mashery api management kit

The Mashery API Management Kit: Tips and Advice for a Successful API Strategy Whitepaper: Mashery API Management 101 Whitepaper: TurboCharge Your Mobile Strategy with APIs Whitepaper for Media/Publishers: 5 Tips for Navigating Digital Channels Whitepaper for Retailers: Accelerated Commerce - Digital Retail Strategies Whitepaper: Mashery’s Cloud Advantage - API Management in the Cloud

Upload: dakota-gebert

Post on 24-Oct-2014




2 download


Page 1: Mashery API Management Kit

The Mashery API Management Kit: Tips and Advice for a Successful API Strategy

Whitepaper: Mashery API Management 101Whitepaper: TurboCharge Your Mobile Strategy with APIsWhitepaper for Media/Publishers: 5 Tips for Navigating Digital ChannelsWhitepaper for Retailers: Accelerated Commerce - Digital Retail StrategiesWhitepaper: Mashery’s Cloud Advantage - API Management in the Cloud

Page 2: Mashery API Management Kit

Mashery API Management 101: Getting Your Content From There to Everywhere

What Is An API?From a business perspective, an API is a way to leverage assets you already own and increase your innovation, product development, market knowledge, and revenues.

Using an Application Programming Interface, companies can offer software developers a limited set of databases and software programs related to one or more of their products. These new coders might be company employees, corporate partners, or outside developers with novel ideas about creating value. No one using the API can change the core data. They can create new things, though, under rules established by the owner.

Big tech companies have used APIs to tap into a bigger talent pool for a while. For example, independent developers built thousands of applications running on Apple’s iPhone, via APIs controlled by Apple. When Google wanted an army of developers to build novel applications of its Maps program, it used APIs. In a short time, thousands of people around the world created maps that listed their favorite restaurants, locations of where a band was touring, even places mentioned on the TV show Seinfield.

The blend of native data, like the Maps information, with new and unexplored ideas is called a “mashup.” The term originally refers to the great result when a music deejay creates something unexpected and wonderful from artfully blending two great songs.

Not incidentally, that is why we’re called Mashery: We create and manage environments where developers build valuable mashups for companies like Netflix, Best Buy, and The New York Times. We have been doing this for years, and have built a network of over 50,000 developers worldwide, along with proven standards for release, analysis and reporting.

APIs are used for much more than mashups, and have a long history in computing. Developers have used an API for access to specifications for protocols, data structures, and other elements that are critical for consumers of whatever is created. APIs are used to run one or more programming languages, and relied on for the rules by which a computer programming language is run. That is still a big reason for APIs, but they have taken on a whole new life and meaning as the Internet has enabled the digital spread of information, and opened up computing to more players.

MAShErY API MANAGEMENT 101: Getting Your Content From There To Everywhere

Page 3: Mashery API Management Kit

Mashery API Management 101: Getting Your Content From There to Everywhere 2

What Do I Need An API?

There is an old saying in high tech: “The smartest people are always somewhere else.” Meaning that no matter how smart, motivated and talented your team, they could probably do even better with the creative insights of the right person. With 8 billion people on the planet, though, that person is probably not in the next room.

Welcome to another place where the Internet has changed everything. APIs and mashups, delivered over the Web, enable you to interact with more talent than anyone in an earlier generation could expect to meet in one lifetime. Your data, your product, and your brand can travel anywhere, gaining visibility and customers in new places as it is employed in all kinds of new ways.

This might be as simple as better customer service on your Website. Mashery client Best Buy opened catalog data to its employees through an API, and one of them created a better way for online shoppers to locate stores where a product they wanted was in stock. Or it might mean putting your company anywhere you want on the Web, as Netflix did when it used Mashery to put its service on mobile devices, social networks, and third-party Websites, while protecting user data.

APIs and Mashups are part of a revolution in commerce. Through a Web browser, we now access millions of computer servers at once, linked together to form a “cloud” of super computers, available at low cost. On a similar scale, people are linked intentionally and on an ad hoc basis over the Internet, creating information about celebrities, revolutions, and even traffic jams in real time, faster and often better than traditional media could.

What happens when you blend the two?

