SAP API Management - On Premise Edition FAQ
1. What is an API?
APIs are Application Programming Interface. It is a set of routines, protocols and tools for building software applications. APIs are sets of requirements that govern how one application can talk to another. APIs are especially important because, they dictate how developers can create new apps that tap into big Web services and social network. APIs facilitate interaction by selectively exposing certain functionalities, allowing different applications/websites/devices to communicate effectively with each other.
2. What is SAP API Management?
API Management is the process of publishing, promoting and overseeing APIs is a secure and scalable manner. SAP API Management has various capabilities to provide unified access and orchestration based on open standards like REST, Odata, OAuth and many more with enterprise grade security and seamless connectivity to existing SAP back-ends. This simplifies the way developers go about integrating with their SAP and non-SAP application, reducing cost, foster innovation and participate in the larger API economy.
3. What does SAP API Management deliver?
With SAP API Management, you can:
- Increase workforce productivity
- Personalized consumer engagement
- Provide enterprise grade security
- Reduce IT complexity and total cost of ownership
- Create custom apps quickly and easily
- Co innovation with Partners and Customers
- Opens up new business channels and revenue streams
4. What is the value customers should expect from SAP API Management?
SAP API Management enables provisioning, governance, security and scalability of enterprise information for digital access. It provides for one experience for managing and monitoring APIs across various data platforms (SAP and non-SAP) with real-time analytics and reporting on usage metrics.
5. What are the technical benefits of using SAP API Management?
- APIs are the core of “System of engagement” and are built on enabling efficient delivery and distribution of content and services. The SAP API Management capabilities enable business towards simplifying the way developers go about integrating with their SAP and non-SAP applications reducing cost, fostering innovations and improve participation in the API economy. For details refer http://www.gartner.com/it-glossary/pace-layered-application-strategy/
- SAP API Management not only provides enterprise grade security that ensures optimized performance, but also helps monitor and manage APIs
- Unlike SOA strategies, that typically assumes that internal users are accessing the services; an API strategy targets engagement with a variety of business and software development partners that are as likely to be external as internal. SAP API Management delivers important additional capabilities: developer portal, key management and approval, metering and billing capabilities.
6. How is SAP API Management placed in SAP portfolio?
SAP has many API providers such as SAP Gateway, SAP HANA Platform, SuccessFactors and many more in the road map. There is a need of a solution to manage the numerous SAP and non-SAP APIs. SAP API Management helps unlock the value of digital assets, enabling in creating and delivering content and business services to consumers, partners and developers
7. Are there any business use cases?
Business to Employee use case in construction industry –
- Solution - Standardized APIs provide an alternate method to access back-end systems. Developed new, intuitive lightweight applications that could be delivered, monitored, managed, and analyzed through an enterprise app store. Streamlined development tools to ease app development.
Business to Consumer use case in retail industry –
- Challenges -
- Solution - Created an entire API ecosystem. Implemented API management as a cloud-based, software-as-a-service (SaaS) solution. Embraced widely used standards and protocols to make the system easily usable for developers and to provide comprehensive analytics and monitoring.
- Benefits – On-boarded partners securely and efficiently. Using the technology to drive traffic and expand the company’s footprint and improve innovation. Increased speed with lightweight, simple protocols. Implemented policy-based management, security, caching, and analytics out of the box.
Business to Business use case in retail industry
- Solution - API management enabled the company to offer APIs to developers and to manage the APIs.
- Benefits - Scaled reach to millions of users. Fostered co-innovation with developers. Maintained control over apps without having an app-store-like review process. Leveraged existing technology and reduced the need for re-engineering.
8. What social medial channels does SAP API Management offer?
- YouTube: http://spr.ly/youtube-sap-api-management
- Facebook: https://www.facebook.com/sapdevelopers
- Twitter: https://twitter.com/SAPdevs
- SCN: http://scn.sap.com/community/api-management
9. Where can I learn more on SAP API Management?
10. How is the solution able to expose registered services to external parties?
The SAP API Management (currently offered as an on-premise solution and running along with SAP Process Orchestration) provides capabilities to Register and expose Services as APIs and supports REST, OData, SOAP or any other HTTP based services.
11. Does SAP API Management have the ability to monitor performance and utilization of all registered services?
The SAP API Management comes with comprehensive analytical capabilities to analyse the exposed APIs and backend service performance, latency, error rate, average response times, moving average, anomalies, etc. to just name a few. These capabilities will let you inspect and troubleshoot any issues in the system.
