Transcript
This transcript was autogenerated. To make changes, submit a PR.
Hello everyone. Thank you so much for joining me today. Myself,
Akshata Sawant and I'm super excited to be with you all at Desiccops.
With that, let's get started. Today in this session were mainly going to learn about
sustainable API management. With that,
our safe harbor statement states that make your purchase and decision based on products which
are available today, not on the forward looking one quick
introduction about myself. So I'm currently working as a developer advocate
at Mulesoft. I've been working on Mulesoft technology for over five years
now and I have been a Mulesoft ambassadorist and also a global
meetup leader. Apart from this, I've written a few technical blogs and
I've been a global speaker. And I've recently published a book named
as Newsop for Salesforce developers which is currently available on Amazon.
You can also connect with me over LinkedIn and Twitter and yeah,
that's it. I also love traveling and photography. So with that,
let's get started. Today were mainly going to discuss about
sustainable API management, the need for it, how we are going
to achieve it, what are the use of capabilities, what is universal API
managing? And we'll also see that along with a quick demo using
different developer personas. So stay tuned. Were all
aware that the use of APIs have increased exponentially. Almost all the organizations
have been adopting APIs and just absolutely resulted into API proliferation
or APIs falling across different ecosystems, different ecosystems
and not only different ecosystem but different platform, different cloud, different environments
and so on like that. So it's actually a good sign that the API,
the use of APIs have increased. But at the same time we need to take
into consideration the issues of the problems that have arising because of
it. The first one would be like limited access and visibility across all
these APIs. As we lack a centralized management ping. We are not
able to manage these APIs. Were not having a full control or
visibility or control basically over all the APIs.
Inconsistency in managing this API is because we are not able
to apply the government policies or security rules across all these APIs as
they are present in silos. And suppose if there is a
change or there is an error which is arising, so it gets difficult to manage
whos APIs or it takes a longer time to debug
or evaluate the APIs as they are present in silos.
So what we are lacking basically here is a centralized management
pain or a sustainable approach towards the management.
Today in this session were mainly going to focus on that, like how do we
achieve the sustainability. So for that we
actually need a new method or a new approach in API management.
And that's where I introduce you to the Universal API management platform.
With universal API management platform, you can actually manage any API
which is deployed or which is built on any system or which is
like, suppose I can give you an easy example. You have mule API which is
deployed on AWS, and you
can also have Microsoft API which is deployed on
some other Azure cloud, basically. So with all these two APIs,
though, they're deployed in different environments or no matter which technology
they're built using, you can still manage them using Universal API
management platform on the endpoint platform. How cool is that?
Right? So today in the session we'll actually see along with the demo as well,
how do we manage it and how do we achieve sustainability. So with
that, let's get ahead. So using universal
API management, you can actually achieve sustainability across the entire
API lifecycle. And it's not just
a product which you're going to get or it's not just something like
you're going to be applying for one particular developer or a particular road
that's going to managing the API. So it's going to be spreading
across the entire API lifecycle and it will be giving you a different approach
towards API management right from the development case till it's deployed,
till it's tested, and also for the management, applying security and everything
of that. In this we have previously seen
universal API management on any point platform. So before
going to the universal API management and what are the different products
we have or the capabilities we have to offer and how do we achieve
sustainability? Before going that, we'll just see what is anypoint platform.
So basically, anypoint platform is the world's number one integration tool.
It's an iPass tool which gives you everything which you
need or basically everything you need for the integration ecosystems.
But you can say that there's a lot more to it than that. You can
actually manage the entire API lifecycle. You have pre built assets,
templates, accelerator which helps you to actually accelerate a speed of development,
giving you a higher return on investments.
And yeah, there are different capabilities, there are different connectors which are available.
It actually gives you a full fledged package and everything to manage under
one roof, one ecosystems. You can also manage APIs,
you can have security, you can do monitoring, you can do everything that is
needed for an API to be a full fledged and in professional way.