Open APIs use the new scale of computing and large-scale human interaction for unprecedented collaboration on products and services. The resulting mashups mean new product strengths, access to previously unknown customers, and valuable data around innovation, talent, and brand.

Mashery has pursued this vision for years, building trusted products we are delighted to see moving into the mainstream of commerce. Within a few years, we are confident, the question will not be “Why do I need an API?” It will be “What did I ever do without one?”

Page 4: Mashery API Management Kit

Mashery API Management 101: Getting Your Content From There to Everywhere 3

What Can Mashery Do For Me? Mashery is the place for API-based business creation. Our guiding principles are trust, collaboration, and presence, in service of rapid, value-based business creation .

They have made us the leader in this industry, with the most customers, the most sought-after thinkers, and the most forward-looking products.

We know how valuable your data is. That is why we provide a secure platform in which you can share it however you choose: With internal

third-parties with sky-high dreams. Our Developer Portal, branded to extend your organization, is

Industry LeaderDevelopers can gather there to communicate with you, learn what data are available to them, link to live applications, and view sample code. They do this through our API key, which also ensures that all applications leveraging your data adhere to any Terms of Service or security authorization you choose.

Thriving Developer NetworkWe are also passionate about fostering APIs as a business tool, and have built a network of over 140,000 registered developers. The Mashery API Network provides them with information about what’s out there, and gives you assurance that all calls on your data are authenticated,

immediately, with no impact to your existing systems.

Strategic Services to Match Business GoalsWhile we manage the developers, we also collect information on which applications are making calls to your APIs, providing you with rapid insight into who is doing what, and what success it is having

capacities, popular and trending topics, and other insights into the success of new strategies.

Technology That Grows With YouWhile we manage the developers, we also collect information on which applications are making calls to your APIs, providing you with rapid insight into who is doing what, and what success it is having

capacities, popular and trending topics, and other insights into the success of new strategies.

Page 5: Mashery API Management Kit

Mashery, Inc.

717 Market Street, Suite 300

San Francisco, CA 94103

[email protected]

(415) 684-7200

Mashery API Management 101: Getting Your Content From There to Everywhere 4

Page 6: Mashery API Management Kit

Are you tAlking mobile Apps And pArtnerships?Then you’re talking APIs.

Is your IT shop flooded with requests to support new mobile apps and strategic partnerships? If so, experts agree it’s time to invest in a secure, flexible Web API, or application programming interface. APIs are at the center of what Gartner calls the new “extensible enterprise.”

but how to build A robust, scAlAble Api progrAm?In this white paper, Mashery— the leading API management solution for over 150 top enterprises including best buy, netflix, expedia, espn, and the new york times—shares lessons learned about deploying and managing successful enterprise APIs.

turbochArge your mobile strAtegy with Apis

contact mashery [email protected]

connect with masheryTwitter: @masheryFB:

inside:7 steps to A greAt Api progrAm

Page 7: Mashery API Management Kit

7 steps to a successful Api program

tArget YOUR mobile App deVelopersAn API will turbocharge app development among your own developers, your strategic partners, and even public developers—people outside your company who are itching to innovate with your data. Successful API programs target some or all of these groups.

For example, Best Buy saves millions of dollars and weeks of development time by exposing API resources to its outsourcing partners and agencies. But BBYOPEN, an open version of Best Buy’s API, also powers partnerships like Citibank’s rewards program, in which Citibank customers can redeem rewards points for Best Buy merchandise.

Once you decide which developer groups to target, you can set appropriate access policies and terms of service.


Mobile devices are getting more powerful, but they still have limitations in processing power and bandwidth. Where possible, minimize response size by adopting lean formats like JSON (more on that in step 6) and allowing apps to specify the size of data chunks you’ll return. Compress responses with GZIP, especially when payloads are large.

If you’re serving the same responses over and over, you can gain big efficiencies by caching responses close to where apps live through a content delivery network, or CDN. Your data center will enjoy a lighter load, and you’ll see faster response times. Mashery customers serve up to 90% of responses from Mashery’s global, distributed cache, speeding response times by 10x or more.


















optimiZe your Api For mobile

Page 8: Mashery API Management Kit

leVerAge the cloud —or stAy on-prem3

It’s becoming increasingly common for successful API providers to think of their APIs as not just one set of methods and policies, but rather as a product line of API packages. One package might support apps built by your own developers—with generous rate limits and extensive access to corporate resources—while another might enforce stricter limits and expose only a subset of resources for close partners. An even more restrictive package might support public developers.

