SAP HCP – API Management

Post by Pankaja Soundekar, July 25, 2016.
Tweet   Share   Share

API management was earlier live on HCP and which was very good so that customers could subscribe and use on HCP but only if there is a valid license. Recently API management is put on HCP trial that means everyone who has HCP subscription can login and can enable API management and can play with it right away.
So with API management, SAP provides a tool that allows managing APIs on different SAP backend systems, maybe third party system and maybe other system want to expose in a controlled, secured and measurable manner that’s exactly where SAP API management can come in. SAP API management can be used to connect to systems and expose them, while exposing make sure that access to APIs are controlled, secured, measured and see what APIs are mostly used and so on.
Other popular APIs like from Ebay, Google, Microsoft or others there is often possibility that can or concur actually, logon to the concur developer page where there is list of all the available APIs like APIs to book a flight or hotel etc. All this information is available on the developer page of concur. Now you can test them very easily or maybe call once in hour or something or actually subscribe to these different APIs means its like telling concur or API management that you want to use certain APIs, so you subscribe to this API and get an API key. With this API key you can authenticate or identify yourself to the API management tool to call or use this specific API.

Value add to SAP API management on HCP

In general the value of an API management is that you can really control the access, so maybe you want to add an additional security level or maybe you want to add oAuth, backend systems will not understand oAuth so additional security layer is provided to your systems. This will not make any complex, so there is no need to authenticate twice or three times.
API management can also be hided so that the end users or consumers only authenticate to API management and then you can do the subsequent authentication to your backend systems.
It means that for example you could introduce one way of accessing all your APIs like oAuth you want to use and hide all other complexity of different systems in API management.
That’s exactly the key of management functionality. You can have API management as one layer on top and for consumer it’s not clear that may be they are connecting to Sap system or a database or to third party system. They only authenticate and connect via your APIs that are exposed to API management and whatever happens behind the scene is totally invisible to the consumer.
Developers who are using API management they will get an URL to access all viewer APIs, that URL is all inside the HCP and everything else happens is the magic of API management.
But that is only the security piece, now the SAP API management has a quite lot of additional functionality so for eg, one thing we can see is throttling or quota management.

Let’s say you don’t want to hit your backend system or you only want to hit it with only certain amount of calls per second or per hour or whatever so you can make sure that the API management layer blocks additional calls or maybe will allow only 5 calls per second or 10000 calls per minute or something and once this threshold is reached you can block or respond consumer saying quota is exceeded please come again in one minute or something like that.
So meaning that the API management also lets you keep track of all different APIs using and also allow you to control the costs, if you have certain amount of API calls for certain service outside of SAP you ensure by that you stay within quota of your API plan. This could be one scenario whereas other scenario could be that you want to control the amount of cost to a certain service and other service for more calls, that all is possible. Or you as the API provider can also say that I will sell access to certain API and pay certain amount or if you want more frequent access then pay more or something. That’s really about controlling the access to the services you have for eg. you want on premise system.So meaning that there is also a detailed monitoring and logging functionality available coming along with that. Right now you can see how many calls you have done and in week or month or so you can see what are your most used APIs which can be really very interesting because may be you think as certain service is really interested to the customer but in the end to transout that is something completely different. So you can control how many calls, which calls what developers are most active, what apps developers has developed are popular and so on. Quite sophisticated analytics functionality that allows you to control and see which APIs are popular.
As now that is SAP API is available on HCP, SAP are working hard to integrate almost all functionalities that are already available on this platform on HCP platform to integrate and make them available in SAP API management. So they are just getting started and are already working with different teams, services to make the integration as good as possible but idea is that to leverage the power of HCP platform so it’s not separate thing that runs somewhere else its really on HCP platform and also trying to leverage most of the functionalities that are on HCP. So API management is also part of your HCP account if you are using it productively and also with the now free developer license. Then also you have to enable it on your productive account and already few customers are using SAP API management on HCP productive account. Half yearly ago it’s released on HCP and some customers are using it live on HCP on productive but it’s just on trial.

Restrictions for free developers account


We can use it as it is and many proxy APIs that you want to have full access to analytics there are actually no limitations. Right now you can use it what is in real productive environment, you would have staging environment , you would have productive environment that you use so there are different scenarios how you would enhance your setup in a real productive usage. For trial you can definitely use it as it is and start exposing APIs in API management for non productive usage.
What was interesting is the SAP API management released 2 weeks ago on trial but also had other release 4 weeks ago the SAP API hub and the goal of this SAP API hub which is also based on SAP API management. You can find discover test and use services from HCP but now it’s just getting started so very few services are listed in API hub but overtime will get more services from other applications in HCP and in end these APIs will also be surfaced in API hub.
API hub is available in the list of services in free developers account, it should be already enabled by default but you can also enable it and can access the API hub and from there you can see 2 products one from SAP translation hub and other product which highlights some of the services in HCP.
There are tutorials available in some SCN blogs, which guide you through some steps like how you can use the SAP API hub and what functionalities are there so on and similarly for the SAP API management on HCP trial there we also have quite a few blogs also available.

Some blogs in SCN.

http://scn.sap.com/community/api-management/blog/2016/01/25/how-to-use-sap-api-hub-beta
https://account.hanatrial.ondemand.com/
Login to sap trial account and enable hub, if any questions or comments can post in SCN.

Pankaja Soundekar
Manager, Logic Scale

Pankaja Soundekar is an ambitious Software Developer for SAP Applications from India. She is specialized in SAPUI5 and custom tailored SAP FIORI. In addition to his everyday job he loves any kind of technical challenge – be it Hard- or Software related – and also devotes his free time with upcoming and trendy IT topics.