Download as pdf or txt
Download as pdf or txt
You are on page 1of 56

Introduction to IBM API Management

and What’s New

Laura (Olson) Heritage,
Product Manager – API Management
Twitter: @ibmapimgt and @heritagelaura

Session :1416 © 2013 IBM Corporation

Please Note
IBM’s statements regarding its plans, directions, and intent are subject to change
or withdrawal without notice at IBM’s sole discretion.
Information regarding potential future products is intended to outline our general
product direction and it should not be relied on in making a purchasing decision.
The information mentioned regarding potential future products is not a
commitment, promise, or legal obligation to deliver any material, code or
functionality. Information about potential future products may not be incorporated
into any contract. The development, release, and timing of any future features or
functionality described for our products remains at our sole discretion.
Performance is based on measurements and projections using standard IBM
benchmarks in a controlled environment. The actual throughput or performance
that any user will experience will vary depending upon many factors, including
considerations such as the amount of multiprogramming in the user’s job stream,
the I/O configuration, the storage configuration, and the workload processed.
Therefore, no assurance can be given that an individual user will achieve results
similar to those stated here.

2 © 2013 IBM Corporation

• Why API Management Is Import
• Setting the Stage for API Management
• IBM API Management Solution Overview
• Demonstration

3 © 2013 IBM Corporation

• Why API Management Is Import
• Setting the Stage for API Management
• IBM API Management Solution Overview
• Demonstration

4 © 2013 IBM Corporation

Businesses are evolving

Not having an API today is like not

having a website in the 1990s…
stores (800) ###s web sites

Internet Connected
TVs Cars Consumers expect to access data
any time across multiple devices

Companies can re-invent

Partners Tablet
interactions with customers,
suppliers & partners

Explosion of potential clients

increases opportunity, risk and
Appliances Consoles innovation

Millions Trillions
~1999 - 2000 2013 →

5 © 2013 IBM Corporation

The Business of APIs

“$7bn worth of items on eBay through APIs”

Mark Carges (Ebay CTO)

The API which has easily 10 times more traffic then the
website, has been really very important to us.”
Biz Stone (Co-founder, Twitter)

Grow revenues…

… While reducing overhead

“The adoption of Amazon’s Web services is
currently driving more network activity then
everything Amazon does through their
traditional web sites.”
Jeff Bar (Amazon evangelist) / Dion Hinchcliffe

6 © 2013 IBM Corporation

Apps, APIs and API Mgmt…

New business opportunities
• New markets
• Increase customers
• Enhance branding Consumers
• Competitive advantage

Extend development team

•Increase innovation Business strategy
•Increase scale
Partner/supplier • Security
alignment • Creation
• Scalability

Operational control
• Publish
• Analyze
• Monitor
7 © 2013 IBM Corporation
APIs are Emerging Across All Industries

Energy and Government Healthcare Transportation Retail


Banking Insurance Telco Electronics


8 © 2013 IBM Corporation

• Why API Management Is Import
• Setting the Stage for API Management
• IBM API Management Solution Overview
• Demonstration

9 © 2013 IBM Corporation

Companies Need to Become an Engaging Enterprise

• Business Users want to

engage Customers in new
• They need to Externalize the

• They need to get Apps in front

of these Customers
Business User

Customer • Apps need APIs that

Externalize the Enterprise

• App Developers use APIs

• App Developers are now

External to the Enterprise

The Platform App Developer • IT Guys need to secure, scale

and support the externalized

Enterprises wants to tap into • Business Users and IT Guys

innovation from a large needs Insights so they can
community of developers, not respond to business needs
just developers they employ
10 © 2013 IBM Corporation

SOA Principles are at the Core of the Engaging

Mobile, Cloud,
Big Data

Web, e-business
and SOA


Mainframe, IMS WebSphere, New Era Platforms

and CICS Information Management
1960- 1990- 2010-

11 © 2013 IBM Corporation

Performance and scalability are table stakes

• High Scalability – will your API handle un-expected load?

• Secure – is it secure for common attacks?

12 © 2013 IBM Corporation

Lessons learned

• Business driven, IT owned

Design from the outside-in, not inside-out
More than a security gateway
New question everyday: strong analytics is a must

• Design for rapid change

Rapid development, independently from core systems
Minimize coding
Manage the asset, not the code

• Move quickly, think strategically

Easy to create, hard to retire
Where are your developers?
Create your own practice

13 © 2013 IBM Corporation

Success Requires Addressing Needs of Multiple Stakeholders

Business User
• How can I rapidly release &
update my APIs?
• How do I publicize my API?
• How do I measure success?

App Developer IT Operations

• Where do I access APIs? • How do I assemble APIs?
• How do I understand the APIs? • How do I manage security?
• How do I measure success? • How will my infrastructure scale?
• How do I measure performance?

14 © 2013 IBM Corporation

A Little More Info on the Types Of API Exposures

Public, Open-To- Protected, Open- Private, Open-To-

All APIs To-Partner APIs Employee APIs

• APIs are open to any developer • APIs are open to select • APIs are exposed only to
who wants to sign up business partners existing developers within the
• Apps are more targeted • Apps could be targeted at end
towards end consumers consumers or business users • Apps are usually targeted at
employees of the enterprise
• The business driver is to • The business driver is usually
engage customers through different, based on the data and • The business driver is more
external developers type of business of the around productivity of
enterprise employees

15 © 2013 IBM Corporation

User Roles Defined AGAIN

Steve is the API Product Manager

Jane is the technical user who creates and manages the APIs from and
IT Operations perspective

Will has the operations roles and is responsible for administration the
systems environments

Joe is the app developer who maybe outside the enterprise or inside the
enterprise. He is the consumer of the APIs

16 © 2013 IBM Corporation

• Why API Management Is Import
• Setting the Stage for API Management
• IBM API Management Solution Overview
• Demonstration

17 © 2013 IBM Corporation

Extend Your Services Beyond Your Enterprise
IBM API Management v2.0
• A single, comprehensive solution to create,
socialize, and manage APIs Connectivity & Integration

 Grow your business by entering the fastest

growing channel of APIs quickly.
 Increase speed of innovation by sourcing all
types of developers internally and externally.
 Connect to business partners in a matter of
days not months.

 What’s new:
– New On-Premise API Management
– Ability to edit an API implementation while its
running and then reactivate to push changes
– First class support for creating new REST APIs
from SOAP based services Reach new markets
– Support Standard Security Mechanisms for API
Management such as Oauth and Basic Auth Engage with partners,
– Enhanced operational metrics customers, and employees
– Can leverage existing DataPower XI52s or XG45s
Innovate faster
18 © 2013 IBM Corporation
Now Available In the Cloud and On-premise

In the cloud 2 On-premise

Power by IBM DataPower gateway appliances, the industry

leading security & integration gateway appliance

19 © 2013 IBM Corporation


Introducing IBM API Management: “A Complete API

Management Solution”

4 Create, assemble
and define an API
Manage growth &
analyze results

Share with

Secure & scale

the API

20 © 2013 IBM Corporation

User Roles Defined AGAIN

Steve is the API Product Manager

Jane is the technical user who creates and manages the APIs from and
IT Operations perspective

Will has the operations roles and is responsible for administration the
systems environments

Joe is the app developer who maybe outside the enterprise or inside the
enterprise. He is the consumer of the APIs

21 © 2013 IBM Corporation

Create & Secure… Simple interface accelerates
iterative development and deployment of APIs

• Intuitively and iteratively define APIs

and associated policies
• Rapidly assemble APIs via configuration-
not coding
• Minimize risk with industry leading
security & scalability

22 © 2013 IBM Corporation

Iteratively Create and Expose APIs through Single
Simple User Interface Reduces the time and skill needed to
create and manage APIs :
• Assemble the API through configuration

• Establish entitlement in order to meter API

Version Define usage

• Define and Apply Security to the API through an

Scale Assemble intuitive configuration UI

• Test and Debug an API through embedded tools

API Developer
Meter • Monitor the API through operational analytics in
order to spot issues before they occur

Test & Debug Secure • Scale the API through configurable caching

• Copy an APIs configuration to create new

versions or a similar API

• Snapshot versions of the APIs configuration for

embedded and controlled change management
23 © 2013 IBM Corporation
23 IBM Confidential – Shared under NDA
Easily Define APIs

• Define the API you wish to expose

• Then configure the API by
proxying an existing REST API or
assemble a new API
• Provide examples of the request
and response messages, headers
and parameters

24 © 2013 IBM Corporation

Assemble New APIs Through Configuration

• Connect to one or more

‒ DB2
‒ SQL Server
‒ Oracle

• Drag and connect linking

the request and response
• Transform the message
elements with a click

25 © 2013 IBM Corporation

Meter through API Entitlements

Specify Entitlement:
• Limit based on number of
• Per period of time
• Specify requirements for App
Key, and Secrets
• Specify an request approval is
needed to use this entitlement

Management of Entitlements:
• Create an Entitlement once and reuse across several APIs
• Apply entitlement at API and method (get, put, post,delete) levels
• Easily change existing entitlements and activate the changes
• View which APIs the Entitlements are applied to.

