This book is for my mother and father who both are in heaven!
This book is about application programming interfaces (APIs) that provide access to enterprise systems. This book is meant for anyone who is involved in API-based projects. The book discusses general design guidelines, talks about relevant stakeholders, explains the difference between client- and server-side APIs, provides implementation details independent of programming languages, and explains the concept of microservices. Most of the content is based on use cases of enterprise businesses. The book finds itself in the category of practical/useful rather than theoretically explained .
The book addresses different audiences and has high-level sections just as very technical ones. If you are in the process of exposing business data via APIs, consider this book to be part of your decision-making process. If this is the first time you are going through the process of creating APIs, or the first time since the days of SOAP services, there is a high chance that you will find answers to your questions here.
This book is also about phrases and terms that are used in the context of APIs and should help different audiences communicate with each other on the same level.
From a technical point of view, this book concentrates on HTTP-based APIs that leverage OAuth 2.0, OpenID Connect, JSON Web Token (JWT), and RESTful interfaces. These technologies will be discussed in detail. The book also introduces microservice architectures and how Docker comes into play. Deep technical knowledge is generally not required.
On a side note, please be aware that this book is not written in a gender or otherwise neutral language. Please assume it is referencing persons in general.
Almost from the first day of my career in IT I have been involved in the API business. As a consultant in Switzerland, I worked for big companies. These companies mainly integrated their systems with other equally big businesses. The systems usually exchanged SOAP messages and supported use cases such as transmitting pay stubs or health insurance reports. You may remember those days and may still have to support those solutions.
Now, as a software architect, I am mainly involved in API projects that use RESTful interfaces. My involvement is requested to discuss architectural questions. At some point, I realized that those questions were very similar to each other. At that point in time, I decided to start a blog to talk about topics in the context of APIs. Some of my posts have 100 views, others a few thousand, which is a lot in my personal world. Seeing those numbers indicated to me that my posts matched what people were looking for.
Based on that, a few months ago colleagues suggested I write a book based on topics from my blog but with more details and written for different audiences. I thought about it, I liked the idea, and now I am sitting here night after night writing this book whereas my colleagues are enjoying time with their families!
However, I am very excited and happy to share my experiences with anyone involved in the process of exposing APIs. If at least one person can say This book is just what I was looking for , it would be a huge success and the main reason why I wrote this book!
First of all, I would like to thank my wife, Kerstin, and my two sons, Emil and Billy. They did not see me a lot while I wrote this book, but they continued to recognize me as member of our family and they supported me as much as they could!
Thanks to my employer, CA Technologies, for supporting me at every step in the writing process.
Special thanks to Ola Mogstad, Victor Kazakov, Evgenia Pshenichnova, Jack Cha, David Young, Jay Thorne, Scott Morrison, Matt McLarty and Mike Bibblecombe for their reviews, feedback, and technical guidance.
has been involved in enterprise-grade software development since 2005. He worked as a consultant in Switzerland where he helped customers expose SOAP-based web services in a secure way. Today, as software architect for CA Technologies in Vancouver, Canada, he works with customers who expose RESTful services. He advises customers in the usage of OAuth, OpenID Connect, mobile API security, and SSO between mobile and desktop applications. Sascha regularly attends the Internet Identity Workshop (IIW) in Mountain View, California, USA, which is the birthplace of OAuth 2.0 and OpenID Connect. He is a member of the OpenID Foundation. He maintains a blog on all aspects of API development, and he wrote a short book about a software framework ( Application Development with XML, Eclipse RCP, and Web Services ). Sascha holds a patent on a secure mobile app registration protocol.
Please feel free to contact the author either via his professional blog space at https://communities.ca.com/blogs/oauth or via his personal web site at https://oauth.blog .
is Engineering Director of the CA API Gateway development team in Vancouver, Canada and has spent the past 10+ years creating enterprise-grade software. He is a sci-fi and pizza enthusiast. Ola holds a Master’s degree in Communication Technology from the Norwegian University of Science and Technology (NTNU).
35.171.45.182