cocina mediterránea

Múltiples - Just Governance Group

Múltiples - Just Governance Group

Governance of Ecosystem Services - aieaa.org

Governance of Ecosystem Services - aieaa.org

Jardinería Mediterránea

Jardinería Mediterránea

Technology Governance Risk and Control

Technology Governance Risk and Control

by Smart Global Governance€¦ · propiedadde Smart Global Governance. Este documentopuedecontenerenfoques, técnicasy otrainformaciónde propiedadde Smart Global Governance. Este

by Smart Global Governance€¦ · propiedadde Smart Global Governance. Este documentopuedecontenerenfoques, técnicasy otrainformaciónde propiedadde Smart Global Governance. Este

DIETA MEDITERRÁNEA

DIETA MEDITERRÁNEA

Governance of Ecosystem Services

Governance of Ecosystem Services

Agricultura mediterránea

Agricultura mediterránea

Globalizzazione, Governance e Istituzioni Internazionali

Globalizzazione, Governance e Istituzioni Internazionali

Share point governance (3)

Share point governance (3)

Governance Consultants S.A.

Governance Consultants S.A.

Corporate governance y administración desleal.pdf

Corporate governance y administración desleal.pdf