So with that, were going to learn what
do we have for universal API management and what do we mean by universal
API management with these three developer personas.
So basically we have Maxi here who's can API developer.
We have Dan who's an API owner, and then we have Sarah who's an API
product manager. So all of these three, they have a different goal to achieve.
And we'll see how do we achieve these goals. Keeping sustainability
on mind. And then yeah,
moving ahead, we have the first one who's Maxi. She wants to build her
new APIs from the scratch and her organization is insisting on using
the design first approach and she wants to catalog her API.
She wants to implement and test these APIs as
well. And then she wants to deploy and monitor her API, her performances.
So let us see, how do we help Maxi to achieve all of this using
anypoint platform, universal API management, and also keeping
sustainability on her mind. Firstly, she can design her API using the Anypoint design
center using which she can design not only the rest APIs, but also the
async APIs and she can design it using the Raml or OAS,
whichever format she's comfortable with. She can
also import any of the API which she has like the pre existing ones and
then start designing. Apart from this, if she's completely new to API
designing and she is not, were about how to go to any
point design center can help her with a guided process which will be
automatically designing APIs for her just based on our instructions.
We'll see that in the demo as well. She can also use
some pre built assets as a help if she wants some help designing the API
or if she wants to fasten her development, she can use some pre existing assets
as well. And if she wants to use any of her favorite,
you can say a VI editor like visual studios,
basically an editor. So she can connect the editor as well with the
Anypoint studio and get her development done. Development of API done.
Now once the development is done, she can also test this API
as the endpoints in the mocking services which we have on anypoint platform.
So that will kind of give her can assurance or a confidence.
But you can say with the help of when it comes to API services,
like how the API is going to be, how the response is going to look
like and so on. After, once the API is done,
I mean once she's done designing her API specifications, she can import this API
into any point studio which is like the Mulesoft's native studio
built on top of Eclipse platform. And she can
actually start with the implementation, implementing the APIs in
form of mule application wherein she can find different connectors
which she, I mean, it's a no code platform, she doesn't have to write the
code from the scratch. She'll be having the pre built connectors and everything to
help her accelerate the process. So let's
head over to anypoint platform and see how we can help Maxi to achieve her
goal. Currently we are in anypoint platform, the Mulesoft unified
solution for entire API management. So using this,
Maxi can actually achieve her goals. She can design an entire API from the scratch,
she can publish it, she can manage the APIs across different environments, and she
can deploy her API on cloud. So let's get started with the
first one which is designing her API. So using the design center,
she can actually design her rest API or an asynchronous API.
You can give some project name as she can design
Raml or an OS. She can also have a guided approach
which will help her throughout the process while creating an API.
And then she can give her API name,
she can select the protocols and the media type. And if you
see towards the right hand side, the code has been developed. It's in Ramble,
you can have it in OS or you can edit it in the
ramble, you can download it, you can have it edited in your favorite code editor
as well. And then she can have a base UrI if she
wants. She can basically have everything just without
writing any of the code, and it will be
auto populated. So it could be like get orders.
And if you can see the protocols methods,
updating the get orders, post orders.
And then once she's done developing her API, she can publish it
to exchange. So exchange is basically the repository where
we have the collection of assets and stuff,
publishing to exchange. You can also have a version control where you can
maintain the assets and the API version and the lifecycle
development stage. So while it's publishing to exchange,
let's have a look at the pre existing APIs and see how we can
apply or how we can start maintaining or achieving sustainability
right from the scratch when we are in the governing stage.