The most successful API programs now package not only different levels of access, but also different business models—each tailored to the needs of a specific developer segment.


contact mashery [email protected]

connect with masheryTwitter: @masheryFB:






















trust some mobile Apps more thAn others

Where you put your API traffic management solution matters. For maximum ease of deployment and high-performance caching, distribute your traffic manager through a cloud-based delivery platform. For data around which the business requires more control or security, consider an on-premise traffic management solution.

Either way, be sure that you can set policies, manage developers, and monitor traffic across all traffic managers from a central dashboard.

Page 9: Mashery API Management Kit

grow your deVeloper community

Whether they’re on your corporate campus or at a hackathon (more on those below), developers can do more with your API if you make life easy for them. That means creating a portal where they can get easy access to keys, giving them interactive documentation (such as Mashery I/O Docs) that let developers explore and test your API before they write code, and providing usage reports so they can see how their apps are interacting with your API over time.

It’s also important to employ popular design principles and formats. According to Programmable Web, nearly 75 percent of open APIs follow RESTful design principles. If your API is SOAP-based, consider the advantages of REST. Likewise, the majority of open APIs now return responses in JSON, the lean Javascript object notation that is edging out XML.




2005 2007 TODAY

These days, mobile apps are expected not only to deliver product and service information, but also to handle full-on transactions. For PCI compliant enterprises—those that submit to audits around the Payment Card Industry standard for handling credit card data—this can present challenges.

Mashery recommends several best practices for extending commerce to mobile apps. For your own apps, encrypt data and get PCI auditors to add your API to their scope. To allow partner apps to transact, employ a PCI-compliant API distribution platform. Or, use OAuth to let app users authorize purchases using payment info that’s already on file.


Finally, remember that a thriving community of apps doesn’t happen without a thriving community of developers. If you’re targeting public developers, sponsor hackathons or other app contests that encourage developers to dig into your API.

Companies including USA Today, Yellow Pages Group, and Lulu take advantage of Mashery’s Developer Outreach platform to reach our community of over 130,000 (and growing) registered developers through Mashery-sponsored hackathons, the Mashery Developer Newsletters, and other programs.

distribute your buy button

delight your mobile deVelopers

contact mashery [email protected]

connect with masheryTwitter: @masheryFB:

i/o docs

Page 10: Mashery API Management Kit


From Bookstore to Appstore: 5 tips For NAvigAtiNg New DigitAl ChANNels For puBlishers AND meDiA proviDers

executive summaryin recent years ubiquitous connectivity has created a generation of consumers demanding access to any content at any time. while the impact on formats to support myriad devices has not been insignificant, the shift in channels and distribution methods has been downright explosive - a splintering of once predictable channels splintering like a series of fireworks proliferating into a showering of ignitable embers. hurried commuters checking local weather on an iphone app, delayed travelers downloading an eBook just paces away from the airport bookstore, mystery buffs consulting with a book store employee before filling up an eBook with the latest titles, students reading text books on tablets, and newspapers coming to life with relevant headlines, sports scores and weather based on location - all examples of viable digital channels.

the once mighty bookstore end cap has been handily replaced by high ranking in search results, prominent placement in an app store, maximum stars on user rating or native inclusion on a newly released device. even as this introduction is being written, signing onto an internet connection at the local starbucks invites a free peek at a selected book.

this whitepaper provides 5 simple tips for helping publishing and media professionals rethink traditional distribution channels. we invite you to read and ponder, to provoke the status quo and embrace the vast opportunity that today’s rapidly shifting digital landscape offers.