26 © 2013 IBM Corporation

Secure with Industry Leading Technology

Basic Auth Support

• Authentication URL

27 © 2013 IBM Corporation

Secure with Industry Leading Technology

• Configure your
LDAP Server inline
or globally and
reuse configuration
• See which APIs are
leveraging the LDAP

28 © 2013 IBM Corporation

Secure with Industry Leading Technology

Simplified OAuth 2.0

through a Configuration
• Configure an Oauth
Profile that can be
applied to the APIs
• View APIs which
leverage the OAuth

29 © 2013 IBM Corporation

Test APIs Without Leaving the Management Center

• Get instant feedback on the API

30 © 2013 IBM Corporation


Debug an Assembly and Supply Custom Error


 Inspect request, assembly

and response messages
 Define custom error

31 © 2013 IBM Corporation

Monitor Your APIs to Ensure You Meet the
QofS You Defined in Your Entitlements

• Pinpoint fluctuations
• Details of the Response
time of each API
• Number of Call Received
• Export the Analytics

32 © 2013 IBM Corporation

Scale at the Click of a Button

• Improve your APIs response time with

configurable response caching

API Requests

33 © 2013 IBM Corporation

Version and Snapshot for Simplified Management

• Edit an API
configuration while the
API is actively running
• Push minor changes out
to consumer with out
large disruptions
• Version the API
• Revert prior version
• Create a duplicate of the
API for a major version
change or to create a
similar API

34 © 2013 IBM Corporation

Multi-Tenant Solution with Ability Promote APIs To
Various Environments

• Promote API
Tenant 1 Tenant 2 definitions to various
environments or
tenants through

Tenant 1

• Ability to substitute
new values for
Tenant 1 properties on import

35 © 2013 IBM Corporation

User Roles Defined AGAIN

Steve is the API Product Manager

Jane is the technical user who creates and manages the APIs from and
IT Operations perspective

Will has the operations roles and is responsible for administration the
systems environments

Joe is the app developer who maybe outside the enterprise or inside the
enterprise. He is the consumer of the APIs

36 © 2013 IBM Corporation

Socialize... Expose your APIs through a Branded
Developer Portal

• Branded to your company look and feel through configuration

• Quick exploration of API
• Easy developer sign ups
• Features apps built by the developers
• Hooks into social communities
• Enables developers to manage their applications

3737 © 2013 IBM Corporation


APIs need Socialization to Drive Adoption Beyond

Individual Portals
Socialization Through The
Millions of Developers In
to and collaboration with millions
of users to drive adoption of APIs
Breadth & depth of dW audience


developerWorks by the numbers

7 local language
4 million 1 million 40,000 sites account for 34
unique visitors registered users
resources in dW 33% traffic industry
a month technical library awards

38 © 2013 IBM Corporation
User Roles Defined AGAIN

Steve is the API Product Manager

Jane is the technical user who creates and manages the APIs from and
IT Operations perspective

Will has the operations roles and is responsible for administration the
systems environments

Joe is the app developer who maybe outside the enterprise or inside the
enterprise. He is the consumer of the APIs

39 © 2013 IBM Corporation


Manage API’s with Business Controls

Manage External Experience

• Self documenting APIs
• Ability to add samples and
• Control Visibility Of APIs

Manage API Entitlement Manage Developers

• Define entitlement criteria • Approve entitlement
• Assign Entitlements to APIs requests
and Resources • Send email
• Block a developer
• View usage

40 © 2013 IBM Corporation

Manage the APIs with Business Insight through
Pinpoint key market fluctuations and find
correlations related to your business
• Business Analytics for both API provider and
application developer:
• Top traffic producing API ,
• Top APP producing traffic
• GeoLocation of the traffic
• Structured Filtered Search across analytics for
• country:USA, color:red
• Saved Searches and Filters for easy and
consistent retrieval
• Billing for API consumption by developers
• Export as CVS files for audit trails

4141 © 2013 IBM Corporation

User Roles Defined AGAIN

Steve is the API Product Manager

Jane is the technical user who creates and manages the APIs from and
IT Operations perspective

