Deep-Dive on SAP API Management powered by HCP: Publish, consume and monitor APIs in secure and scalable manner
As developers on the HANA Cloud Platform, you know that in order to build, extend, and integrate cloud-first apps, HCP provides different types of services such as integration services, analytics services, security services, IoT services, and UX services. These back-end services can be easily accessed using easy to consume APIs. For example, when you develop any IoT-based mobile application to monitor the room temperature, this application makes API calls to consume HCP IoT services and mobile services which will get/store data in the backend systems and display it on a mobile app. But these APIs alone are not sufficient. All of these APIs need to be managed and controlled. And this is done by API management. SAP API Management is one of the capabilities provided by integration services in HANA Cloud Platform.
SAP API Management is created to address API needs with features such as API provisioning and publishing, API discovery and consumption, security and access control, analytics and reporting, monitoring, operations and a developer portal. It provides a framework to expose SAP or non-SAP backend data and processes as APIs using REST, OData, and standard SOAP services. These APIs can be used to provide backend content to developers and 3rd party applications to drive commercial transactions and subscription growth.
As API Management is running on SAP’s HANA Cloud Platform, it immediately can tap into SAP’s unified cloud portfolio of services, developed apps, and integration capabilities all hosted on SAP’s Cloud infrastructure. In order to maintain the unified experience, SAP API Management integrates with classic SAP On-Premise services that run SAP Gateway via OData. With a built-in discovery feature, SAP API Management can connect to the repository of services already created and expose them as a managed API. It will also capture existing service documentation and include it with the generated API. Rather than app developers consuming services directly, you just access the APIs created using SAP API Management and can create apps without having to know the details about the system you are working on. APIs created using SAP API Management map a publicly available HTTP endpoint to backend services. SAP API Management handles the security and authorizations required to protect, analyze, and monitor your services.
Here is the API-based 4-layer architecture that explains where the API Management layer fits in:
Layer 1: API Runtime is the base layer. Developers create and build APIs from services, which could be anything providing data upon request. E.g. standard SAP on-premise Business Suite Service, a custom database, or some managed cloud service. This is the data which is locked in its own silo, which you are looking to make available in a lightweight, controlled manner.
Layer 2: The next layer, API Implementation, is an optional one. This relates to utilizing SAP Gateway or the reusable component Integration Gateway in order to transform RFCs, BAPIs, or other non-web enabled services into standard OData/REST or SOAP exposed services, which can then be consumed by applications designed to speak OData/REST or SOAP, such as API Management. This layer is optional, and only needed for services which are not natively web-enabled.
Layer 3: SAP API Management is a blanket layer between generation layer and the consumption layer, which is where all the apps live, providing users the powerful front-ends for consuming and utilizing the backend data. The API Management layer’s primary purpose is mediating all communication between these two layers.
Layer 4: This layer provides a single consistent look and feel to all the data it exposes, via REST or OData, so that regardless of what the source actually is, the apps consuming the information need only to know these standard data protocols in order to present them to the users.
SAP API Management consists of 3 high level components:
- API platform – It provides tools to manage APIs and helps in adding, configuring APIs, and managing developers and apps. It helps to create and consume APIs, be it building API proxies as a service provider or using APIs, SDKs, and other convenient services as an app developer
- API analytics – It provides powerful analytical tools to view short and long term real time usage trends of APIs. IP, URL, user ID for API call information, latency data, error data, and cache performance metrics etc. can be collected.
- Developer services – It provides tools to manage app developers. To quickly onboard developers, it provides a developer portal for API discovery of publicly available API products. It provides facility to enforce Role Based Access Control (RBAC) to control access to features of the portal.
Finally, here are some of the main features of SAP API Management:
- Discovery and Consumption – SAP API Management provides API discovery, catalog, subscription etc., making it easy to consume data across all devices and UIs. Complexity is reduced with unified access and governance of APIs across all landscapes. A developer portal provides comprehensive API exploration and documentation.
- API Provisioning and Publishing – Features include API Registration, security and traffic policy definition, protocol definition and mapping, API Availability and Lifecycle Management.
- Analytics and Reporting – Analytics powered by SAP HANA provide real-time visibility on how, who and when enterprise information is accessed via APIs. The analytics provide reports on usage metrics, errors, latency, and performance in a simple, intuitive Web experience. It helps to gain better insights on where to invest your resources in the future. The historical and predictive analytics let you inspect and troubleshoot any issues in the system.
- Security and Access Control – SAP API Management provides policy enforcement, throttling and API Monitoring to aid in scaled and governed access to enterprise information. The security policies provide XML Threat Protection, JSON Threat Protection in addition to Message Validation policy for XML Schemas (XSDs) and WSDL definitions. The mediation policies that can be defined and associated to an API or service enable extraction, filtering and manipulation of messages including headers, URI paths, payloads, and query parameters. SAP API Management supports flexible choice of Authentication schemes such as SAML 2.0, OAuth, Client certificate, API Keys etc. It also provides Role Based Access Control for the Administration of APIs.
- Traffic Management: SAP API Management provides quota policies to manage traffic to the backend servers in order to avoid overloading those servers. It also provides quota calculation at Application Level and Concurrency Rate-limiting and Spike Arrest for APIs.