So while we are in the design center, I already have a pre existing API
on which I have applied the security schema and stuff, and I'm making sure
that the API governance policies, the best practices has
been applied. So I have already applied the rule set over here,
a security rule set which states that for any point, security,
best practice and also see in file. So it will ensure that all
this thing, the validations and stuff are being taken care. The rule set,
basically it will ensure that the validation practices, the security and the best practices
are taken care. So if my APR, if I have a new developer
who's trying to violate this validation sort of security best practices,
if they're going to miss out something, my API will be giving me out an
error. So in this case I'm actually ensuring that my security best
practices, the validations and everything is applied. It's in the development stage
and I'm not waiting for it till the end or I'm actually saving
lot more iterations as well. So here
you can see some endpoints, so I can actually try out the endpoints
and see how it will look like what kind of response am I going to
get using the endpoint, using the mocking services.
So here you can see I got a validation error,
a bad request because I had not entered the basic authentication.
So let me give some username password and
then send the API which will give me a proper response as I'm,
it's not actually validating the credentials, but it's making sure that
it's kind of mocking it or it's simulating the response and request.
So yeah, that's the beauty of it. You're actually designing an API simulating
it. You're mocking the API, the response and stuff at
the designing case itself. Moving ahead, let's go ahead to
exchange were we can see how we have the templates and how maxi can
actually leverage the templates to speed up a development process.
So in exchange we have large number of templates which are provided by mulesoft.
It could be templates, example policies, different types of APIs and
stuff. You can also use them as a case to speed up youll development
if you don't want to build something from scratch. So let's go to one of
the APIs, a rest APIs and see how everything is documented or
cataloged at one single place. So I have all information
about a particular endpoint just in documenting it. So this basically
gives me all the information I need to know about an API. I may be
a technical or a non technical person, but still I'm able to easily
understand my API. It acts as my API repository
or an API documentation and I have everything at one single place.
You can also download it and share with external users, or you can give them
access and they can also view it on exchange. So basically you're collaborating with
different developers, different team members and bringing them all to view your APIs,
to view your access assets at one place. So this is anypoint
studio and you can actually design your new application using what you have
built the API which you have built, you can import it, you can get your
API scaffolded and design the application. You do not have to write
the entire code from the scratch if you want to connect to different connectors,
different end systems, basically. So you can just drag and drop any of the connector,
whichever process you want to work with and you can configure the connector
using the configuration details and you're good to go.
So this is anypoint platform Mulesoft native studio
which is built on top of eclipse and you can see how easily you
can design or build youll mail application. All you need to do is
you can import your AML and you can scaffold it. If you want to connect
to different end system, you have different connectors which are available. There are
a few here, but you can import a few more from exchange, like whichever end
system you want to connect into. So suppose I want to connect to Salesforce and
I want to need some batch info. I can just drag
and drop the connector and I can configure it using my salesforce credentials
and then I can test some connections and I'm good to go.
I do not write the code for this from the scratch, the code will
be written for me. So it's basically a no code tool. Youll can perform some
complex logical transformation using database as well.
And yeah, you can do a lot more with it without writing
the entire code. You just have to focus on the integration part.
So we have seen how Maxi was able to build her new APIs from the
scratch. She was able to test her endpoints as well using the mocking services,
and then she can build her new application using the endpoint
studio and also publish her assets to exchange, or use the pre existing assets
from exchange to speed up to development time. So we have Dan who's an API
owner, and his main responsibility is to manage all these APIs, to apply
security policies, best practices, to deploy proxies,
to have monitor his application, monitor the performance, approve SLA
contracts as leaders, and to ensure that all
the governance policies, security policies are well in place.
So let's see how we can help can to achieve all of this using
the mules of anypoint platform using the universal API management.
So firstly, can can manage all the APIs using the anypoint Flex
gateway, which is like the fastest gateway. It's fastest
because it's lightweight and it helps you to manage any application, whether it's
non mule mule application non mule deployed anywhere across any
server. So it's actually the combination of the latest technology
combined with the speed. Apart from this, you can actually manage
all the applications API services on the API manager.
You can apply different policies, different security policies, different schemas,
different governance rules. You can monitor the performance of
API using a custom dashboard, or you can use pre
existing dashboards. You can monitor the performance throughput using the
interactive graphs. Apart from this, you can also have
the API governance which makes sure that you're applying the proper rule sets and
standards best practices to your APIs.
So let's head over again to anypoint platform and see how we can help can
to achieve sustainability and how we can achieve scope.
So currently we are in API governance where we'll see how we apply standards
and best practices to our APIs. We can create some new API profile
and we'll make sure we're applying some security best practices or
standards. I can give it any name like security best
practices and then some description of what
it's doing, and then I can apply some rule sets like any
point best practices or whichever rule sets you want to apply basically to your API.
So I'm selecting these two of them, the endpoint best practices and
the security best practices. I can select some tag if I have
applied, I have applied some securing tags to my APIs as well. I can select
which API I want to apply the rule sets and it's giving me
just one API after applying the filter.
And if there is some error, if the API becomes non
confirmed, it's going to send an email to basically the API publisher or
API contact if there's any available going ahead.
Yeah, I have created this profile, so it will ensure.
So if you see the profile it's currently giving me,
let's see what are the results that we are getting. So basically it's a non
conformant. It has passed some of the, it is still evaluating on
the best practices, but it has passed the authentication best practices.
So if can API is conforming to your standard, it will be giving you
green mark, which is like conformance.
If it is not, like, if it is at risk, if it's not conforming
to the best practices of the security standards, it will be giving you a red
non conformant and an alert will be also sent to you.
Yeah, so there is a few of the security rules that are not passed by
my API, which we had seen previously. So that's how it is giving me a
lot. So out of the two, one of them is like it's good,
the other one is not. So if you previously, if you have
used sonar cube, so you must be aware like how you used to apply coding
best practices and standards and then used to get the bugs or severity
issues as well. Severe, not severe, good. Similarly,
you're applying this thing to API at the development stage, which is actually good because
you're preventing further iterations. Let's go ahead to API manager
and see how we can manage our API. API manager
is actually the one place stop where you can actually manage all
your APIs. So I already have an API instance which I've created over
here for my API and I can
apply some policies. Security policies, not necessarily security policies.
I can have different kinds of policies like quality
of service, compliance, transformation, troubleshooting.
So inside I have already applied a basic authentication policy.
I can have IP allow list, block list,
JSON threat protection, JWT policy, call us
and I can apply it to my API. You can see like already the stuff
has been configured. You can see that already everything has been configured.
You can select the algorithm you want to or JWT
key, you can select all the claims and all and you can just apply.
It's that simple to apply a policy to your API and it
not necessarily be a security policy. You can apply some transformation
or troubleshooting or message logging. You can apply some loggers to your
APIs and you don't have to actually make any changes while it's
in the development stage. You can add like whatever
logs you want to be displayed, you can add them as well.
So you can actually debug or troubleshoot your API
while it's still deployed.
You can have some alerts set for your API which will be sending you out
email if there is anything which is going wrong behind the scenes,
if the response time is like if it doesn't timed out, or if the policy
has been violated. So you can create some alerts, you can
group your APIs into different contracts, youll can have different SLA
tiers like I have set one for incoming traffic which will be
like you can create your own slatrs as well. And apart
from this, let's go ahead and see more about the flex gateway which
we discussed. Let's go to runtime manager. So runtime
manager is actually the place where you're going to have all your APIs
or deployed. Okay, I have deployed a few
APIs, deployment fail, deployment. I have deployed basically on cloud app.
So that's how it is. You can actually manage the state of your
API over here, like where it is deployed, how is the state,
the logs and everything associated to an application basically.
So this is a new application which I have deployed on cloud API,
going ahead to a flex gateway which I had mentioned previously, it is the
fastest gateway. So I can actually create a gateway wherein
I can select my os or environment where I want to host the
gateway. And then there are the steps to
deploy to install the gateway. The Flex gateways are also mentioned
and then you can manage your API instance from using the Flex
gateway. And it's fast, as I mentioned before, because it's
lightweight and it's super easy to configure as well.
Going ahead. So we have seen how we can help Dan to achieve his goal
to apply security best practices standards across his APIs, to monitor his
APIs, to apply some governance rule sets, and see if
the API is conformant or not using the API governance. We have
also seen Flexgateware using which we can manage our APIs and application
on different platforms. So moving ahead, we have
Sarah who is an API product manager. Her main responsibility is
to group the APIs to make them adoptable, available across different
communities, both internal and external. So how rare
it is that you have an API which you have to reuse, built for some
different developers and you're doing it without any hiccups?
That's quite rare, right? So we need to ensure that
we are making the APIs more reusable and more easy to reuse
basically. So let's see how we can help Sara to do this.
So Sarah can use API manager to make sure that
we are grouping the APIs rightly, so that if any other new developer
wants to use the API, he or she can basically use the API manager.
You can also document the API, as we have seen previously in our first
demo, using the anypoint exchange. Or you can make them available to
the other developers community or your own internal community
using the anypoint experience hub in the community manager.
So let's head over to anypoint platform and see how we can engage our
developers and different communities in order to adopt our API and increase the
visibility of APIs. So currently we are in exchange and you can see there
are several assets which are already available to provide by Mulesoft,
different policies, temples and all. You can also go to your organization
data and you can have youll organization API which you have already published
as a repository. You can create your own repository as well. You can share it
with the collaborators, both internal external. So I already have an
API which I had deployed, which I have published to exchange,
and I have also provided some documentation endpoints for this API.
So this is how we are going to help Sarah to achieve sustainability
and achieve her goals basically, which are like creating an
API reusable and making sure that it's been adopted.
So we have provided all the documentation resources for API at
one place. We can also see, we can share this API with the collaborators,
we can make it public as well while maintaining
the versions. You can add the teams with whom you want to share the API
with and you're actually making sure
that both technical and non technical persons are able to use these APIs and
they will be knowing basically what the API consists of.
And you are already exposing your pre existing assets which makes them
more reusable. So you can create more customized experiences
in the endpoint experience hub, API experience Hub and the API community manager.
So that will give you a more customized dashboard, a more fancy way
basically of doing collaborating your
API or making them available to the community. So you have seen how we have
helped Sarah to achieve her goal, that is engaging a community, making her API more
adaptable. So we have done this using the anypoint exchange, but you
can do it similarly or with a more personalized customized experience using
the API experience hub or the API community manager.
So I've seen how universal API managing and endpoint platform helps
us to achieve sustainability. We can have our APIs deployed across
using any technology, at any platform, on any cloud, and we can
still manage them under one roof. This has actually accelerated
a speed of development and ensuring that we have higher return on investments.
Apart from that, we also get modern architectures. We can actually deploy or
use any technologies we want and we can still manage them under a single
platform, on a single roof. And as
we are managing all of these things under one roof, we are making sure that
we're gaining consistency, security and reliability.
And we are also able to exchange our APIs. We are able to
collaborate them with the external users or with the community and
thus making sure that the APIs are adoptable. And we are making sure
that were creating a vibrant ecosystems with the help of that.
So with that we have learned how we are able to sustainable, basically,
what was the need for sustainability and how are we able to achieve sustainable
API management using the universal API management.
And on the endpoint platform we have seen the different offerings
for the universal API management and also how to achieve sustainability.
We have seen to the different developer personas and throughout the EPA
lifecycle how we can achieve sustainability under one roof.
So moving ahead, like what are the next steps? You can join Mulesoft
community and you can participate in different initiatives. You can
learn more from Mulesoft community. You can watch us live on Twitch every
Thursdays and you can also join endpoint platform for free,
the 30 days free trial account. You can try out all of
these resources and the components capabilities which
I've shown you today as well, for free for 30 days.
And yeah, if you guys have any question, you can reach out to me directly
or you can can this QR code. I would be happy to connect with you
all over LinkedIn and Twitter as well. And with that,
thank you so much for joining us today.