4/29/18

Module 1: Introducing
Application Networks and
API-Led Connectivity

At the end of this module, you should be able

• Explain what an application network is and its benefits

• Describe how to build an application network using API-led connectivity
• Explain what web services and APIs are
• Make calls to unsecured and secure APIs

All contents © MuleSoft Inc. 2

1
 4/29/18

Identifying the problems faced

by IT today

Biggest challenge: IT cannot go fast enough

n
t i ti o
pe
om
lc
i ta
Demands on IT

g
Di
b ile ic s
Mo a ly t
a t a , An
D
B ig
S
nd S aa
Cloud a

IT delivery capacity

Time
Today

All contents © MuleSoft Inc. 4

2
 4/29/18

Digital pressures create a widening IT delivery gap

p
y ga
deliver e ti t
io n
IT ut pe
sive bsol
Mas ng an a e co
m
ti g al
crea to chan i t
Demands on IT

g
e d Di
ne b ile l y ti c
s
Mo A na
t a ,
Da
B ig
S
nd S aa
Cloud a

IT delivery capacity

Time
Today

All contents © MuleSoft Inc. 5

A new way of working to close the delivery gap

Demands on IT

New IT
operating
Consumption and model
innovation

IT delivery
capacity
Enablement and assets
Time
Today

All contents © MuleSoft Inc. 6

3
 4/29/18

A new way of working to close the delivery gap

Enable
th
to self- e business
serve a
deliver nd
m
own pr ore of their
o je cts
right w th e
ay
IT build
s re u s a
A P Is & ble
Demands on IT

service New IT
a cce ss s fo r
ing dat
a n d re s a operating
o u rce s Consumption and model
innovation

IT delivery
capacity
Enablement and assets
Time
Today

All contents © MuleSoft Inc. 7

Introducing a new IT operating

model

4
 4/29/18

New operating model emphasizes consumption

LoB IT, developers

Consumption

Discoverable
Reusable
assets
Feedback and
usage metrics

Self-service

Production
Central IT / LoB IT
All contents © MuleSoft Inc. 9

A common project-based approach

Web app API

Project objective: Web app

provides real-time order status and Order status Order history
order history for sales team
engaging with customers

• Order data in eCommerce system Aggregated

customer data
• Inventory data in SAP

• Customer data in SAP, Salesforce

All contents © MuleSoft Inc. 10

5
 4/29/18

A common project-based approach

On time and within budget

Web app API

Limited opportunity for reuse

Tight coupling = brittleness

Order status Order history

Difficult to govern

Aggregated
? Meets business requirements customer data

All contents © MuleSoft Inc. 11

6 months later…

mobile
Mobile API Web app API

Integration project

Order status Order history Order status Order history

Aggregated Aggregated
customer data customer data

All contents © MuleSoft Inc. 12

6
 4/29/18

Modern API: The core enabler of a new operating model

• Discoverable and accessible

through self-service

• Productized and designed for

ease of consumption
Modern
API • Easily managed for security,
scalability, and performance

All contents © MuleSoft Inc. 13

The API-led connectivity approach

Web app API Experience

APIs

Order
status Process
Order
history APIs
Customers

Orders
System
SAP Salesforce
customers customers
APIs

All contents © MuleSoft Inc. 14

7
 4/29/18

The API-led connectivity approach

Mobile API Web app API Experience

APIs

Order
Shipment status Process
Order
status history APIs
Customers

Orders
System
Toll UPS SAP Salesforce
shipments shipments customers customers
APIs

All contents © MuleSoft Inc. 15

Enable and empower the entire organization

Discover, self-serve, Experience

Developers reuse and consume APIs

Discover, reuse assets and Process

LOB IT compose information APIs

Unlock assets and System

Central IT decentralize access APIs

All contents © MuleSoft Inc. 16

8
 4/29/18

Drive outcomes with API-led connectivity

On time and within budget

Experience
APIs
Drives
Limitedreuse vs buildfor reuse
opportunity

Tight coupling
Designs = brittleness
in readiness for change Process
APIs
Builds in governance, compliance,
Difficult to govern
security, and scalability
System
? Meets business
the needsrequirements
of your business APIs

All contents © MuleSoft Inc. 17

C4E: Organizing differently to drive API-led connectivity

• C4E is a cross functional team

Central
• C4E ensures that assets are
IT – Productized and published
– Consumable
Center for – Consumed broadly
enablement
– Fully leveraged
(C4E)

Innovation LoB • Success of C4E measured on

teams
asset consumption

All contents © MuleSoft Inc. 18

9
 4/29/18

Achieving an application
network

Application landscape

All contents © MuleSoft Inc. 20

10
 4/29/18

Every project adds value to the application network

Project 1 –
API-led

All contents © MuleSoft Inc. 21

Every project adds value to the application network

Project 1 –
API-led

C4E

Self-serve assets
on the
application network

Order
status

Shipments Orders

Shipment
Customers
status

All contents © MuleSoft Inc. 22

11
 4/29/18

Every project adds value to the application network

Project 1 –
API-led

C4E

Self-serve assets
on the
application network

Order
status

Shipments Orders

Shipment
Customers
status

All contents © MuleSoft Inc. 23

Speed. Agility.
Application Innovation.
landscape

An application network
• Emerges bottoms-up via self-service

• Provides visibility, security and

governability at every API node

• Is recomposable: it bends, not

breaks – built for change

All contents © MuleSoft Inc. 24

12
 4/29/18

Deconstructing APIs

What exactly is an API?

• An API is an Application Programming Interface

• It provides the info for how to communicate with a software

component, defining the
– Operations (what to call)
– Inputs (what to send with a call)
– Outputs (what you get back from a call)
– Underlying data types

• It defines functionalities independent of implementations

– You can change what’s going on behind the scenes without changing how people
call it

All contents © MuleSoft Inc. 26

13
 4/29/18

What do people mean when they say API?

They could be referring to a number of things…

1. An API interface definition file (API specification)

– Defines what you can call, what you send it, and what you get back

2. A web service
– The actual API implementation you can make calls to or the interface of that API
implementation

3. An API proxy
– An application that controls access to a web service, restricting access and usage
through the use of an API gateway

All contents © MuleSoft Inc. 27

Reviewing web services

14
 4/29/18

What is a web service?

• Different software systems often need to exchange data with each other
– Bridging protocols, platforms, programming languages, and hardware architectures

• A web service is a method of communication that allows two software

systems to exchange data over the internet

• Systems interact with the web service in a manner prescribed by some

defined rules of communication
– How one system can request data from another system, what parameters are
required, the structure of the return data, and more

All contents © MuleSoft Inc. 29

The parts of a web service

• The web service API

– Describes how you interact with the web service
– It may or may not (though it should!) be explicitly defined in a file
– It could be any sort of text in any type of file but ideally should implement some
standard API description language (or specification)

• The web service interface implementing the API

– Is the code providing the structure to the application so it implements the API
– This may be combined with the actual implementation code

• The web service implementation itself

– Is the actual code and application

All contents © MuleSoft Inc. 30

15
 4/29/18

Two main types of web services

• SOAP web services

– Traditional, more complex type
– The communication rules are defined in an XML-based WSDL (Web Services
Description Language) file

• RESTful web services

– Recent, simpler type
– Use the existing HTTP communication protocol

All contents © MuleSoft Inc. 31

Reviewing RESTful web services

16
 4/29/18

RESTful web services

• REST stands for Representational State Transfer

– An architectural style where clients and servers exchange representations of
resources using standard HTTP protocol

• Other systems interact with the web service using the HTTP protocol

• The HTTP request method indicates which operation should be

performed on the object identified by the URL

All contents © MuleSoft Inc. 33

Example RESTful web service calls

• Data and resources are represented using URIs

• Resources are accessed or changed using a fixed set of operations

• (GET)/companies
• (GET)/companies?country=France
• (GET)/companies/3
• (POST)/companies with JSON/XML in HTTP body
• (DELETE)/companies/3
• (PUT)/companies/3 with JSON/XML in HTTP body

All contents © MuleSoft Inc. 34

17
 4/29/18

RESTful web service request methods

• GET retrieves the current state of a resource in some representation

(usually JSON or XML)
• POST creates a new resource
• DELETE deletes a resource
• PUT replaces a resource completely
– If the resource doesn't exist,
a new one is created
• PATCH partially updates a resource
– Just submitted data

All contents © MuleSoft Inc. 35

Example RESTful web service response

• JSON (JavaScript Object Notation)

– A lightweight data-interchange format (without a lot of extra XML markup )
– Human-readable results (usually JSON or XML)
– Supports collections and maps

All contents © MuleSoft Inc. 36

18
 4/29/18

Learning about APIs

• API documentation
– Should include the list of all possible resources, how to get access to the API,
and more

• API portals
– Accelerate onboarding by providing developers a centralized place for discovering
all the tools they need to successfully use the API, which could include
• Documentation, tutorials, code snippets, and examples
• A way to register applications to get access to the API
• A way to provide feedback and make requests
• A way to test the API by making calls to it

• Discover APIs in API directories and marketplaces

– For example, ProgrammableWeb, which has over 19,000 APIs
All contents © MuleSoft Inc. 33

Walkthrough 1-1: Explore an API directory and an

API portal

• Browse the ProgrammableWeb API directory

• Explore the API reference for an API (like Twitter)
• Explore the API portal for an API to be used in the course

All contents © MuleSoft Inc. 38

19
 4/29/18

Calling RESTful web services

Calling RESTful web services

• To call web services, you need to write code or have a tool to make
the HTTP requests
– Need to be able to specify the HTTP method, request headers, and request body

• Example tools include

– An API portal with an API console
– Advanced Rest Client
– Postman
– A cURL command-line utility

All contents © MuleSoft Inc. 33

20
 4/29/18

Making calls to RESTful APIs

• Unsecured APIs
– The API may be public and require no authentication

• Secured APIs
– The API may be secured and require authentication
– You may need to provide credentials and/or a token
– Often a proxy is created to govern access to an API
– We will call and then later create an API secured by credentials
– You can also secure an API with other authentication protocols
• OAuth, SAML, JWT, and more

All contents © MuleSoft Inc. 41

Getting responses from web service calls

• RESTful web services return an HTTP status code with the response
• The status code provides client feedback for the outcome of the
operation (succeeded, failed, updated)
– A good API should return status codes that align with the HTTP spec

All contents © MuleSoft Inc. 42

21
 4/29/18

Common HTTP status codes

Code Definition Returned by

200 OK – The request succeeded GET, DELETE,

PATCH, PUT
201 Created – A new resource or object in a collection POST
304 Not modified – Nothing was modified by the request PATCH, PUT
400 Bad request – The request could not be performed by the All
server due to bad syntax or other reason in request
401 Unauthorized – Authorization credentials are required or user All
does not have access to the resource/method they are
requesting
404 Resource not found – The URI is not recognized by the server All

500 Server error – Generic something went wrong on the server All
side
All contents © MuleSoft Inc. 43

Walkthrough 1-2: Make calls to an API

• Use ARC to make calls to an unsecured API (an implementation)

• Make GET, DELETE, POST, and PUT calls
• Use ARC to make calls to a secured API (an API proxy)
• Use the API console in an API portal to make calls to a managed API
using a mocking service
• Use the API console to make calls to an API proxy endpoint

All contents © MuleSoft Inc. 44

22
 4/29/18

Successfully creating
application networks using
API-led connectivity

Producing discoverable and consumable assets is key

LoB IT, developers

Consumption

Discoverable
Reusable
assets
Feedback and
usage metrics

Self-service

Production
Central IT / LoB IT
All contents © MuleSoft Inc. 46

23
 4/29/18

Designing for API success

• Create APIs that developers can find and want to use and share
with others
– Design the API for the business use cases it will fulfill, not to model the backend
services or applications they expose
– Focus on performance of client applications and user experience

• Take an API design-first approach!

• Get API design right before investing in building it

– Define it iteratively getting feedback from developers on its usability and
functionality along the way
– Building the implementation of an API is time consuming and expensive to undo

All contents © MuleSoft Inc. 47

API development cycle

Service
with APIs

API
Spec

All contents © MuleSoft Inc. 48

24
 4/29/18

Summary

Summary

• Companies today need to rapidly adopt and develop new

technologies in order to stay relevant to customers & keep competitive

• IT needs to be able to rapidly integrate resources and make them

available for consumption
– An API-led connectivity approach can help achieve this

• To drive API-led connectivity, create a C4E (Center for Enablement)

– A cross-functional team to ensure assets across the organization are productized,
published, and widely consumed

• An application network is a network of applications, data, and

devices connected with APIs to make them pluggable and to create
reusable services
All contents © MuleSoft Inc. 50

25
 4/29/18

Summary

• A web service is a method of communication that allows two software

systems to exchange data over the internet

• An API is an application programming interface that provides info for

how to communicate with a software component

• The term API is often used to refer to any part of RESTful web service
– The web service API (definition or specification file)
– The web service interface implementing the API
– The web service implementation itself
– A proxy for the web service to control access to it

• RESTful web services use standard HTTP protocol and are easy to use
– The HTTP request method indicates which operation should be performed on the
object identified by the URL
All contents © MuleSoft Inc. 51

26