Thus SAP API Management capabilities enable IT to simplify the way developers go about integrating with their SAP and non-SAP applications, thus reducing cost, fostering co-innovation and increasing participation in the API economy, in a lightweight and cost effective manner.
SAP API Management is now available on HANA Cloud Platform trial account. Check out this blog to enable API Management service in your trial account: Free Trial of SAP API Management on HANA Cloud Platform is available now!
You can learn more about SAP API Management at
- SAP HANA Cloud Documentation – http://bit.ly/1ZO6mR4
- SCN http://scn.sap.com/community/api-management
- SAP – http://hcp.sap.com/capabilities/api-management.html
- Social media channels:
- YouTube: http://spr.ly/youtube-sap-api-management
- Facebook: SAP Cloud: https://www.facebook.com/SAPCloudSolutionshttps://www.facebook.com/sapdevelopers
- Twitter: SAP Cloud: https://twitter.com/SAPCloud, SAP Developers: https://twitter.com/sapdevs
Pretty excited to see this blog about API Management - keep it coming!
Hi Sonali - is the SAP API Hub service on HCP Trial account offering what all is mentioned here?
No. SAP API Hub exposes SAP APIs for public development via HCP Trial. It is managed by SAP API Management. API Hub is a discovery area for SAP APIs. Here is the blog where you can find more information:
SAP API Hub (Beta) available on HANA Cloud Platform Trial
How to use SAP API Hub (Beta)
SAP API Management provides the API Administration portal, where an Administrator provisions and deploys APIs with policies to govern traffic and security.
It then provides a Developer Portal, where the APIs provisioned in the Admin Portal, are exposed to Developers to build apps to consume the data exposed by those APIs. In the above blog this is the portion described under "Developer Services" and "Discovery and Consumption".
SAP API Hub on HCP Trial is essentially the Developer Portal of SAP API Management, exposing SAP APIs, which have been provisioned and governed by SAP, for discovery and consumption. It will continue to expand as SAP develops more APIs to be publicly consumed.
If you are interested in SAP API Management, there a number of blogs/videos under the SCN space SAP APIs and API Management , which I recommend you take a look at. I also recommend keeping an eye on that space, for when SAP API Management is made available on the HCP Trial accounts, and for information on how to get to started using it.
I am wondering is there any advantage for the tool provided by Apigee compared to SAP?
When you say tool, do you mean API Management, or are you referring to a specific item?
SAP entered into a partnership with Apigee, mid-2014 with two branches. For the Apigee OnPremise API Management solution, SAP became a branded reseller of the Apigee Edge solution.
For the SAP Cloud API Management solution, SAP extracted the RunTime component of the Apigee product (including its core management capabilities), and developed a custom design-time platform to run on HANA Cloud Platform PaaS solution, and integrate with SAP offerings including HCP services, SAP HANA, and classic On-Premise solutions.
Apigee runs its own cloud solution on the IaaS AWS, with its own additions around API design. There are strengths and weaknesses to both approaches.
Please let me know if you were asking about something different.
Is the API management cloud offering clubbed with HCP?
Or is there an option of the to be licence separately?
License-wise, SAP API Management Cloud version can be licensed completely on its own.
Since API Management Cloud Edition is deployed on HCP, it will be part of a customers HCP tenant, even if purchased by itself.
Thanks. That helps!
I am aware that there is a Apigee-SAP OEM contract. With that in mind, is the solution a white-labeled Apigee under the hood kind of thing or does the SAP version include more features? Or is it that my understanding is completely wrong? 🙂
The Apigee-SAP OEM contract relates to the OnPremises version of SAP API Management (full name SAP API Management by Apigee).
The SolEx Partnership for the Cloud was that SAP was able to use the RunTime component from Apigee (the portion which handles the actual connections between client and endpoint) hosted in SAPs Data Centers, and Managed centrally by an SAP built Cloud DesignTime tooling.
This allows for leveraging of the Management capabilities from Apigee, with the addition of the strengith of the HCP Platform capabilities and interoperability, as well as easy connectivity with SAP.
Some examples of easy connectivity to SAP / HCP
Connect to SAP Gateway ERP How to use SAP API Management on HCP Trial
Connect to HCI OData Provisioning Expose Gateway Services via HCI OData Provisioning, and secure them using SAP API Management on HCP Trial - Part 1
Expose Gateway Services via HCI OData Provisioning, and secure them using SAP API Management on HCP Trial - Part 2
Connect to local service deployed on HCP Exposing Digital API’s using HCP Trial - API Management Service
Hope that helps 🙂
Is there a data sheet where i can have a view of all the features and capabilities of the platform?
Currently there is no Datasheet per-se, however there are a few resources to help you get started:
Brief discussion of the solution: Solution Brief: SAP API Management (cloud offering)
Brief discussion of the technical capaibilities: SAP API Management - Cloud Technical Brief
Online Documentation: SAP API Management
And since the heart of SAP API Management is the Policies, I would read over the available Policy Types as the best way to get familiar with the main capabilities: SAP API Management Policy types
I hope that helps with getting an overview of features and capabilities for now.
Good to see some interesting blogs on apigee and API Mgmgt from Sonali Desai and Elijah Martinez - keep it up guys!
Do we have a "How To" guide on ECC to apigee? Where ECC is the consumer (sends a request to an apigee end-point) and apigee calls the provider (a SaaS) and responds to ECC (real-time sync interface).