مدیریت API: راهنمای معمار برای توسعه و مدیریت APIها در سازمان شما
API Management: An Architect's Guide to Developing and Managing APIs for Your Organization : An Architect's Guide to Developing and Managing APIs for Your Organization
معرفی کتاب «مدیریت API: راهنمای معمار برای توسعه و مدیریت APIها در سازمان شما» (با عنوان لاتین API Management: An Architect's Guide to Developing and Managing APIs for Your Organization : An Architect's Guide to Developing and Managing APIs for Your Organization) نوشتهٔ Brajesh De، منتشرشده توسط نشر Apress : Imprint: Apress در سال 2024. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است. «مدیریت API: راهنمای معمار برای توسعه و مدیریت APIها در سازمان شما» در دستهٔ برنامهنویسی قرار دارد.
APIs are the enablers for a thriving ecosystem that can drive revenue growth and ROIs for any organization. This book will cover all relevant topics and trends that enterprise architects need to know to build and govern APIs as a product. The second edition of the API Management builds on the foundation established in the first edition to cover recent advances in API development as well as the principles and best practices of building API as a product. It has been updated to cover the latest and emerging trends in API architecture, design, and implementation covering the use of gRPC, graphQL, microservices and service mesh to building and manage a scalable API platform. New chapters cover how to build an effective API strategy for digital transformation and implement an API-First architecture to build and deliver APIs as a Product. Any software architect or developer looking to adopt and build APIs for digital transformation and excellence within their organization will find this book to be an invaluable resource. What You Will Learn Understand API Management Architecture and Design best practices How to build an effective API strategy and build APIs as product How to design, build and test APIs using API-First approach How to implement API Security What are the latest API technology trends and adoption across industry Who This Book Is For CxOs, software architects, and developers who are looking to implement APIs within their organization for digital transformation initiatives. Table of Contents About the Author About the Technical Reviewers Chapter 1: Introduction to APIs APIs for Dummies The Evolution of APIs APIs Are Different from Websites Defining an API and Its Characteristics Types of APIs Examples of Popular APIs The Difference Between a Web Service and a REST API How Are APIs Different from SOA? The API Value Chain API Business Drivers API Business Models Chapter 2: API Management Secure, Reliable, and Flexible Communication The API Gateway API Security API Traffic Management Interface Translation Caching Service Routing Service Orchestration API Auditing, Logging, and Analytics API Analytics Activity Logging User Auditing Business Value Reports Advanced Analytics Service-level Monitoring Developer Enablement for APIs Developer Portal API Catalog and Documentation Developer Support Developer Onboarding Community Management API Lifecycle Management API Creation API Publication Version Management Change Notification Issue Management Chapter 3: Designing a RESTful API Interface REST Principles Uniform Interface Client-Server Stateless Cache Layered Systems Code on Demand Designing a RESTful API Identification of Resources Manipulation of Resources through Representation Self-Descriptive Messages Hypermedia as the Engine of Application State (HATEOAS) Resource Identifier Design Using URIs Resource Naming Conventions Modeling Resources and Subresources Best Practices for Identifying REST API Resources URI Path Design URI Format Naming Conventions for URI Paths HTTP Verbs for RESTful APIs GET POST PUT The Difference Between PUT and POST DELETE PATCH OPTIONS HEAD Idempotent and Safe Methods HTTP Status Code Resource Representation Design Hypermedia Controls and Metadata Accept (Client Request Header) Accept-Charset (Client Request Header) Authorization (Client Request Header) Host (Client Request Header) Location (Server Response Header) ETag (Server Response Header) Cache-Control (General Header) Content-Type (General Header) Header Naming Conventions Versioning Querying, Filtering, and Pagination Limiting via Query-String Parameters Filtering The Richardson Maturity Model Level 0: Swamp of POX (Plain Old XML) Level 1: Resources Level 2: HTTP Verbs Level 3: Hypermedia Controls Chapter 4: API Documentation The Importance of API Documentation The Audience for API Documentation Model for API Documentation Title Endpoint Method URL Parameters Message Payload Header Parameters Response Code Error Codes and Responses Sample