Sascha Preibisch
API DevelopmentA Practical Guide for Business Implementation Success
Sascha Preibisch
Richmond, BC, Canada
ISBN 978-1-4842-4139-4e-ISBN 978-1-4842-4140-0
Library of Congress Control Number: 2018963113
© CA 2018
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed.
Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.
While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.
Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail [email protected], or visit www.springeronline.com. Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.

This book is for my mother and father who both are in heaven!

Introduction

This book is about application programming interfaces (APIs) that provide access to enterprise systems. This book is meant for anyone who is involved in API-based projects. The book discusses general design guidelines, talks about relevant stakeholders, explains the difference between client- and server-side APIs, provides implementation details independent of programming languages, and explains the concept of microservices. Most of the content is based on use cases of enterprise businesses. The book finds itself in the category of practical/useful rather than theoretically explained .

The book addresses different audiences and has high-level sections just as very technical ones. If you are in the process of exposing business data via APIs, consider this book to be part of your decision-making process. If this is the first time you are going through the process of creating APIs, or the first time since the days of SOAP services, there is a high chance that you will find answers to your questions here.

This book is also about phrases and terms that are used in the context of APIs and should help different audiences communicate with each other on the same level.

From a technical point of view, this book concentrates on HTTP-based APIs that leverage OAuth 2.0, OpenID Connect, JSON Web Token (JWT), and RESTful interfaces. These technologies will be discussed in detail. The book also introduces microservice architectures and how Docker comes into play. Deep technical knowledge is generally not required.

On a side note, please be aware that this book is not written in a gender or otherwise neutral language. Please assume it is referencing persons in general.

Why I Wrote This Book

Almost from the first day of my career in IT I have been involved in the API business. As a consultant in Switzerland, I worked for big companies. These companies mainly integrated their systems with other equally big businesses. The systems usually exchanged SOAP messages and supported use cases such as transmitting pay stubs or health insurance reports. You may remember those days and may still have to support those solutions.

Now, as a software architect, I am mainly involved in API projects that use RESTful interfaces. My involvement is requested to discuss architectural questions. At some point, I realized that those questions were very similar to each other. At that point in time, I decided to start a blog to talk about topics in the context of APIs. Some of my posts have 100 views, others a few thousand, which is a lot in my personal world. Seeing those numbers indicated to me that my posts matched what people were looking for.

Based on that, a few months ago colleagues suggested I write a book based on topics from my blog but with more details and written for different audiences. I thought about it, I liked the idea, and now I am sitting here night after night writing this book whereas my colleagues are enjoying time with their families!

However, I am very excited and happy to share my experiences with ­anyone involved in the process of exposing APIs. If at least one person can say This book is just what I was looking for , it would be a huge success and the main reason why I wrote this book!

Acknowledgments

First of all, I would like to thank my wife, Kerstin, and my two sons, Emil and Billy. They did not see me a lot while I wrote this book, but they continued to recognize me as member of our family and they supported me as much as they could!

Thanks to my employer, CA Technologies, for supporting me at every step in the writing process.

Special thanks to Ola Mogstad, Victor Kazakov, Evgenia Pshenichnova, Jack Cha, David Young, Jay Thorne, Scott Morrison, Matt McLarty and Mike Bibblecombe for their reviews, feedback, and technical guidance.

About the Author and About the Technical Reviewer

About the Author

Sascha Preibisch
../images/466048_1_En_BookFrontmatter_Figb_HTML.jpg

has been involved in enterprise-grade software development since 2005. He worked as a consultant in Switzerland where he helped customers expose SOAP-based web services in a secure way. Today, as software architect for CA Technologies in Vancouver, Canada, he works with customers who expose RESTful services. He advises customers in the usage of OAuth, OpenID Connect, mobile API security, and SSO between mobile and desktop applications. Sascha regularly attends the Internet Identity Workshop (IIW) in Mountain View, California, USA, which is the birthplace of OAuth 2.0 and OpenID Connect. He is a member of the OpenID Foundation. He maintains a blog on all aspects of API development, and he wrote a short book about a software framework ( Application Development with XML, Eclipse RCP, and Web Services ). Sascha holds a patent on a secure mobile app registration protocol.

Please feel free to contact the author either via his professional blog space at https://communities.ca.com/blogs/oauth or via his personal web site at https://oauth.blog .

 

About the Technical Reviewer

Ola Mogstad

is Engineering Director of the CA API Gateway development team in Vancouver, Canada and has spent the past 10+ years creating enterprise-grade software. He is a sci-fi and pizza enthusiast. Ola holds a Master’s degree in Communication Technology from the Norwegian University of Science and Technology (NTNU).

 
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
35.171.45.182