Will has the operations roles and is responsible for administration the
systems environments

Joe is the app developer who maybe outside the enterprise or inside the
enterprise. He is the consumer of the APIs

42 © 2013 IBM Corporation

An Environment Console for Easy Management

• Easily configure and scale

your API Management
environment with the new
Environment Console
• Create and manage the
environment’s tenants

43 © 2013 IBM Corporation

Key capabilities in IBM API Management solution
Industry best security and integration in one solution
• Based on IBM market leading DataPower gateway
• Available as a service, providing risk free, full featured, no hassle 90 day trial
• Sign in and begin deploying APIs in less than 5 minute

Configuration, no coding
• Create and deploy a new API in just minutes
• Create a developer portal in minutes, and socialize your APIs to over 1 million developers
• ROI in a matter of days instead of months and years

Out of the box business analytics and operation insight

• Ability to pinpoint key market fluctuations and find correlations related to your business
• Drill down debug inspections of request and response messages reduce the time to
problem determine of orchestrated APIs in production and development time .

Support for continuous iterative development

• Provide updates to the APIs with minimal to no interruption to your
• Test out minor fixes and push to production in matter of minutes
• Revert to a previous snap shot to restore last know good API
configuration at the touch of a button
44 © 2013 IBM Corporation

IBM API Management Provides Agility to Your

Enterprise Opening New Channels
IBM API Management
• Analytic Business • Lower Development
Insight Across All Cost through simple
Channels assemble
• Consistency of • Saves time with reuse
experience for of API
customer and • Control API Usage

Leverages API to build Leverages API across all
company and customer websites and
Mobile Application application

Leverages API to
Build New Business
and Partnerships

Company Web Sites

and Applications


45 © 2013 IBM Corporation
Leveraging your existing IBM DataPower and Cast Iron Investments

IBM API Management

Secure, Control, & Create, Manage, Create

Optimized Socialize (Assemble)

1 Solution, 1 Pane of Glass © 2013 IBM Corporation
Leveraging your existing IBM DataPower and Cast Iron Investments

IBM API Management

Secure, Control, Create, Manage, Create

Optimize Socialize (Assemble)

XG45(With DIM) or IBM API Management Cast Iron Standard Edition
XI50/B,XI52 and the AO • 2 Hypervisor Installs • OPTIONAL component
•Physical or HVE
REQUIRED components
•Purchase new or re-use
• Physical or VE
existing appliances
•Purchase new or re-use
existing appliances
47 © 2013 IBM Corporation
Expanding your Enterprise to new heights
IBM Offering - API Centric Architecture Assessment Roadmap

The API Centric Assessment and Connectivity & Integration

Roadmap offering is a
prescriptive analysis for both
Business and IT, which guides The API Economy
Value-added Solutions
and helps determine the
Social Commerce Mobile
deployment and management of



an API Centric Architecture to Bank

determine the API roadmap for Enterprise

enterprises, in support of their Loyalty

business objectives. Telco


What’s New?

Capabilities API API

Services Pattern
– A methodical process of evaluating the existing
API Centric Architecture of an organization Retail Payment

– An assessment approach to determine the Enterprise

Capabilities API
alignment of existing API strategy with the
business strategy, objectives, and needs along
API Service
Throttling Monitoring
with the technical architecture & capabilities Management
API-Catalog Governance
– Deliverables
1. An API Architecture Baseline Assessment
2. An API Management and Governance Model
Driving market demands and
3. API Capabilities (Current & Future) challenges in deploying a
4. API Transition Plan
5. Executive Briefing Package
strategy and roadmap for API
Economy © 2013 IBM Corporation
IBM Confidential until April 24, 2012
Extend Your Services Beyond Your Enterprise
IBM Software Services for API Management
Connectivity & Integration
 Get API management operational and make APIs
available rapidly
 Learn and apply best practice for API design and
 Ensure your APIs are well secured, managed, and
 Educate your team on APIs and API management
New Software Services:
Our practitioners will work collaboratively with you to
– Install, configure, test, and validate IBM API
Management environments and ensure production
– Design, expose, manage, secure, and analyze your
Get API Management
– Assemble new APIs from existing resources operational rapidly while ensuring
– Construct your developer portal and socialize your APIs best practices are applied
– Transfer API management expertise to your team

49 IBM Confidential until April 24, 2013 © 2013 IBM Corporation


Expanding to APIs – IBM Services

has the Expertise to Ensure Your Success
• What should my API Strategy be? API Centric
• How are APIs being used in my industry?
• What is needed to expose and manage APIs? Architecture
• What security do I need? Assessment
• Who are my target developers? Roadmap
• How do I delivery and measure business value?

