wso2con usa 2017: brokerage as a service (baas), transforming fidelity brokerage technology delivery...
TRANSCRIPT
Fidelity Brokerage Technology (FBT)
- a Technology Division of Fidelity Investments
Transforming API Delivery Systems using WSO2 APIM
and ESB Technology
David P. Bonaccorsi Sr. John Marcotte Director, Architecture Director, Architecture
Fidelity Brokerage Technology Fidelity Brokerage Technology
Agenda
• Who is Fidelity • Our values, business units and history of technology innovation
• Leading Brokerage Transformation towards the new API Economy
• Evolving to BaaS - to an API Strategy with WSO2 technology
• Integrating WSO2 Components into Fidelity’s API solution
• Benefits and lessons learned
Who is Fidelity?
• One of the most diversified financial services companies in the world• A full range of products and solutions for individual investors, employers,
institutions and intermediaries• $4.3 trillion in assets under administration• Our clients:
– 20 million individuals and institutions– 5,000+ financial intermediary firms
• Over 42,000 employees: – Technology staff in Boston, Raleigh, Dallas, NH, RI, NJ
The Fidelity Organization
History of Innovation
Fidelity installs a mainframe computer—one of the first investment companies to do so
1965
Fidelity is the first to sell funds directly to individual investors over the phone
1974
Fidelity launches the first voice-activated computer response system for price and yield quotes 24 hours a day
1979 Fidelity is the first mutual fund company to launch a public website
1995
Fidelity Labs creates the first investing app for a smartwatch
2014
VR
Block Chain Digital $
Fin-TechRobo-Advisors
Fidelity’s API Evolution1999-today
Plain Old XML to/from Cobol
Mapping Engine
Internal Only
First External Gateway POX
2004
2009
External SOAP with 2nd Gen API Gateway
External REST API
Enterprise Governance Registry
Internet-facing API Store
API Ecosystem
• Build• Govern• Publish
• Discover• Examine• Prototype
• Consume
• Evaluate• Manage
• Run• Report• React
Registry: SOA Meta-Data Repository
Governance Registry Artifact Types
Allows Customer Feedback on APIs
▪ “APIs are inconsistent”
▪ “Need Improved Documentation”
Build Govern Publish
• Business & Utility Contracts• Service/API Change Notifications • Lifecycle Management• Policy descriptions• Quality/Consistency scans
Conceptual Service Inventory
Service Life Cycle
Business Driven Service Contracts✓ Business Capabilities✓ Negotiation ✓ Context Levels✓ Policy Definitions✓ Business Architects✓ Service Analysts
Service Registry•Business Capability Inventory•Brokerage Web Services Inventory •Services linked to capabilities & components•Reporting by components – track usage & legacy transition•Service code quality via Sonar integration •Service discovery APIs
Service Governance
✓ Service Contract Reviews✓ Service Architecture Reviews ✓ Service Inventory ✓ SOA driven design✓ Version Control✓ SOA Governance Board
Evolve Components
✓ Evolve legacy functions ✓ Improve SLAs✓ Improve TCO✓ Measure reuse✓ Measure quality✓ Integrate into culture
Enterprise Publisher – Supports all Environments
1. API artifact published/copied from Enterprise Publisher to Team-managed environment (“push” model)
2. Environment can be on premise or cloud hosted
3. API Store per environment to manage app provisioning and API Subscriptions
4. Dedicated Gateway instances with SVN deploy synchronization that can be scaled independently
5. Dedicated Key Manager instances for token handling that can be scaled independently
6. Dedicated database to store API policy, subscription, and permission metadata
Enterprise Store
LocalConfig
Enterprise Publisher
APIGWIDServer
APIGWIDServer
DEV
UAT , SIT , Perf
APIGWIDServer PRODAPIPUB
APIPUB
APIPUB
https://a
pipub :94 43 /services
https ://apipub :9443 /services
ht tps:// apipu b:9 443 /serv ices
APIStore
APIStore
APIStore
Internal
External
https://apipub :9443 /services
APIGWIDServerAPIPUB APIStore
SVN
SVN
SVN
SVN
APIGW
APIGW
APIGW
APIGW
LocalConfig
LocalConfig
LocalConfig
LocalConfig
Cloud
APIGWIDServerAPIPUB APIStore
LocalConfig
https://apipub :9443 /services
*
* 1 Per ENV
Ext UAT
API Store
Internet-Facing Web API Catalog for Developers who work for our business clients
Ex. Customer Management• Account Setup & Maintenance• User Management• Account Maintenance
ContractSwaggerWSDLPolicy
API Store → ‘Brokerage as a Service’
Discover Examine Prototype
Search by Filters and Tags
Solution Context Diagram (details to follow)
GW
IDS
ESBOAuthToken
BaaS Client
SSLD
MZ
Gat
eway
Publisher
Internal-facing Store
DAS
Services
SSL
Internet-facing Store
Client Tech Users
API Gateway = Traffic Manager for APIs
• Traffic Shaping from Analytics / Policy• Security• Mediation (e.g. SOAP to REST)• Consistency• Analytics Source
API Gateway→ Runtime Management
Consume
Evaluate
Manage
API Gateway / Identity Server – Overview
Ex. Token67befe161d98ca2cfd991f481ac18289
API Store
SSL
OAuthToken WSO2 Creates OAuth Token for
interactive testing in Store
Client Engineer deploys Key + Secret from Store UI to Servers
Internal or External User
BaasClient
SSL
DM
Z G
atew
ay
API Gateway / Throttle Weight
SSL
67befe161d98ca2cfd991f481ac1828
OAuthToken D
MZ
Gat
eway
BaaSClient
API Gateway / End Point Abstraction
SSL
67befe161d98ca2cfd991f481ac1828
OauthToken
DM
Z G
atew
ay
BaaSClient
https://host.intranet.com:9999/common/BrokerageAcctBal/2017/02
ESB Mediation Tier (ESB) - Transformation
2waySSLREST2SOAP
Co
re
“1234567890”
123456789
ESB Mediation Patterns – Transform / Augment
Data Analytics Server (DAS)
THIFT
API Publisher visibility
Data Analytics Server (DAS) Capabilities
A rich set of OOTB Analytics captures Operational and Historical Information using Hbase / Hadoop and Spark technologies
DAS - Throttle and Response Time
Data Analytics Server (DAS) – Usage by API
How WSO2 is helping Fidelity
•Buy (Licensing) vs. Build
•Thought Leadership
•Open Source
•Container / Cloud ready
•Expert Support and Consulting
Tips• Automate early to limit time on
environment engineering
• Think through the needs of different groups and roles needed
• Explore and understand the subscription process for internal and external applications
Thank You!