Upload
others
View
45
Download
0
Embed Size (px)
Citation preview
INTERNAL
Sven Huberti, Senior Solution Specialist
SAP API ManagementTechnical Presentation
2INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Agenda
Topic SlideOverview 3Personas 6Features and Functions 9Components 19Architecture 29Additional Information 38
Overview
4INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP Cloud PlatformAPI ManagementSAP Cloud Platform API management provides simple, scalable and secure access to digital assets through applicationprogramming interfaces (APIs) and enables developer communities to consume these.
Key capabilitiesü Unified standards-based API access of REST/OData or SOAP
services
ü Enterprise Grade Security for the APIs against attacks like DoS,CSRF, XSS etc. and robust traffic management
ü Real-time insights & analytics on the APIs traffic, usage, errorreporting and monitoring
ü Developer services to enable developers to try, subscribe, useand manage API consumption
Benefitsü Platform for engaging with and enabling employees and
developers - internal and external
Read more: SAP Cloud Platform API management
5INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API ManagementTypical use cases
1. Enterprise-wide governance andsecurity for REST APIs
2. Omni-channel experience forcustomers and employees
3. Low-touch Open Integrations withpartners, suppliers andmarketplaces
Partners Customers
Backends
API Management
6INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
§ Best of breed engine with streamlined admin anddeveloper experience in SAP Cloud Platform
§ Increased productivity with to OData
§ Agnostic REST/OData or SOAP services management
§ Enterprise Grade Security for the APIs against attackslike DoS, CSRF, XSS etc. and robust traffic management
§ Secure connection to on-premise systems with Cloudconnector
§ Integration with SAP Cloud Platform services such asSAP API Business Hub, mobile service, WebIDE,Leonardo IoT etc.
§ Platform for engaging with, and enabling employees anddevelopers – internal and external
§ Real-time insights & analytics on the APIs traffic, usage,error reporting and monitoring
Read more: SAP Cloud Platform, API management
Highlights
Personas and interactions
8INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Personas and interactions
Cloud Service
Database
Backend
Design, Implement
Manage, Meter, Monetize
Engage
Apps ( Mobile, Web,Devices…)
Consume
SOAP/REST/OData APIs,Microservices,
Data Integration,
SAP APIManagement
API Designer
API Portal
API Gateway
Developer Portal
Application Developer
API Admin, Owner
API Developer
9INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
ContentPublishers
Design Implement Manage Analyze andMonetize Engage
API Designer
Design easy touse APIs
API Portal
Secure, govern, document and publish APIsAnalyze and gain insights
App Services
IntegrationService
PersistenceServices
MessagingService
Implement highly scalable APIs andmicroservices using platform services
Developer PortalSearch, discover, test and subscribe to the right APIs
API Business HubMarketplace for enterprise APIs
Apps and digital interactionspowered by APIs
On-premises | SaaS apps | PaaS
APIs as digitalbuilding blocks
API Gateway
On-premisesmiddleware
MobileServices
WebIDE
CloudConnector
Full lifecycle API Management with SAP
Mobile apps Marketplaces Partners Devices and Things
Devices and ThingsData Processes
APITeam
AppDevelopers
Backends
AppDevelopers
API ProductManager
API Developer
Features and functions
11INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
- OpenAPI support
- Import your APIs from:- RAML- Odata
- Generate Server Stubs- NodeJS- JAX-RS- Spring
- Generate API in API Management
API Portal: API Designer
Design-first approach
12INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Portal: Proxies
API Implementation
Host: myserverPort: 443URL: /myTechnicalAPI
GET/PUT/POST/DEL
API Proxy
Host: mydomain.comPort: 80URL: /v1/myAPIs/
GET/PUT
SAP APIManagementBackend
Mobile apps
Marketplaces
Partners
Hide internal information and add specific behavior
13INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Portal: configure the runtime of the API
TrafficManagement
API mediation
Coding
Security
14INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Portal: re-use configurations through templates
Package and reuse existing policy sets
Policy Templates
Custom Template
System Template
Functional TemplatePolicy 1 Policy 2 Policy 3
Template
API Proxy
Policy 1 Policy 2 Policy 3
Policy 1 Policy 2 Policy 3
Policy 1 Policy 2 Policy 3 Policy 4
API Business Hub
Customer Tenant
Copy
15INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Portal: Security on all levels
Threat protection
Authenticationand authorization
Role-basedaccess control
16INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Developerself-registration API Subscription
API Portal – Developer Portal: publish APIs
Documentationand testing
SecureBundlePublish
Self-registerBrowseTestSubscribe
Developer Portal
API Owner Developer
17INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Track developer and application API usage through the API Key
API Portal – Developer Portal: integrated API key
API Key VerificationApplication and Developer Identification
3ApplicationDeployment2API Key
Generation1
ApplicationDeveloper
3rd partybackend
WebApps
MobileDevices
Systems
SAP
Cloud
DeveloperPortal
API Portal
API Gateway
4 Aggregate and presentanalytical data
API ProductAdmin
API ProductManager
18INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Portal: Analytics
Technical Analysis API Program Analysis Custom Dashboards
19INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Management: Monetize
Create flexible rate plans Provide billing to API users
20INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
1. Custom TemplatesRe-use enterprise-wide API patterns: centralize governance.
2. Pre-defined Policy TemplatesTypical operations such as data filtering, CORS, SQL ThreatProtection, URL Masking, error handling, quota, … are available out-of-the-box from SAP: speed-up configuration.