Calls Tutorials and Walk-throughs Service-Level Agreements API Documentation Standards: OpenAPI, RAML, and API Blueprint OpenAPI OpenAPI Tools RAML Why RAML? RAML Structure RAML Tools and Projects API Blueprint API Blueprint Document Structure API Blueprint Tools Comparing OpenAPI, RAML, and API Blueprint Tools for API Documentation Swagger Postman Best Practices for API Documentation Chapter 5: API Patterns Best Practices for Building a Pragmatic RESTful API API Management Patterns API Facade Pattern API Composition Session Management Two-Phase Transaction Management Synchronous to Asynchronous Mediation Routing API Throttling Caching Logging and Monitoring API Analytics API Security Patterns Common Forms of Attack API Risk Mitigation Best Practices Authentication and Authorization Protect Against Attacks Encrypt Message Exchanges Monitor, Audit, and Log API Traffic Build API Security into the SDLC Process Use a PCI-Compliant Infrastructure API Deployment Patterns Cloud Deployment On-Premise Deployment Hybrid Deployment API Adoption Patterns APIs for Internal Application Integration APIs for Business Partner Integration APIs for External Digital Consumers APIs for Mobile APIs for IoT Chapter 6: API Version Management API Versioning vs. Software Versioning The Need to Version APIs API Versioning Principles The API Version Should Not Break Any Existing Clients Keep the Frequency of Major API Versions to a Minimum Make Backward-Compatible Changes and Avoid Making New API Versions API Versioning Should Not Be Directly Tied to Software Versioning Approaches to API Version Management Versions Using URLs Versions Using an HTTP Header Versions Using Query Parameters Versions Using a Hostname Handling Requests for Deprecated Versions API Version Lifecycle Management Chapter 7: API Security The Need for API Security API Security Threats API Authentication and Authorization API Keys Username and Password X.509 Client Certificates and Mutual Authentication OAuth OAuth Basic Concepts Actors in OAuth Tokens Scope Grant Type Authorization Code Client Credentials Resource Owner Password Credentials Implicit OpenID Connect Actors in OpenID Connect ID Tokens OpenID Authentication Flows Authorization Code Flow Implicit Flow Hybrid Flow Benefits of Integration with an Open Identity Provider Protecting Against Cyber Threats Injection Threats XML and JSON Bombs Script Injection Attacks SQL Statement Injection Script Injections Insecure Direct Object Reference Sensitive Data Exposure Cross-Site Scripting (XSS) Cross-Site Resource Forgery (CSRF or XSRF) Bot Attacks Considerations for Designing an API Security Framework API Security Threat Model Best Practices for API Security Implementation Chapter 8: API Monetization Why Monetize APIs? Which Digital Assets Can Be Monetized? How to Increase Revenue Using APIs Increase Customer Channels Increase Customer Retention Upsell Premium and Value-Added Services Increase Affiliate Channels Increase Distribution Channels API Monetization Models The Free Model The Fee-Based Model (a.k.a. Developer Pays Model) The Revenue-Sharing Model Monetization Concepts API Product API Package Rate Plan Billing Documents Monetization Reports API Monetization Best Practices Chapter 9: API Testing Strategy The Importance of API Testing Challenges in API Testing API Testing Considerations API Interface Specification Testing API Documentation Testing API Security Testing Authentication and Authorization API Fuzzing Malformed Payload Injection Malicious Content Injection Testing API Gateway Configuration API Performance Testing Preparing for the Load Test Setting up the Load Test API Performance Test Metrics Selecting the Right API Testing Tool Must-Have Features Nice-to-Have Features Common API Testing Tools Chapter 10: API Analytics The Importance of API Analytics API Analytics Stakeholders API Metrics and Reports Custom Analytics Reports Chapter 11: API Developer Portal Need for Publishing and Socializing APIs The Importance of the API Developer Portal Supporting App Developers Invitations Social Forums Federated Developer Communities Developer Portal Users API Developer Portal Features The Relationship Between a Developer Portal and an API Gateway Developer Portal Deployment Patterns Chapter 12: API Governance The Scope of API Governance The Aim of API Governance The Benefits of API Governance An API Governance Organization Steps to Set up Effective API Governance An API Governance Model API Governance Best Practices API Governance Challenges Conclusion Chapter 13: Building an Effective API Strategy API Strategy Needs and Components Aligning the API Strategy to Business Objectives Align API Strategy with Business Sponsor Goals Make APIs an