• How do I get IBM API Management setup quickly?

• Help me design my APIs? IBM Software
• How do I expose my backends as APIs? Services for
• Help me secure and scale my APIs? API
• How do I deliver reports to my management? Management
• How do I integrate with existing infrastructure?

50 © 2013 IBM Corporation


Get Started In the Cloud Today

90 Day Free No Hassle Trial

51 © 2013 IBM Corporation

• Why API Management Is Import
• Setting the Stage for API Management
• IBM API Management Solution Overview
• Demonstration

52 © 2013 IBM Corporation

IBM API Management Demonstration

Business IT Developer

Manage & Analyze Analyze

Create & Secure Socialize Sign-Up Access, Test

53 © 2013 IBM Corporation

Key API Management Sessions at IMPACT
• 1416 Introduction to IBM API Mgmt & What's New
‒ Mon 1:00 ; Lando 4301B
‒ Thu 1:00 ; Marcello 4401A
• 2678 Introduction to Web APIs
‒ Mon 2:30 ; Lando 4305
‒ Tue 5:15 ; Lando 4305
• 2763 Extending Enterprise Integration with IBM API Mgmt
‒ Mon 4:00 ; Lando 4305
• 2372 Recommended Practices for Designing a Web API
‒ Tue 4:00 ; Lando 4305
• 1411 Defining Your Business Strategy for APIs
‒ Tue 2:30 ; Lando 4305
• 1576 SOA & APIs
‒ Tue 10:15 ; Palazzo P
• 2731 API Management Security
‒ Tue 10:15 ; Lando 4305
• 1500 Hands-On Lab: Building a Web API Management Solution with Cast
Iron Web API
Tue 8:30 -11:15 ; Murano 3303

54 © 2013 IBM Corporation

© 2013 IBM Corporation
Legal Disclaimer

• © IBM Corporation 2013. All Rights Reserved.

• The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained
in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are
subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing
contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and
conditions of the applicable license agreement governing the use of IBM software.
• References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or
capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to
future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by
you will result in any specific sales, revenue growth or other results.
• If the text contains performance statistics or references to benchmarks, insert the following language; otherwise delete:
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will
experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage
configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
• If the text includes any customer examples, please confirm we have prior written approval from such customer and insert the following language; otherwise delete:
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs
and performance characteristics may vary by customer.
• Please review text for proper trademark attribution of IBM products. At first use, each product name must be the full name and include appropriate trademark symbols (e.g., IBM
Lotus® Sametime® Unyte™). Subsequent references can drop “IBM” but should include the proper branding (e.g., Lotus Sametime Gateway, or WebSphere Application Server).
Please refer to for guidance on which trademarks require the ® or ™ symbol. Do not use abbreviations for IBM product names in your
presentation. All product names must be used as adjectives rather than nouns. Please list all of the trademarks that you use in your presentation as follows; delete any not included in
your presentation. IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, Quickr, Sametime, WebSphere, UC2, PartnerWorld and Lotusphere are trademarks of International
Business Machines Corporation in the United States, other countries, or both. Unyte is a trademark of WebDialogs, Inc., in the United States, other countries, or both.
• If you reference Adobe® in the text, please mark the first use and include the following; otherwise delete:
Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries.
• If you reference Java™ in the text, please mark the first use and include the following; otherwise delete:
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
• If you reference Microsoft® and/or Windows® in the text, please mark the first use and include the following, as applicable; otherwise delete:
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.
• If you reference Intel® and/or any of the following Intel products in the text, please mark the first use and include those that you use as follows; otherwise delete:
Intel, Intel Centrino, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and
other countries.
• If you reference UNIX® in the text, please mark the first use and include the following; otherwise delete:
UNIX is a registered trademark of The Open Group in the United States and other countries.
• If you reference Linux® in your presentation, please mark the first use and include the following; otherwise delete:
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of
• If the text/graphics include screenshots, no actual IBM employee names may be used (even your own), if your screenshots include fictitious company names (e.g., Renovations, Zeta
Bank, Acme) please update and insert the following; otherwise delete: All references to [insert fictitious company name] refer to a fictitious company and are used for illustration
purposes only.

56 © 2013 IBM Corporation

You might also like