3 arrows

Get 50% Off ForgeRock Training Bundles

closeClose

API Management Fundamentals for Architects

  • Contact Us For Pricing
  • Reviews star_rate star_rate star_rate star_rate star_half 3118 Ratings
  • Course Code API-MGMT-FUND
  • Duration 2 days
  • Available Formats Classroom

API Management is a multi-faceted process of designing and implementing solutions that help organization expose their internal system APIs for external / public consumption in secure and controlled fashion. API Management offers organizations ways to reach out to larger customer base, grow business, innovate, and monetize on their IT assets. This training course introduces the students to the fundamentals of API Management along with practical exercises and mini projects aimed at reinforcing their theoretical knowledge of the topics discussed in class.

  • API Management introduction
  • Overview of the popular API management platforms
  • Overview of Apigee
  • Describing RESTful services
  • Designing and implementing microservices

Prerequisites

Participants should have the understanding of software design principles and modern choices for application deployment.

Course Details

Course Outline

Chapter 1. API Management Introduction

  • Data is King
  • API Management Defined
  • The Driving Forces
  • APIs to Monetize on Your Information Assets and Services
  • The Traditional Point-to-point Integration Example
  • It Raises Some Questions …
  • The Facade Design Pattern
  • API Management Conceptual Architecture
  • Other "Complimentary" Services
  • What Else is Needed?
  • The Digital Transformation Strategies
  • Gartner's Magic Quadrant for Full Life Cycle API Management
  • MuleSoft
  • Intel® Expressway API Manager (Intel® EAM)
  • WSO2
  • Apigee
  • Summary

Chapter 2. WSO2 Overview

  • What is WSO2?
  • User Roles in WSO2 Workflows
  • The Main Client-Facing Web Applications and Capabilities
  • WSO2 Main Features
  • The API Gateway
  • Workflow for Invoking an API
  • Workflow for Creating an API
  • Access Control and Security
  • User Authentication via Access Token
  • Manage and Scale API Traffic
  • Monitor and Monetize
  • WSO2 Cloud
  • Summary

Chapter 3. Apigee Overview

  • What is Apigee?
  • The Big Picture
  • API Consumers
  • Apigee Main Components
  • Apigee Edge API Management Platform Functional Diagram
  • Apigee Capabilities and Actors
  • Apigee Policies for Traffic Management and Data Transformation
  • Apigee Sense
  • Developer Portal
  • Apigee Monetization
  • Core Monetization Components
  • API Runtime
  • API Proxies
  • API Proxy Virtual Hosts
  • Flows
  • OAuth 2.0 Integration
  • API Beauty (an API Runtime's Capability)
  • API Edge Caching
  • Service Composition
  • Apigee Edge Monitoring and Analytics
  • Samples of Monitoring Charts
  • Edge Microgateway
  • Edge Microgateway Integration with Apigee Edge Analytics
  • Examples of Edge Microgateway Deployments (1 of 3)
  • Examples of Edge Microgateway Deployments (2 of 3)
  • Examples of Edge Microgateway Deployments (3 of 3)
  • Pricing: Standard Plan
  • Apigee Hybrid
  • Apigee Hybrid Capabilities
  • Apigee Hybrid Collaboration Diagram
  • Summary

Chapter 4. API Management Analytics

  • API Metrics
  • API Proxy (API Gateway) Performance
  • The Apigee
  • Proxy (API Service Gateway) Performance Chart
  • The Apigee Target Service Performance Chart
  • The Apigee Cache Performance Chart
  • The Apigee Error Code Chart
  • Geolocation Metric
  • The Apigee GeoMap Chart
  • Developer Engagement
  • The Apigee Developer Engagement Chart
  • Reports
  • Summary

Chapter 5. Securing APIs

  • What are the Security Domains?
  • How to Secure an API?
  • DDoS Protection
  • Authentication
  • OAuth2 Overview
  • OAuth Components
  • OAuth Authentication and Authorization Overview
  • OAuth Collaboration Diagram
  • Example: OAuth Client Credentials Grant with Apigee Edge
  • Getting Authorization Code Through a Federated External Directory (Facebook or Google)
  • What is Security Assertion Markup Language (SAML)?
  • SAML 2.0 Web SSO Authentication
  • SAML vs. OAuth2
  • Identity mediation
  • Encryption of Data in Transit with TLS
  • Key and Certificate Management
  • Threat Detection
  • Apigee Content-based Security
  • JSON Web Tokens (JWT)
  • How JWT Works
  • OAuth vs JWT
  • Data-masking
  • Last-mile security
  • Summary

