APIs are no longer a nice to have, they are the life-blood of the modern organization. However, implementing APIs in your company is no small task – for enterprises it means understanding the best practices for legacy modernization (especially at a time when analysts are talking about macro and mini services on top of microservices). It also means building out a comprehensive API strategy and understanding the hidden costs, challenges, and cultural shifts that come with becoming an API first company.
With a majority of APIs failing or needing to be refactored/ versioned within their first couple of years, proper API Design and Architecture is critical to ensuring your API not only meets your users needs, but is efficient enough to scale affordably to meet their increasing demands. This means going far beyond CRUD and resource implementation and in-depth into proper API design as well as understanding performance requirements and framework tuning.
APIs not only offer your consumers access to your application’s services and data, but if not properly secured through multiple layers provides a backdoor into your entire network. That has quickly made API vulnerabilities one of hackers favorite targets – endangering your customers, and subjecting your company to a series of potential fines and legal costs. This is why it is so important to understand not only the basics of API security, but the layers of API security ranging from client authentication and authorization, to DDoS and malicious input detection and prevention, to network firewalls and container security.
The two biggest challenges APIs face is having no one using them, and having everyone using them. How do you manage hundreds of thousands to millions of users, how do you ensure unique access tokens and keys, or know what endpoints are actually being used – and by whom? Beyond just managing the users, how do you predict spikes and dips within usage to allow you to scale up and down intelligently, and what type of infrastructure do you need to support dynamic scaling to prevent downtime and self-healing within your infrastructure?
If your customers can’t use your API, they’ll use your competitors. This means that your API has to be usable and reliable. Testing is a significant key to your API’s success, going beyond unit tests into load and performance testing. It also means having easy to read, accessible documentation, code samples, getting started guides, and developer support. That’s why it’s so important to implement numerous different types of testing at scale, and build out a successful developer ecosystem complete with data analysis and user testing to ensure your consumers are successful.
This track covers both designing APIs for IoT as well as IoT APIs you can integrate into your application. From security and sensors to location APIs and hardware APIs, the web and the real world are not easily integrated, and Internet of Things APIs make up the glue of the IoT world.
Artificial intelligence and machine learning is revolutionizing dozens of industry verticals, and you can now utilize AI and machine learning technologies via APIs for instant deployment. This track covers APIs available to developers for data-crunching, predictive analytics, neural networks, ad targeting, and other AI use cases.
Developing with blockchain is difficult, time-consuming, and not very interoperable with other web services. Innovators have produced blockchain APIs for allowing developers to deploy, interact with, and integrate blockchain technologies into their applications. This track covers a new wave of blockchain APIs you utilize in your web application.
High scale implementers of microservices—especially those using container-based deployments on Kubernetes—are recognizing the need for dynamic routing, cross-system security policy management, as well as metric collection for message traceability and system observability. These capabilities are the focus of the new class of service mesh solutions that combine service discovery, service proxies and control plane management. The sessions in this track will explore these topics in detail, along with popular open source technologies such as Envoy proxy, Istio and Linkerd. The track will also explore emerging protocols such as gRPC, Apache Kafka, and GraphQL and the role they are playing in the expanding microservice communication ecosystem.
The success of a microservice implementation ultimately comes down to its ability to adapt to change, change that comes at varying speeds in different parts of the overall system. In order to have a resilient system, design thinking is needed at all levels, and especially when designing the APIs that are the coupling mechanism for components in the system. The sessions in this track will explore the methods leading organizations are using to define context maps for their microservice systems, effective boundaries between different domains in the system, and the details of the APIs used for communication between microservices in the system.