3. Interpretation of OData metadataOData metadata interpreted in SAP API Management (Resources,Documentation, …): speed-up documentation and reduce errors.
4. SAP API Management APIsAccess artifacts and analytical information of SAP API Managementthrough APIs: automate operations and integration intomonitoring tools.
Additional features
21INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
1. SAP Gateway Hub supportThrough the „Discovery“ feature: automatic creation of APIs includingdocumentation and resources for SAP backend integration: reduceimplementation time and errors.
2. OpenAPI (fka. Swagger) supportAll SAP APIs are available in the API Business Hub as OpenAPIartifacts and API proxies can be created from OpenAPI defintion files:re-use your assets to speed up your API project.
3. CloudFoundry supportAutomatic binding of Cloud Foundry applications to API management,generation of stubs from the API Designer to be deployed directly inCF: centrally manage your APIs from any platform
4. WebIDE supportDiscovery and usage of APIs from the Developer Portal in WebIDE:simplify your Developer‘s work.
A platform approach: integration into SCP
Components
23INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Management: Personas and Components
SAP Cloud PlatformMicroservices API Third Party API SAP Backend /
Gateway APIDesigns, Implements and Deploys APIs
API ProxyDefines abstraction of APIs
Defines API behavior API Proxy API Proxy
API ProductGroups APIs into Products
Analyses usage API Product
Application
API ProductAdmin
Explores and subscribes to APIsBuilds Applications
API ProvidersDefines connectivity to Target system
Subscribe
Bundle
APIDeveloper
ApplicationDevelopers
API ProductManager
Developer Portal
API Portal
API Designer
24INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – API Portal
SAP API Management Portal is the main entry-point for the API Builder / API Owner. From here theAPI Owner can:
Ø Create and manage API Providers
Ø Create and manage API Proxies
Ø Create and manage Products
Ø Analyze the usage of APIs
Ø Create and manage rate plans
25INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – API Portal – API Provider
- Logical representation of a backend
- Not mandatory
- Simplifies management (eg. transport)
- Simplifies discovery
Syst
em
26INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – API Portal – API Proxies
- Facade of an existing REST API or SOAPservice
- API Proxy allows for:- Hiding internal implementation information- Versioning- Security, Traffic Management, Transformation- Documentation- Usage analytics- Technical analytics
Syst
em API
Prox
yAP
IPr
oxy
27INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – API Portal – API Proxies - Policies
Syst
em API
Prox
yAP
IPr
oxy
- Pre-defined, configurable behavior
- Used in the Policy Editor, and positioned onthe request or response
- Preconfigured for:- Security- Traffic Management- Message transformation- Caching
- Coding can be added through Java Script
Policy
Policy
Policy
Policy
28INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
- Bundle of policies that can be re-used
- Can be created and managed individually
- Can be re-used from the SAP APIBusiness Hub
SAP API Management Platform – API Portal – Policy Templates
Syst
em API
Prox
yAP
IPr
oxy
Policy
Policy
29INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Product
SAP API Management Platform – API Portal – Product
- Logical bundle of APIs
- Can be configured with Quota:- Premium Product with ilimited use- Standard Product with 1000 API Calls/Month
- Developers subscribe to API Products in theDeveloper Portal
Syst
em API
Prox
yAP
IPr
oxy
Policy
Policy
Policy
Policy
30INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API ProductAPI Product
SAP API Management Platform – API Portal – Rate Plan
Syst
em API
Prox
yAP
IPr
oxy
Policy
Policy
Policy
Policy
Rate PlanRate Plan- Defines charging of API usage
- Basic: Basic charge + X€ per API Call- Tiered: Basic charge + X€ per Y API Calls
- Is attached to one ore more API products
- API Admin and Developers can see their bills
31INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
API Portal: Monetize
SAP Cloud PlatformMicroservices API Third Party API
SAP Backend /Gateway API
API Proxy API Proxy API Proxy
API Product
Creates Rate Plans for Monetization
API Product
Application
Subscribes to the Rate Plan and ProductSees billing information
Rate Plans
Application
APIAnalytics
Views API Usage Analytics
Views Performance/Error Analytics
API Providers
API ProductAdmin
ApplicationDevelopers
API ProductManager
Developer Portal
API Portal
API Designer
32INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – Developer Portal
- main entry-point for the application developer
- Developers self-register and can:- Discover available products and the API Proxies
which are included,- Test APIs online,- Subscribe to an API product by creating an
Application (a represenation of the „real“application which he will develop),
- Manage his API keys.
33INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – Developer Portal – Application
- Applications represent an API consumer
- Applications can be Apps, Web applications, …:it is not relevant.
- Upon subscription, an API key is created
API Product
Syst
em API
Prox
yAP
IPr
oxy
Policy
Policy
Policy
Policy Appl
icat
ion
34INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management Platform – Developer Portal – App Key
- Each Application is tied to a Developer throughan API Key: the API key identifies theApplication, and is used primarily for analytics
- It is a best-practice to use API keys
- API keys are managed by the ApplicationDevelopers
- API Key is not a security feature!
API Product
Syst
em API
Prox
yAP
IPr
oxy
Policy
Policy
Policy
Policy Appl
icat
ion
35INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Concepts of API Platform for SAP API Management
SAP APIManagement
Account
User Developer
API Provider API Proxy
App Key
Application
1
*
11
1
11
1
1
1
*
*
*
*
**
*
11
1 *Product Rate Plan*
Architecture
37INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management – High-Level Architecture
SOAServices
Backend Backend
API
APIGateway
Backend Backend
Adapter
API API
SOA“API EXPOSURE”
(EG. SAP PO – SAP CP INTEGRATION)
API MANAGEMENT“API CONSUMPTION”
WebService
DeveloperPortal
Mobile apps Marketplaces Partners App Developers
Security MediationTrafficManagement AnalyticsCaching Monetize Developer
Engagement
38INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
High-Level Architecture in an SAP Ecosystem
SAP CP
On-Premises
Partner Systems / Web Applications / Apps
REST APIs
Hana DB
APIs
HTTP/RFC
Backend – noWS/API
Backend – noWS/API
SOA
WS/APIs
Adapter
Custom Custom
Third-partywith WS/API
WS/API
SAP SAP
SAP Gateway Hub
APIs
IWBEP IWBEP
API Management
OdataProvisioning
SAP
IWBEP
SAP Cloud Connector
Security MediationTrafficManagement
AnalyticsCaching DeveloperEngagement
Monetize
39INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Fiori apps with SAP API Management and Gateway – Web IDE Integrations
INTERNET ON-PREMISE
End user Cloud Connector
or Business Suite
API Management
SAPGateway
Firewall
Fiori Apps
Corporate Identity Provider
SAP Web IDE
Discover APIs
Secure tunnel
Build
ApplicationDeveloper
40INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
SAP API Management and On Premise connectivity
INTERNET ON-PREMISE
Cloud Connector
or Business Suite
API Management
SAPGateway
Firewall
Corporate Identity Provider
Secure tunnel
SAP ProcessIntegration
3rd PartyWeb
Services
3rd Party Datasources
Fiori
Desktop
Mobile
End user
Additional information
47INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Functions Process Integration API ManagementData Mapping Complex data mapping Limited
Process Orchestration Exhaustive features, support for EAIpatterns, persistence
Request-Reply pattern, Mash-Upcapabilities
Adapters and Connectors Exhaustive list SOAP and APIs over HTTPScalability Good Built from ground up for high
throughput and low latencyAuthentication SAML, Certificates SAML, OAuth
Security WS-Security, Encryption, Decryption,Signature
JSON and XML threat-protection,RegEx threat protection
Message formats Exhaustive list No specific message type, focus onXML and JSON
Developer Portal No Self-service Portal with API catalogcapabilities
Traffic Management No Exhaustive features
One Platform for Process Integration and API ManagementBoth covered in SAP Cloud Platform Integration
48INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Integration Styles and Patterns
Integration Domains
Technology Mapping
https://blogs.sap.com/2016/03/04/int203-integration-solution-advisor-methodology-isa-m-sap-teched-lecture-of-the-week/
Integration? Integration Solution Advisor - Methodology
49INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
CIO GuideSAP’s Vision for Integrating SAP Applications in Cloud & Hybrid Environments
§ Outlines SAP’s long-term integration strategy
§ Focus on scenarios in the cloud and in hybridenvironments
§ Technology Recommendations§ Process Integration§ Data Integration
§ Outlook & future strategy including applicationdesign and integration technology
Published at SAPPHIRE (May 2017)
50INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
Try it out on SAP Cloud Platform Trial!https://blogs.sap.com/2016/02/10/how-to-use-sap-api-management-on-hcp-trial/
Enterprise Architecture Explorer:https://eaexplorer.hana.ondemand.com/_item.html?id=11470#!/overview
Sap.com:https://www.sap.com/germany/product/technology-platform/api-management.html
Blogs:https://blogs.sap.com/tags/67838200100800006828/
More information…
51INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀPublic
FAST3 days hands-on, onsite training workshop to kick-off
RELEVANTGet a comprensive overview over API Management
PRACTICIALActively work on customer use cases and APIs hands-on
Jump Start Service Package for SAP API Management
Service Category Description Amount Price per Day SUM
G3 Design Service, Education Service 6 1.625,40 EUR 9.752,40 EUR
Thank you! Sven [email protected]