Delivering ecommerce and content together in the form of a streamlined, easy-to-consume API is the best way to spark innovation, sell from within digital and mobile channels, and generate new streams of revenue. When ecommerce is combined with advanced API management, businesses can create a powerful, scalable back-end-as-a-service (BaaS) capable of driving websites, mobile apps, and emerging touchpoints such as wearable devices. Join us as Sachin Agarwal, VP Product Marketing at SOA Software, and Elastic Elastic Path Commerce Architect Andrew Lau reveal the most effective ways to get your business selling into the API economy, and how to maximize your investments in ecommerce, content management, and APIs.
Generative AI for Technical Writer or Information Developers
How to Get Your Business Selling in the API Economy
1. How to Get Your Business
Selling in the API Economy
Moderator: David Chiu, Commerce Strategist, Elastic Path
Presenter: Andrew Lau, Commerce Architect, Elastic Path
Presenter: Sachin Agarwal, VP Product Marketing, SOA Software
2. SOA Software
• SOA Software is an API Management and SOA Governance leader
• More than 300 customers – many Fortune 1000
• On-Premise and Cloud offerings
• Gartner and Forrester leader
3. Elastic Path
• Elastic Path software adds omnichannel ecommerce, subscriptions, and enhanced
connectivity to digital engagement platforms
• Enables companies to deliver a truly complete customer experience
• Run the world’s #1 Ecommerce Blog Get Elastic www.getelastic.com
• Every year, we generate billions of dollars in digital revenue for the world’s best brands
4. What is an API?
Your APIYour Customers Your Application
6. Capture new Opportunities with APIs
Drive Innovation
Increase Reach
Support New Devices
Discover New Business Models
Increase Partner Network
8. Securing your Digital Channels
• Authenticate the user
• Control what the App can can access
• Rate Limit access
• Protect from hackers
• PCI compliance
Au/Az/SSO
Licensing
Quota
Management
Protection
9. Security
Cross-cutting Security
• Aspects that cut across a given API should be offloaded to a Gateway.
• Examples: Throttling, App IDs and Keys, Security certificates
Roles-based Access Control
• If multiple roles are intrinsic to your API, these are best modeled and
handled by the API itself.
• Finer-grained hypermedia resources makes offloading to an API
gateway difficult
11. Security
OAuth is hard
Really really hard...
Test that your API works with different API Gateways.
Confirmation that the API architecture correctly separates
concerns: Authentication, Identity, Access Control
14. Performance & Reporting
API Monitoring
• Aggregated metrics such as response,
SLA thresholds, error/failure rates can
be pushed out to an external system
Reporting
• Domain specific data, such as those in
context of the API subject and resource,
should be captured by the API
17. Developer Community
The DX Experience
• The end to end experience is now key. Sign-up, access requests, interactive docs,
timely support are now the expectation. DX is not just having a beautiful API design.
API portals are marketing tools
• The API sign-up process should be treated as a marketing activity. Track funnel, metrics,
campaigns.
• Build it and they will come doesn’t apply in a world where APIs are readily available
18. API Orchestration and Mediation
Aggregate multiple backend services
Selectively call services based on business logic≈
19. Mediation
• Mediation is key to abstracting
back-end changes from the client
applications
• Common commerce example:
Abstracting the payment
gateways.
20. Versioning
• Hypermedia can be versionless
• Clients need to follow the rules:
o Enter only via the entry points
o Always follow links
o Ignore relationships you don’t recognize
o Deprecate relationships like traditional API methods
• Hypermedia doesn’t have to be versionless
o Leverage the Gateway to support multiple versions
21. Transformation
• Competing Media Types are healthy
o Siren, HAL, Collection+JSON,
Collection.Doc are just the start
• Content Types are no longer as polarizing.
JSON is winning, XML is still useful. What
other content types we will want to utilize in
the future?