12. Is there a dashboard of who is consuming the APIs?
The Management User interface that comes with SAP API Management comes with an intuitive dashboard that includes various views such as: API traffic, top executed APIs, top Developers, etc. These out of the box dashboards can be extended to include customer reports and add them to existing or new dashboard views.
13. How is the governance managed in SAP API Management?
SAP API Management’s runtime engine is policy driven. This means that policies are decoupled from the service definition and can be dynamically linked to these APIs or services to enforce minimal or maximum levels of operation and Quality of Service. It is possible to use from an existing out of the box set of policies or create your own.
14. Can this solution link to backend ESB services or additional data sources?
SAP API Management provides capabilities to connect to any set ESB services running locally or remotely. In the same way it can exposed APIs or services for consumption, it can also connect and integrate with a variety of backend systems as well.
15. Does it have the ability to apply and change policies to APIs for security, throttling, prioritization, rate limitations with no API downtime?
SAP API Management provides a High Availability setup and configuration. In addition, the Comprehensive Provisioning and Deployment set of capabilities enables the quick association of policies to services through a single click and automatically switch to a new API or service behavior.
16. Does it have the ability for consumers to self-serve on specified APIs?
The Developer services of SAP API Management enables developers (the target audience for API management) to self-service themselves and use any published API or service. This is done through an intuitive web-based interface.
17. Does it have the ability to insert or restrict certain behaviors?
The policy driven API runtime of SAP API Management enables API developers to define and modify the behavior of the APIs or services de-coupled from the integrated target or backend service or system.
18. What are the throttling capabilities of SAP API Management?
Among some of the most relevant capabilities offered by SAP API Management to manage access on API or services we find: quotas for a time period, concurrency access limits, and acceptable spike limits, configuration of caches to accelerate and boost performance.
1. What are the security capabilities of SAP API Management
- The security policies of SAP API Management provide XML Threat protection, JSON Threat Protection in addition to Message Validation policy for XML Schemas (XSDs) and WSDL definitions.
- HTTP header filtering and evaluation of content-level & regular expression validation
The mediation policies that can be defined and associated to an API or Service enable extraction, filtering and manipulation of messages including headers, URI paths, payloads, and query parameters.
- Enforcement of rules for identity, HTTP verbs and URI’s, etc.
SAP API Management’s API runtime enables fine grained policy definition providing policy enforcement on API Resources (URIs, HTTP verbs) level.
- Identity & Access Management and Active Directory support
SAP API Management provides capabilities to leverage any external identity provider for Authentication and Authorization including Active directory.
2. What are the different authentication mechanisms supported by SAP API Management?
- SAML 2.0
SAP API Management provides capabilities to generate and validate SAML assertions. The API platform can act as an identity provider and as a service provider as well.
SAP API Management provides capabilities to configure and enforce OAuth authorization using out of the box policies.
- Client Certificate
SAP API Management provides Client SSL enabling authentication and encryption of all messages flowing over the network from SAP API Management to the backend services.
- Key & Certificate repository/management
SAP API Management provides capabilities to create keystores and truststores that provide the necessary keys and X.509 digital certificates.
Architecture and Development
1. How scalable is SAP API Management?
SAP API Management enables provisioning, governance, scalability and security of enterprise information for digital assets. Customers can also scale upto billions of API calls.
2. What are the different Deployment options?
SAP API Management can be deployed either on-premise or in cloud. Customers with business sensitive information can also opt to deploy a mixed mode, using in-cloud option for B2C scenarios and on-premise for B2E scenarios.
3. What are the different on premise installation scenarios?
There are 5 different API Platform and Analytics installation option-
- Standalone (2 Hosts, SA-SAX)
- 5-host cluster (MIN HA02SAX)
- 9-host cluster (Performance HA Setup)
- 13-host cluster (Performance HA with separate data zone)
- 12-host cluster (MIN API traffic DR/AX HA)
4. What kind of application can we develop on SAP API Management?
The options on the kind of applications developed is boundless, but some of the common scenarios are
- Innovative apps for end consumers/ employees – the abundant back data can be securely accessed to create innovative apps to reach directly to consumers and provide relevant information to employees
- Internet of Things – Developer tools provided, help in creating apps that can communicate with each other via multiple devices and channels.
- Banking Applications (e.g.: What can you do with APIs? ), mashing up financial data, with analytical data, can help you to generate (award winning) applications, either for Internal employees, or external customers.
To check the FAQs for SAP API Management- In Cloud edition, please visit: SAP API Management (Cloud offering) FAQ