“when you’re finished changing, you’re finished.” - Benjamin Franklin

From Bookstore to Appstore: 5 tips for Navigating New Digital Channels for publishers and media providers

Page 11: Mashery API Management Kit


From Bookstore to Appstore: 5 tips For NAvigAtiNg New DigitAl ChANNels For puBlishers AND meDiA proviDers 2

tip #1: Quiet Your inner Chicken little much like mark twain’s first death, reports of the demise of a reading public have been greatly exaggerated. while the growth in digital media is often associated with an American public reading less, nothing could be further from the truth. in fact, the average American reads over 35,000 words a day (the equivalent of roughly 1/3 of an average novel). As a whole, our consumption of the written word has increased from 26% of our daily dose of information in 1960 to over 36% in 2008. while it is true that traditional print media (like newspapers and books) have declined, digital reading has more than made up for that drop and all signs point to this trend continuing. A recent poll found that in 2010, nearly 40% (39.5%) of all us mobile phone users used their device to access news and information - more than those who used it for email (30.5%) and nearly twice as many as used it for playing games (23.2%).

with digital readers (whether they be smartphones, tablets, ereaders or even interactive displays) quite literally in the hands of consumers almost 24x7, there has never been a better time to reach them. the key lies in understanding the shifting and splintering means by which these consumers discover and access consumer information.

tip #2: the early Bird Catches the wormremember, it’s not just content providers participating in the race for readership. Device makers and platform providers are just as eager to grab mind and market share. in 2011 alone, an estimated 101 varieties of tablets are scheduled to hit the market and ereaders predicted to be sold. in order to differentiate amongst a growing assortment of increasingly similar products, device makers rely on marketing that highlights each device’s unique capabilities and functionality. And this means they need great sample content with which to showcase these features.

As a content provider, getting in early means a unique opportunity to include your content in marketing and promotions for the devices themselves. with device manufacturers pouring big bucks into advertising this could mean - literally - millions of dollars worth of free promotion by simply being first to market.

The team at USA Today worked with a design firm expert in advanced and tactile interface design to create a USA Today iPad app in time for a launch the same day the iPad was released in the US market. The app was heavily showcased by Apple evangelists as part of the overall iPad launch.

From day one, USA Today enjoyed a position as the #1 downloaded iPad news application as well as top rankings in both downloads (nearly 200,000 in the first 2 weeks alone) and user reviews. The success of the application even buoyed USA TODAY’s rankings in other digital channels- with the newspaper’s online Alexa ranking rocketing from #46 to #20.

Page 12: Mashery API Management Kit


From Bookstore to Appstore: 5 tips For NAvigAtiNg New DigitAl ChANNels For puBlishers AND meDiA proviDers 3

tip #3: Don’t be Afraid to let others innovate for You - At least at FirstNo single person, department or even company is capable of delivering a user experience optimized for each and every one of the diverse offerings of digital platforms and channels. in-store kiosks, tactile tablets, lightweight ereaders all offer unique flavors of user interaction. even a well-managed list of projects, when delivered sequentially, means a constant game of catch up in delivering apps to market in a timely way. Allowing outside developers - whether they be trusted partners or third-party developers - access to portions of your content and functionality not only helps you deliver speed to market, but often results in a better end-user experience when these partners provide device-specific expertise. this generation’s breed of creative inventors, developers, cite reasons as varied as playing with new data to garnering prestige to good ‘ole fashioned money as reasons for using third party data to build apps. outside innovation can be a phenomenal method for testing new formats, platforms and interfaces and then improving upon them with in-house resources at a later date. Finding ways to engage outside developers doesn’t mean needing to give away exclusive rights. And as your digital programs grow, seeding outside innovation can be a fantastic way to find talent aligned with your organization.

Netflix opened access to their database of available movies, ratings, meta-data and ‘add to queue’ functionality to developer communities in Fall of 2008. Within weeks they had their first Blackberry app and several iPhone apps - including at least one listed as a top app. Now, 2 years later, the Netflix content had proliferated to over 200 different devices. Next steps for Netflix involve utilizing the valuable data from what they’ve learned to focus on taking innovation internal.

tip #4: All Content is not Created equalopening up content to outside innovation doesn’t have to be as black and white as the newspapers of yore. providing portions of content or limited volumes for free is a great way to allow outside innovators to sample your content, test out applications and markets and enter into a relationship with you. Deeper levels of content consumption can be monetized with an agreement to carry advertising or a link back to your company-owned properties for further reading.

licensing tiers not only offer a practical way to be open without being too open, but also provide opportunities to monetize content that may have been sitting in digital archives collecting virtual dust. historical data can be a treasure trove for powering applications that look to provide comprehensive information about niche topics or to illustrate information over time.

Page 13: Mashery API Management Kit


From Bookstore to Appstore: 5 tips For NAvigAtiNg New DigitAl ChANNels For puBlishers AND meDiA proviDers 4

In May, 2010, The Guardian (UK) launched an Open Platform initiative giving access to not only current content but also rich datastores and an archive of over 1 million articles. A multi-tiered business model allows for The Guardian to combine an open approach with path toward monetization. Partners fall into one of three tiers: Tier 1 partners gain free access to Guardian headlines, tags, meta data etc. and can use any and all content for free. Tier 2 partners are granted a special license to republish Guardian content. While the agreement is predicated on the Guardian’s ability to embed advertising into the new content, the application owners are free to keep any revenue associated with the app. Tier 3 partnerships consist of custom solutions for licensing Guardian content.

tip #5: extend Your Brand with Free Contentthe open content revolution extends far beyond just making money. it represents an ideology, a new culture and includes even government initiatives in data transparency. the Freedom of information Act introduced by president lyndon B Johnson in september, 1966 began a period in modern times to celebrate the sharing of information throughout society. morphed into the electronic Freedom of information Act Amendment of 1996, the current administration vowed for “an unprecendented level of openness in government” literally hours into taking oath of office.

trusted brands in media and publishing have an unique opportunity to partner with data/content providers in bringing this information to the masses. leading and emerging brands alike have learned to utilize content generated elsewhere by providing access in easy to consume interfaces. providing this data as a service presents an opportunity to extend the range of an organizations current services- ultimately extending reach to more apps, more devices and into the hands of more end-users.

The New York Times embraces the very concept of openness - being one of the first newspapers worldwide to open their content for consumption by outside developers with their Open API Program. While much of the content is generated within the walls of the Times, their Open API program has also provided public data for consumption. Information like Campaign Finance data, U.S. Congressional voting data, Local District geographic data and information on State Legislators all represent public data presented for easy access by innovative developers building apps as varied as Town Hall iPhone app that helps research the U.S. Congress to mashups displaying campaign contributions by geography to a data visualization app that displays words prominently used in the Senate.

Page 14: Mashery API Management Kit

mashery, inc.

717 market street, suite 300

san Francisco, CA 94103

[email protected]

(415) 684-7200

From Bookstore to Appstore: 5 tips For NAvigAtiNg New DigitAl ChANNels For puBlishers AND meDiA proviDers 5

meDiA white pAper

Sources:Bohn, roger e, short, James e. “how much information? 2009 report on American Consumer.” information industry Center university of California, san Diego. January 2010.

“u.s. Digital Year in review 2010: A recap of the Year in Digital media.” Comscore. February 2011.

“kindle leading e-reader market, ipad rules tablets…so far”. tech Journal south. January 19, 2011.

“iDC worldwide Quarterly media tablet and ereader tracker.” international Data Corporation (iDC). January 18, 2011.

hugo. “the state of tablet pCs in 2011.” gotta Be mobile. February 11, 2011 .

Frommer, Dan. “here’s why Apple’s ipad will Dominate the tablet market For Years.” Business insider. February 3, 2011.

wikipedia. “Comparison of e-Book readers.”Feb 13, 2011.

Page 15: Mashery API Management Kit


INTRODUCTION2011 saw double-digit increases in eCommerce despite overall worldwide economic growth rates hovering just slightly above zero. Cyber-Monday alone set a record 22% increase in year over year sales and the reports pouring in from 2011 holiday spending include all kinds of record breaking figures.

Times have never been better for eCommerce professionals.

The future of digital is even rosier. With smartphones in the pockets of 48% of Americans (and over 50% in the U.K.) digital in-store kiosks proliferating, and an 80% increase in electronic payments opportunities to drive more and more digital commerce is coming the way of savvy retailers. With devices including mobile phones, tablets, in-store kiosks, internet-enabled POS stations, connected gaming consoles, TVs, and even refrigerators, consumers are everywhere. Never before have there been so many ways to connect to purchase-ready buyers.

Yet with each of these new digital opportunities, comes another item on the list of projects piled up in an IT department’s backlog – the long meetings of pie-charts and statistics around which smartphone platform to tackle first, the queue of bar-code scanning affiliates waiting for your data feed, the integration project with a mobile website and store location information. Oh, yes, and that iPad app the CEO has requested personally.

This paper examines how an eCommerce executive looking to conquer the diversity of devices and proliferation of digital screens can leverage APIs to accelerate development, tackle multiple projects simultaneously and integrate channels both internal and externally.

WHAT’S AN API?Traditionally, databases, product catalogs or content servers are programmed to talk to a single system - say your website. Efforts to allow other systems (say an iPhone app) to talk to something like your product catalog require one-off efforts of intense programming. An API allows you to open up - or expose - your data in a way that makes it accessible to any number of devices outside of your website or even rich internet widgets within your existing website. In effect, an API becomes the key to a one-stop shop enabling you to explore any number of emerging channels without repeating efforts.

This white paper is intended to introduce you to the opportunities that APIs offer and key strategies for optimizing the effectiveness of an API program.

WHAT’S IN AN API?An API is an easy way to expose data and services to digital developers- whether they be in-house, partners, affiliates or even long-tail developers. Think of the assets to which they would like automatic access - the building blocks they might need to build their extension to your business and this helps paint a picture of the best APIs to build.


An 80% increase in electronic payments mean only more and more digital commerce coming the way of savvy retailers.


Page 16: Mashery API Management Kit


Retailers with more mature API programs, like Best Buy, have even begun to brand their APIs with iconography representing the different categories, promotional videos touting their value and - of course - a plethora of sample applications, solid documentation (consistently the most asked for support feature for developers) and frictionless registration.


Product API

Commerce API

Stores API

BBYScan- The QR Code Service API

Mobile Upgrade Checker API

Reviews API

Categories API




The Best Buy APIs represent all relevant aspects of their commerce experience and are leveraged in apps from affiliates, internal developers, key strategic partners and even long-tail developers.

Source: Best Buy Remix Developer Portal

Products API• Pricing • Availability • Specifications • Descriptions and

images for nearly a million current and historical products

Commerce API (Invite Only API)

• Provides seamless purchasing and product fulfillment through at - home delivery or in-store pick-up for partner e-commerce or web-based sites

Stores API• Address• Geo-location• Stores hours

and phone number.

Reviews API• Reviewer • Rating • Date Submitted • Review commentary

Categories API• Category and

product searches within category on

• Scan API

BBYSCan- The QR Code Service API• Provides usage data

on who is scanning QR codes, as well as when, where, and what is being scanned within Best Buy stores.

BBYFeed – The Human Answers API (Internal Only API)

• Provides access to data learned from customer and associate interactions.

BBYOffer API (Internal Best Buy API)

• Provides access to the latest Best Buy offers and promotions.

Mobile Upgrade Checker API• Allows users to check

the status of their upgrade status, and determine the trade in value of their current phone.

BUILDING THE BUSINESS CASE:What Will/Can APIs do for my Business?

While APIs represent an underlying data structure, the adoption of an API-based strategy can be a massive accelerator for retail businesses. As a matter of fact, the decision to adopt an API strategy in our rapidly shifting digital world, is one of the most important business decisions that today’s digital commerce executives can make.

Page 17: Mashery API Management Kit




EXPEDIA AFFILIATESThe revamp of their API and affiliate program has allowed Expedia Affiliate Network to support over 3,000 active affiliates. Their API includes access to Hotel, Airline, and Rental Car information, and is available in 20 languages.

By utilizing their API, Netflix was able to extend their service to over 200 different devices in less than two years including major television sets, gaming devices, remote controls and all major mobile platforms.

Exponentially Increase Affiliations

Affiliates drive a substantial portion of many eCommerce programs. Yet data access methods often remain stuck in the data feeds or spreadsheet dumps of yesteryear. Additionally, partner on-boarding can occupy weeks (sometimes...months) of legal wrangling, support-calls and integration plans. Retailers modernizing their affiliate relationships with APIs report the reduction of integration time from weeks to minutes (yes, really). Additionally, seamless on-boarding of affiliates allow for effortless engagement with long-tail affiliates.