Chapter 6. RESTful Services Overview

  • Many Flavors of Services
  • SOAP or REST?
  • Understanding REST
  • Manipulation of Resources through Representations
  • Principles of RESTful Services
  • HTTP Methods
  • HTTP Status Codes
  • Related Standards: MIME
  • Anatomy of a URL
  • GET
  • The GET Method
  • Passing Parameters
  • HTTP Methods That Modify/Create Resources
  • POST
  • POST Request Example
  • POST Response Example
  • PUT
  • PUT Example - Update
  • PUT Example - Create
  • PATCH
  • Patch Example - Update
  • To PUT or POST?
  • SOAP Examples
  • A RESTful API for Tracking Video Games
  • What is gRPC?
  • How It Works
  • gRPC Request - Response Diagram
  • REST vs. gRPC
  • So, REST or gRPC?
  • Summary

Chapter 7. Describing RESTful APIs

  • Describing RESTful APIs
  • History
  • Ad-hoc Interface definitions
  • Modern Choices
  • Stacking Up Open API vs RAML
  • Open API vs RAML: Advantages and Disadvantages
  • RAML
  • Build A RAML API Description
  • ROOT
  • List Resources
  • Define Methods
  • Define Query Parameters
  • Enter Responses
  • Open API (Swagger)
  • Swagger Versions
  • Swagger Editor
  • Swagger Codegen
  • Swagger UI
  • OpenAPI Service Description
  • Pretty Printed OpenAPI Service Definition
  • Summary

Chapter 8. Microservices Architecture Overview

  • What is a "Microservice"?
  • Principles of Microservices
  • Properties and Attributes of Microservices
  • Benefits of Using Microservices
  • The Microservices Architecture
  • Microservices Architecture vs SOA
  • The ESB Connection
  • Microservices Architecture Benefits
  • Microservices Architecture Choices and Attributes
  • Example: On-Line Banking Solution Based on MsA
  • Distributed Computing Challenges
  • Replaceable Component Architecture
  • What Can Make a Microservices Architecture Brittle?
  • Summary

Chapter 9. Designing and Implementing Microservices

  • Two Types of IT Projects
  • What is In Scope for a Robust Microservices Design?
  • Scoping Your Microservice via the Bounded Context
  • Scoping Your Solution's Microservices Architecture
  • External / Shared and Internal Service Models
  • General Architectural and Software Process Organizational Principles
  • Loose Coupling, the OOD Perspective
  • Crossing Process Boundary is Expensive!
  • Cross Cutting Concerns
  • More Cross Cutting Concerns
  • To Centralize or Decentralize Client Access?
  • Decentralized Client Access
  • Centralized Client Access
  • The Facade Pattern
  • The Facade Service Conceptual Diagram
  • The Service Mesh Integration Pattern
  • Istio
  • Mesh Pros and Cons
  • Service-to-Service Communication with Mesh
  • The Naked Objects Architectural Pattern
  • When to Use Naked Objects Pattern
  • Dealing with the State
  • How Can I Maintain State?
  • Micro Front-ends (a.k.a. MicroUI)
  • How can MicroUI Help Me?
  • Your Clients Are Diverse
  • The "Rich Client" - "Thin Server" Paradigm
  • The "Rich Client" - "Thin Server" Architecture
  • RIA as a Driving Force to Turn the "Thin Server" into a Set of Microservices
  • Design for Failure
  • Resilience-Related Design Patterns
  • The Immutable Infrastructure Principle
  • Implementing Microservices
  • Microservice-Oriented Application Frameworks and Platforms
  • Embedding Databases
  • Embedded Java Databases
  • Summary

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals, and private on sites. View our group training page for more information.

Well organized training, professionally run training and excellent well qualified Instructor

Great class, labs, and content. Very thorough and labs actually work with the lab guide. :)

Well done. The instructor was very good and the course content seemed to cover the basics of GPFS at least for what I need.

I found this course very helpful as an overview of how AWS Services work together.

Great training provided. One suggestion is mail out printed copy of course material and exercises to participants.

0 options available

There are currently no scheduled dates for this course. If you are interested in this course, request a course date with the links above. We can also contact you when the course is scheduled in your area.

Contact Us 1-800-803-3948
Contact Us
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward