Business Goals
The business objectives are to improve data processing, provide faster forecasts, secure real-time transaction recording and reporting and transition to an API-First strategy, and build an API ecosystem. However, the API ecosystem is siloed with no central management of APIs, no ability to reuse capabilities across teams, and a longer time to market. Following are the key goals,
- Capture and process commission data in real-time
- Get faster pay forecasts from the collection data to provide near real-time forecasts for the finance team.
- Record transactions in real-time and generate reports securely
- Establish an API-First strategy to transition from UI/Application-centric delivery to API-as-a-Product (AaaP) and digital channel-based organisation.
- Unify Developer Experience for User Interfaces (UI) and APIs by providing consistent API contracts and developer tooling to simplify consumption and increase efficiency
- Build an ecosystem for APIs within their organisation to make APIs consumable and efficient, deploy APIs quickly, and track their usage and overall experience.
Technological Challenges
Our client faced several technical challenges, including no centralised API management, no IAC for their existing API platform to build and tear down at will, each team having siloed APIs, and no central governance or security enforced. Below are the key challenges faced by the stock exchange,
- Centralise API Management within Kong by simplifying and consolidating existing API Gateway capabilities under an internal Kong Platform
- Leverage a shared and hardened image of Kong by automating the delivery and consumption of Kong Golden Images, providing a secure and reliable core for all Kong deployments.
- Provide the ability to host a Kong Data Plane in each team data centre to provide infrastructure isolation and support tailored SLA requirements for each set of APIs and services.
- Provide the ability to host a Kong Control Plane within a central Management Data Center (MDC) to ensure visibility across all team deployments (Kong Data Plane)
- Provide the ability to seamlessly promote APIs across environments by leveraging APIOps and continuous delivery capabilities, removing the need for extensive planning and downtime.
- Support the ability to offer certificate-based edge security for consumers by leveraging Kong Mutual Transport Layer Security (MTLS) plugin - (Future State objective)
- Lay the financial-Grade API (FAPI) compliance foundation by leveraging Open Banking standards and Kong Platform best practices. (Future State objective)
- Provide the ability to seamlessly promote APIs across environments by leveraging APIOps and continuous delivery capabilities, removing the need for extensive planning and downtime.
How NeosAlpha Helped
NeosAlpha’s expertise in API management and the Kong platform was invaluable for the chient, which faced multiple challenges. NeosAlpha’s solution involved:
- Working closely with Business Analysts, Technical Architects, InfoSec Team, DevOps, and SysOps teams.
- Building a Kong Data Plane in each team data centre for infrastructure isolation and tailored SLA requirements.
- Building a central control plane for multiple data planes.
- Integrating with ADFS and LDAP server to enable SSO in Kong Manager.
- Producing Ansible scripts for Kong deployment automation.
- Producing APIOps blueprint implementation to enable the seamless promotion of APIs across environments using APIOps and continuous delivery capabilities, eliminating the need for extensive planning and downtime.
- Successfully deploying four MVP APIs to their MVP set-up.
- Enabling the end client to be hands-on capable by the end of the project.
Results
Our client achieved its key objective of securely delivering speed and fully automated API deployment. Some of the key benefits are:
- Fully automated Kong deployment script, which the client was able to use themselves
- Reduced time to deliver APIs.
- A single monitoring and control plane to publish, manage and secure the APIs
- Kong deployed across multiple DCs with a central control plane to manage.