APIs offer the following benefits for retailers of all types and sizes:

Accelerate Mobile Strategy

A ‘Mobile’ strategy can be defined as much more than a roadmap for your next iPhone app. With dozens of mobile platforms, tablets, internet-enabled POS and store kiosks - all connected from gaming devices to household appli-ances to bus stops and even to pill cap bottles - the key to a solid ‘mobile’ strategy is in being able to proliferate your brand or offering across all relevant digital touch points. APIs decrease development time for each new app or platform offering – often by over 75%. Additionally, because APIs allow your data and services to be more easily accessed, the ability to contract with partner organizations becomes more seamless.

Like affiliate integrations, APIs drastically reduce the integration time with key strategic partners not only adding efficiency to existing relationships but freeing up resources to focus on exploring partners that leverage different and new capabilities like bar-code scanning, geo-local, group buying, and social media.


Through a high-profile partnership, Citibank rewards members can purchase Best Buy products using Citi-Rewards points. Customers in a Best Buy store can scan a barcode of any product and find out on the spot if they have adequate Citi-Reward points for purchase. Through a mobile device, these same joint customers can even ‘purchase’ products using points.

Transform Partner Integrations

Page 18: Mashery API Management Kit



AgustÍn Schapira, Principal Architect, Comcast

“At Comcast, it used to take 6 to 8 months to share resources between internal groups. Now? 30 minutes.”

Foster Innovation

Because APIs allow for such easy access to underlying data and services, carefully managed APIs can be made accessible to a broader developer community - both inside of your organization and out. Developers bring expertise to varying markets, demographics and even platforms - taking your presence to places even the most creative planning committee might not have imagined. Hackathons - both com-munity and internal are a great way to allow developers to experiment with creating new and innovative experiences.


Un-Silo Channels

Sometimes it feels like the retail industry has been searching for true multi-channel integration since the web first sprung onto those clunky desktop terminals. Since then, the holy grail of a 360’ customer-centric experience has seemed as elusive as Bigfoot. APIs enable rapid and seamless data sharing between various internal teams and systems. Think web, store, enterprise, POS, inventory, CRM, mobile all talking to each other as a true cross-channel integration.

At ASOS, an internal hack day resulted in numerous proto-types including a social shopping app, a portable ASOS ‘search button’ for integration onto any website, an online fashion trading game, twitter search bot and the winning team (pictured here) a ‘single button integration’ allowing customers to discover, save or consume any part of the ASOS experience through readers such as Feedly and Flipboard.

WHO OWNS APIS? IT OR BUSINESS? Much like the early days of the web required cooperation between technical and business teams, a robust API program require tight coordination between business strategy and technical expertise.

A recent Forrester Research report titled “The Agile Commerce Platform” summed it up well,

“APIs are not new. Developers and IT professionals have used APIs to integrate systems for many years now. What is new is how APIs are becoming a key business strategy, to the point where entire businesses are built off of them.”

With uber-connected customers demanding digital retail engagement that puts them at the center of multiple touch points, platforms and partners agility becomes a key requirement for success. An API-based digital strategy offers the fundamental basis for not just staying competitive, but relevant in today’s rapidly shifting digital landscape.

Page 19: Mashery API Management Kit

Mashery White Paper: Up in the Cloud


APIs offer an unprecedented opportunity to expand your company’s relationships with customers. That’s because they make it easy to

deploy content and services in new, ultra-relevant contexts. Those

can include your own branded apps, integrations with strategic

partners, and co-branded apps built by external developers.

But launching an API means opening new channels of

digital distribution. And like offline distributors, you’ll be

expected to deliver the goods quickly and reliably. If your

website goes down, your company suffers; if your API goes

down, everyone who relies on your API also suffers.

Over 150 enterprises—including Netflix, Best Buy, Expedia, Dun &

Bradstreet, and The New York Times—have turned to Mashery to

distribute their APIs. One reason: our global, state-of-the-art API

distribution platform is built for the cloud, with full redundancy,

failover and dynamic scaling out of the box. (Of course, without

the box!) Here’s how we maximize security, reliability and speed for the world’s most demanding API providers.

Mashery’s Cloud AdvantageWhy do companies like Expedia, Best Buy, and The New York Times choose Mashery? One reason: the world’s leading API management solution is built for the cloud.

