Upgrade to Pro — share decks privately, control downloads, hide ads and more …

apidays Australia 2023 - Unlocking The Power: T...

apidays
October 18, 2023

apidays Australia 2023 - Unlocking The Power: The Importance Of API Registration, David Manolitsa, Marlo

apidays Australia 2023 - Platforms, Products, and People: The Power of APIs
October 11 & 12, 2023
https://www.apidays.global/australia/

Unlocking The Power: The Importance Of API Registration
David Manolitsas, Software Developer at Marlo

------

Check out our conferences at https://www.apidays.global/

Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8

Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io

Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/

apidays

October 18, 2023
Tweet

More Decks by apidays

Other Decks in Programming

Transcript

  1. "How do I manage API registration across the organization?" "How

    can I apply API governance across an API portfolio?"
  2. Why API Registration? Automate onboarding Verify business and team API

    standards Ensure consistent and repeatable deployments Manage environment workflows
  3. Open API Specification Derive information from Open API Specification (OAS)

    to automate API registration Generate gateway configuration Publish OAS to a target API portal
  4. OpenAPI Extensions Define generic config as an OpenAPI extension Enable

    developers to utilize gateway features Enhance APIs based on a services requirements
  5. Extensions Capabilities Define gateway features in the OAS Configuration is

    gateway agnostic Map generic config to gateway specific configuration
  6. Extensions Capabilities Define gateway features in the OAS Configuration is

    gateway agnostic Map generic config to gateway specific configuration --- x-plugins: rate-limiting: config: second: 3 minute: 40 hour: 120 policy: local request-size-limiting: config: allowed_payload_size: 128 size_unit: megabytes require_content_length: false
  7. Lint Module Analyzes the OAS against the provided schema Completes

    type checking Schema is configurable and extendable Flags errors detected in the OAS
  8. Validate Module Validate the custom OAS extensions Detect Guard Rail

    violations in the OAS extensions Outline policies and processes for API Governance
  9. Guard Rails Define clear standards for API development Improve the

    quality, consistency and security of APIs Ensure APIs are compliant with organizational objectives
  10. Guard Rails Define clear standards for API development Improve the

    quality, consistency and security of APIs Ensure APIs are compliant with organizational objectives --- x-plugins: rate-limiting: config: second: 3 minute: 40 hour: 120 policy: local request-size-limiting: config: allowed_payload_size: 128 size_unit: megabytes require_content_length: false
  11. Guard Rails Define clear standards for API development Improve the

    quality, consistency and security of APIs Ensure APIs are compliant with organizational objectives --- plugins: rate-limiting: usage: required config: second: usage: optional min: 5 max: 10 request-size-limiting: usage: optional config: size_unit: usage: optional values: - bytes - kilobytes - megabytes
  12. Guard Rails Define clear standards for API development Improve the

    quality, consistency and security of APIs Ensure APIs are compliant with organizational objectives --- x-plugins: rate-limiting: config: second: 3 minute: 40 hour: 120 policy: local request-size-limiting: config: allowed_payload_size: 128 size_unit: megabytes require_content_length: false Log: [ERROR] validate: Line 3 - rate-limiting second config is below min value of 5
  13. Guard Rails Centralized repository for API policies and processes Hierarchical

    guard rails provides flexibility Layered rules across various segments of the business config/ └── guard-rails/ ├── environment/ │ ├── dev.yaml │ ├── test.yaml │ └── prod.yaml ├── team/ │ ├── loan.yaml │ └── accounts.yaml └── org.yaml
  14. Defaults Centralized repository for API policies and processes Define gateway

    features across API portfolio Promote API standards and policies
  15. Defaults Centralized repository for API policies and processes Define gateway

    features across API portfolio Promote API standards and policies --- api: rate-limiting: config: second: 10 policy: local post: request-size-limiting: config: allowed_payload_size: 64 size_unit: megabytes
  16. Defaults Centralized repository for API policies and processes Define gateway

    features across API portfolio Promote API standards and policies config/ └── defaults/ ├── environment/ │ ├── dev.yaml │ ├── test.yaml │ └── prod.yaml ├── team/ │ ├── loan.yaml │ └── accounts.yaml └── org.yaml
  17. API Security Automatically apply authentication to an API Supports a

    range of API authentication methods Enforce API authentication standards
  18. Apply Module Generates gateway configuration files Extendable to future gateway

    versions and providers Apply configuration to gateway template files
  19. API First Importance of API design and documentation Establish consistent

    and reusable API contracts API Registration is the building block for an API First approach
  20. Benefits & Value Add Automated API onboarding Easily govern API

    development Increase speed to market of APIs
  21. GitLab Project API Registration is open sourced under the Marlo

    public GitLab repository https://gitlab.com/themarlogrouppublic/api-registration