Organizational Initiative Involve Stakeholders at All Levels in the API Program Building a Strong and Effective API Strategy Defining an API Business Strategy Identify Use Cases Prioritize Use Cases for API Implementation Determine the Core Capabilities and the Value Added by Partners Define a Strategy to Drive Adoption and Grow the API Ecosystem Devise a Monetization Strategy for the APIs Setting up Governance and Processes Build an API-First Culture Set up an Effective API Governance Model Defining and Setting up an API Technology Strategy Define a Robust and Flexible API Architecture Select a Suitable API Management Platform Set up the API Management Platform Pilot with an API Reference Implementation Define API Metrics to Measure Success API Performance Metrics API Adoption and Growth Metrics API Product Metrics Conclusion Chapter 14: The API-First Approach for Digital Transformation Introducing the API-First Approach Principles of the API-First Approach Benefits of the API-First Approach Getting Started with the API-First Approach Challenges with the API-First Approach Conclusion Chapter 15: Build APIs as a Product The Benefits of Building an API as a Product Examples of API as a Product Delivery Understanding API as a Product Strategy The Difference Between Project vs. Product Mindset Build the API Product Mindset Define API Specifications that Meet the Needs of the Target Audience Design and Build APIs per Specifications Promote APIs with Comprehensive Documentation and Marketing Campaigns Improve APIs Based on Customer Feedback and Needs Adhere to SLAs Advertised for APIs Monetize APIs with the Right Model Provide Warranty Support for APIs Build APIs as a Minimum Viable Product Drive API Adoption with a World-Class Developer Experience Set up a Developer Portal to Publish APIs Evangelize APIs and Act on Feedback Monitor APIs for SLA Adherence Monetize APIs with the Right Monetization Model Market API Products The Role of an API Product Owner Conclusion Chapter 16: API Architecture Trends in 2023 Trend #1: Increasing Adoption of the API-First Approach for Building an API as a Product Benefits of the API-as-a-Product Approach Trend #2: Building an Ecosystem with Hyperconnected APIs Trend #3: Enhancing API Security to Protect Against Increasing API Vulnerabilities Trend #4: The Adoption of Microservices Is Building a World of Hyperconnected APIs Trend #5: More APIs Are Powered by Serverless Infrastructure to Reduce Overhead Trend #6: Using GraphQL to Efficiently Fetch Data with APIs Trend #7: The Rise of gRPC as a Protocol for Efficient Service Communications Trend #8: Enabling Real-Time Communication Using Event-Driven APIs Trend #9: AI/ML Features via APIs Trend #10: Managing Internal APIs Using a Service Mesh Trend #11: Multiple API Gateways Are the Norm Going Forward Diverse Security Requirements for Internal and External API Traffic Multi-cloud and Hybrid Deployment Models Central vs. Local Governance for Data and Privacy Regulations and Culture Close the Gap of Growing API Management Requirements Separate Infrastructure for Non-Prod and Prod Environments Trend #12: Increased Focus on the Developer Experience The Importance of the Developer Experience Building a Rich Developer Experience for APIs Trend #13: The Rise of the API Marketplace The Difference Between an API Marketplace and an API Portal The Advantages of an API Marketplace Trend #14: API Monetization Is on the Rise Conclusion Index APIs are the enablers for a thriving ecosystem that can emphasize revenue growth and ROIs for any organization. This second edition covers all the relevant trends and advances that enterprise architects needed to excel in API management, architecture, design, and implementation. Readers will be treated to new chapters on using RPC and graphQL technologies to build APIs, an introduction to service mesh, using microservices for building scalable API platforms, and strategies for building a thriving API ecosystem. Additional chapters cover building APIs as a product using an API-first approach. Finally, a new chapter on the API maturity model will help API product owners to evaluate the efficiency and the overall API program. API Management reviews the latest API technology trends and adoptions across the industry. What You'll Learn Look at API management architecture and design best practices Implement API Security Understand API testing methods Review the latest API technology trends and adoptions across industry Who This Book For All tech and business audiences who are looking to adopt and build APIs for digital transformation and excellence within their organization.
دانلود کتاب مدیریت API: راهنمای معمار برای توسعه و مدیریت APIها در سازمان شما