API Gateway @ NIE By Benny Lam & Devi Arputharajan, NIE ACIS - - PowerPoint PPT Presentation

api gateway nie
SMART_READER_LITE
LIVE PREVIEW

API Gateway @ NIE By Benny Lam & Devi Arputharajan, NIE ACIS - - PowerPoint PPT Presentation

Feb 15, 2023 883 likes •1.36k views

Restricted API Gateway @ NIE By Benny Lam & Devi Arputharajan, NIE ACIS Restricted Agenda What is an API? API economy What problem does it solve? Various types of API gateway NIE high level deployment Demo using NIE

slide-1
SLIDE 1

API Gateway @ NIE

By Benny Lam & Devi Arputharajan, NIE ACIS

Restricted

slide-2
SLIDE 2

Agenda

  • What is an API?
  • API economy
  • What problem does it solve?
  • Various types of API gateway
  • NIE high level deployment
  • Demo using NIE API gw
  • QnA

Restricted

slide-3
SLIDE 3

What is API?

Restricted

slide-4
SLIDE 4

API economy

Restricted

slide-5
SLIDE 5

Restricted

slide-6
SLIDE 6

Types of API

  • Three types of APIs :

– Open APIs: these APIs are publicly available on the web. They are made available to all developers through a simple online contract. – Semi-open APIs: these APIs are accessible to a limited number

  • f partners selected by the company.

– Closed APIs: these APIs are for the company's internal

  • perations; their use is reserved for internal developers.

Restricted

slide-7
SLIDE 7

What problem does a gateway solve?

  • Abstraction of backend

servers – Facade pattern

  • BFF pattern – Backend for

Frontend pattern

  • Micro-services
  • Single entry point for

integration

  • Policy management
  • Service bus

Restricted

slide-8
SLIDE 8

API facade pattern

  • Simple interface to a complex system
  • Future-proof your systems
  • Hiding the internal implementation (abstraction)

Restricted

slide-9
SLIDE 9

BFF pattern

  • https://microservices.io/patter

ns/apigateway.html

  • A layer of BFF services that

mesh up the next layer of micro-services

  • One BFF per mobile

experience

  • Provides Optimal call for each

client

Restricted

slide-10
SLIDE 10

Micro-services architecture

  • An architectural style that structures an application as a collection
  • f loosely coupled service

Restricted

slide-11
SLIDE 11

Monolithic Architecture

Restricted

slide-12
SLIDE 12

Micro services architecture

Restricted

slide-13
SLIDE 13

Restricted

slide-14
SLIDE 14

API policies

  • Access restriction policies

– Parameters type check – Restrict caller IP – Authorization protocol (OAUTH, SAML) – Limit call rate (throttling)

  • Authentication policy

– Cert verification

  • Advance flow
  • Caching
  • Transformational

– Conversion of JSON to XML

Restricted

slide-15
SLIDE 15

Enterprise Service Bus

  • Integrate systems by a

communication bus

  • Decouples systems from

each other, communicate without knowledge of other systems on the bus.

  • Move away from point-to-

point integration, which is hard to manage over time

Restricted

slide-16
SLIDE 16

2 main differences

  • APIs are consumption-centric, whereas services exposed

through ESB are exposure/reuse focused.

  • The logic for “orchestration” is not a significant driver for

the API layer

Restricted

slide-17
SLIDE 17

Gartner Magic Quadrant for full API Lifecycle management

Confidential

slide-18
SLIDE 18

Enterprise API gateway

  • Feature rich
  • On premise or on

cloud

Restricted

slide-19
SLIDE 19

Cloud-base API gateways

  • Pay as you go
  • Important

abstraction component of cloud architecture

Restricted

slide-20
SLIDE 20

Open source Gateway

  • Open source version

alternative

  • Up and coming niche

player –Kong build on Nginx (high performance load balancer)

Restricted

slide-21
SLIDE 21

API management

Design Development Security Publishing Scalability Monitoring Analysis Monetization

Restricted

slide-22
SLIDE 22

API journey timeline

Sept 2017 APIs review April 2017 Production Dec 2016 Procurement using bulk tender Aug 2016 API awareness workshop May 2016 POC done for Mulesoft and CA Jan 2016 Mobile architecture revamp

Restricted

slide-23
SLIDE 23

NIE API deployment

Restricted

slide-24
SLIDE 24

Restricted

slide-25
SLIDE 25

Publish an API in Gateway

Restricted

slide-26
SLIDE 26

Use Case

Restricted

  • To Publish “CourseList” API from StudentService

application in Gateway.

  • Apply Policies

 Audit log  Protect URL from SQL Attack

slide-27
SLIDE 27

Gateway IDE

Restricted

slide-28
SLIDE 28

Publish API

Restricted

slide-29
SLIDE 29

Restricted

Publish API

slide-30
SLIDE 30

Restricted

https://apigw.sg/CourseList

Publish API

https://StudentServices.edu.sg/Course/CourseList

slide-31
SLIDE 31

Restricted

slide-32
SLIDE 32

NIE Mobile App Consuming APIs via Gateway

Restricted

slide-33
SLIDE 33

API Gate way

Access Matrix Portal Student Service Car Park

(PHP) (product) (java) (.Net)

Login News Car Park Course, Exam

Mobile Functions

Applications

slide-34
SLIDE 34

Gateway Policies

 Caching  Throttling

Restricted

slide-35
SLIDE 35

Caching

Gateway can cache the response from API for a “user defined period” of time.

Restricted

slide-36
SLIDE 36

Eg: Cache Response for 5 secs First call to API

Secs 1 Response is cached and returned 2 6 7

. . .

Hits the server after 5 Secs

Subsequent Calls . . . .

Response from Cache Response from Cache

Restricted

slide-37
SLIDE 37

Throttling

Gateway helps to regulate the rate at which the request is processed per unit time

Restricted

slide-38
SLIDE 38

Throttling

Restricted

slide-39
SLIDE 39

Database API

Restricted

slide-40
SLIDE 40

Database API

Restricted

slide-41
SLIDE 41

Database API

Restricted

slide-42
SLIDE 42

Database API

Restricted

slide-43
SLIDE 43

Restricted

slide-44
SLIDE 44

Successful API implementation

Start Small

No one size fits all

People, Process, Product

Restricted

slide-45
SLIDE 45

Restricted

slide-46
SLIDE 46

Restricted