Developing APIs with Google Cloud’s Apigee API Platform

(3 days)

Course Description

In this course, you learn how to design APIs, and how to use OpenAPI specifications to document them. You learn about the API life cycle, and how the Apigee API platform helps you manage all aspects of the life cycle. You learn how APIs can be designed using API proxies, and how APIs are packaged as API products to be used by app developers.

Through a combination of lectures, hands-on labs, and supplemental materials, you learn how to design, build, secure, deploy, and manage API solutions using Google Cloud’s Apigee API Platform.

Objectives

  • Explore and put into practice API design, development and
    management concepts.
  • Understand the value of API-first development and how to
    apply it.
  • Describe the fundamentals of REST API design.
  • Describe API products, API product strategies, and how to
    publish APIs to a developer portal.
  • Understand the role of user authentication and authorization
    and the importance of API security.
  • Understand the out-of-the-box platform capabilities for
    implementing mediation, traffic management, caching, and
    fault handling.
  • Describe the value and use of API analytics.
  • Understand the deployment options for the Apigee platform.

Audience

Developers, architects, or engineers responsible for the solutioning, design, implementation, or management of APIs, API products, or digital products that leverage APIs.

Prerequisites

Familiarity with HTTP, XML, JSON, and JavaScript is helpful.

Course Outline

Module 1: Apigee Overview

  • Understand the placement and role of API management in modern application development.
  • Define logical components and organizational structure of Apigee API platform.
  • Differentiate between Apigee flexible deployment models.
  • Explain the API life cycle.

Module 2: API-First and OpenAPI Specifications

  • Describe the fundamentals of REST API design.
  • Understand the value of API-First development and how to apply it.
  • Discuss OpenAPI specification and its use in the context of API-First development.

Module 3: API Proxies

  • Define the building blocks of APIs and API proxies.
  • Describe how API proxies work and how capabilities such as flows, policies, route rules, environment groups, and target servers play a role.
  • Describe how APIs are exposed.
  • Describe how API proxies connect to backend systems.

Module 4: API Products

  • Define API products and API product strategy.
  • Understand the role of developers, applications, and API keys in API management.
  • Describe the API publication process.
  • Understand API responses and status codes for REST APIs.

Module 5: Authentication, Authorization, and OAuth

  • Discuss the importance of API security.
  • Understand the value of application identity.
  • Understand the role of user authentication and authorization.
  • Gain deep understanding of OAuth (access tokens, refresh tokens, common pattern for all grant types) and its application in the context of API design and management.
  • Discuss federated identity and the use of JSON Web Tokens in API proxies.

Module 6: Content, Transport, and Internal Security

  • Explore platform capabilities for protecting against content-based attacks.
  • Discuss transport security and how to protect the connection between Apigee and backend services.
  • Understand how to protect sensitive data using KVMs, data masking, and private variables.

Module 7: Mediation

  • Understand the out-of-the-box platform capabilities for implementing mediation and fault handling.
  • Describe implementation patterns and policies for JSON, XML, and SOAP.
  • Understand extensibility options using Service Callouts, JavaScript, and Java.
  • Explore development practices and capabilities used to reuse, share, and enforce execution of flows and policies.

Module 8: Traffic Management

  • Describe when and how to use traffic management.
  • Evaluate options and applicable use cases for rate limiting with spike arrests and quotas.
  • Understand caching strategy and how to apply it.

Module 9: API Publishing

  • Describe API publishing strategy and process.
  • Expand understanding of REST API design by discussing API versioning.
  • Describe the role of developer portals in the API life cycle and as a critical part of API strategy.

Module 10: Logging and Analytics

  • Discuss available options for message logging.
  • Understand the value and use of API analytics.
  • Understand the extensibility options available for API analytics using custom metrics and dimensions.

Module 11: Advanced Topics

  • Discuss recommended practices and tooling for Apigee offline development.
  • Describe the capabilities offered by the Apigee API.
  • Evaluate options to leverage CI/CD as part of API life cycle.
  • Explore the Apigee deployment options.