Page 20: Mashery API Management Kit

Mashery White Paper: Up in the Cloud 2


Dynamic ScalingAt Mashery, we’ve seen demand for customers’ APIs spike by orders

of magnitude overnight. All it takes is one hot app to plug in your API, and you can scratch early assumptions about capacity. You

need an API management platform that can scale out, not just up.

Mashery’s cloud architecture allows us to scale dynamically and

limitlessly, with no action required by our customers. In fact, if a

solution provider tells you they’ve architected for the cloud and

then says you have to add boxes (or instances) when you reach a

certain level of traffic, ask why. A true cloud solution should scale

through multiple component instances, across zones and regions.

Quaternary FailoverAll Mashery customers are protected by 4 levels of redundancy and failover. Mashery is engineered not only for secure zone and

region failover, but also for failover between data center providers. In

addition to the Mashery Enterprise API Distribution Network (on the

Amazon EC2 platform), we’ve assembled a second network, Mashery

Premium, consisting of private co-location facilities around the world.

Primary failover is application failover, in which Mashery functional

application components failover to scaled instances. Secondary failover is between zones. When a zone fails, traffic is still served

from the same location, but functional component instances run

in a different zone. Tertiary failover happens between locations.

In the cloud, this means switching from one region to another

(typically the nearest working region). Quaternary failover is

between networks. The Mashery Enterprise API Distribution

Network can failover to the Mashery Premium Network, and

vice versa, meaning that for API management, our customers’

business continuity planning is completely handled by Mashery.

Smart, Flexible CachingThe true consumers of your API are the users of applications

built by you and your partners. Just as your website must serve

Page 21: Mashery API Management Kit

Mashery White Paper: Up in the Cloud 3


pages quickly, your API must achieve very fast response times.

Caching not only speeds responses, but also reduces the load

on your infrastructure by minimizing repetitive processing.

We’ve seen our customers serve as many as 75% of responses from cache, improving response time by 10x or more.

We work with our customers to optimize their caching

strategies, and we give them full control over caching

policies through our administration dashboard.

Global POPs and Geo-RoutingMore and more, application deployment and API interactions

are happening on a global scale. Likewise, an API delivery network should consist of POPs in close proximity to API consumers. Mashery maintains POPs around the world to

ensure proximity not only to application users, but also to

your API resources. Furthermore, we replicate caches close

to API consumers to achieve the best performance.

WatchdogsWatchdogs—a.k.a. monitoring and health check systems—restart

or repair inoperative components. They wake up at regular

intervals, and if all is well, they go back to sleep. If there’s a problem, they alert us and fix it. Mashery runs a complex

collection of watchdogs built from third-party tools (such as

Webmetrics and Nagios) and our own instrumentation. The

watchdogs monitor each system level: component, application,

zone, region, network, Internet, and our customer data centers.

Failover and restart of our components is automatic and dynamic.

Application-Level RedundancyOf course, it’s standard web development practice to separate

presentation, business logic, and data layers. In the cloud, the low cost of instances allows us to take “separation of concerns” one step further—by splitting business logic into discrete,

Page 22: Mashery API Management Kit

Mashery, Inc.717 Market Street, Ste. 300

San Francisco, CA 94103

[email protected]


redundant functional components that run in their own instances.

Take API traffic management. Mashery’s most important

task is keeping API traffic flowing securely and in

accordance with access policies set by our customers. To

that end, we’ve broken our architecture into three functional

components, each scaling across its own instances:

• Trafficcontroller:access,securityandpolicyadministration

• Logsmodule:dataanalysisandreporting

• Datalayer:APIaccesspolicies(databaseanddistributedcache)

The traffic controller must execute even if the data layer is

unavailable, so we’ve split the data layer into a cache and

a database. The traffic controller first tries to grab policy

data from the distributed cache; if the cache is unavailable,

the controller hits the database. This ensures that API calls

are handled quickly and dependably. Traffic continues to flow, even if the database is temporarily unavailable.

Testing, Testing and More TestingIt’s one thing to say you’ve built in redundancy and failover, but quite another to demonstrate it. Mashery customer Netflix

famously lets loose Chaos Monkey, a bot that randomly shuts

down components on the Netflix production cloud. At Mashery

we run regular drills in which we shut down system components

to make sure failover measures are in working order.

Questions or comments?

We’d love to hear from you. Please use the

contact info below to get in touch.