Logistics

  • 10 November 2022
  • Ashish Pandit, UCSD
  • Herman D'Costa, UCLA
  • Rupert Berk, University of Washington
  • Jon Terrones, University of Wisconsin-Madison
  • John Gunvaldson, UCSD
  • Dana Miller, University of Texas at Arlington
  • Sue-Adrie Jefthas, University of the Western Cape (South Africa)
  • jeff kennedy, The University of Auckland (New Zealand)

Notes

UCSD

  • Free the Data: including self-service data access and using policy-based and data-steward-enabled approvals to enact (new use-cases) through APIs.
  • Enable Digital Transformation: exposing business capabilities, brokering internal and external APIs seamlessly, reimagining student experience, building out a 360-degree view of customers.
  • Support Integration: exposing databases and using flat files were historically the main currency of enterprise integration and there are strong drivers to move to APIs, also providing greater reuse and also making things much easier for integration with any vendor offerings.
  • Reduce Shadow IT: balancing the challenges between "exerting control" and "empowering innovation".
  • Layers: making use of the Mulesoft three-year architecture (system, process, and experience).
  • Securing: mostly OAuth2 and also using/examining PKCE for mobile applications and some public-facing use-cases)

The University of Auckland

  • big-ticket use-cases include maturing the enterprise integration practice, building better applications, enabling low-code platforms, and opening up an innovation ecosystem
  • prioritisation is a challenge, but starting to look at the data and functionality most needed to improve the student experience and also those things required for our new Workday HCM implementation
  • restarting remains a theme here because the University has been talking about (but not connecting its digital development practice with) being API-first
  • current status is broadly as presented at a previous discussion
  • maturity remains low, with these results from the (Gartner) API Strategy Maturity Assessment, offered here as much to illustrate the five dimensions as anything else:

UCLA

  • not a specific API program at this stage
  • focus on integration (for which APIs are needed).
  • using Apogee as API Gateway | API Management
  • "digital campus roadmap" also a driver of this work
  • through the API platform, there are access requests coming through from students too, though most of these are being denied by the registrar at this stage.

University of Washington

  • reasonably well-developed approach here with centralized governance
  • Identity Registry has an API service that enables pre-registered-and-pre-approved applications to create new entries in the Identity Registry (noting that there are, understandably, not that many applications that require or earn that level of access to such a powerful API).

University of Wisconsin-Madison

  • Starting with a group from a top-down nature involving teams like Central IT, Data Stewards, Security wasn't gaining strong traction, partly because those folk weren't "in the trenches" building and using APIs.
  • New approach is broadly developer-led, navigating how to balance empowering and enabling those developers to create useful and usable APIs for the University with the policy-and-process implications around them.
  • Reaching out to stakeholders now there is the capability in place.
  • Finance and HR activities (and Identity) all coming through as domain-based APIs.
  • Building out an active community-of-practice here.
  • There are product owners for each API team.
  • For the Person API the first use-case was around the four-hundred-or-so web applications needing identity data, and then surveyed the use-cases required, and furnished those with an API, standardizing the previously-highly-variable approaches those applications were using to gain access to identity data.
  • Ancillary systems in the HR and FS domains also presented use-cases that required API-based access to the new Workday systems.

Further Information

Gartner Resources

  • Alaybeyi, S. & O'Neill, M. (2021) _Gartner’s API Strategy Maturity Model_, Gartner Research, Article ID #G00451168, archived but available at https://www.gartner.com/document/code/451168IT organizations struggle to evolve their processes for developing, delivering and managing APIs for integration and digital business transformation. Application leaders must assess and improve their API strategy using five key dimensions explained in this research.

  • Foo Kune, L. & Benjamin Bloom, B. (2021) _Maverick* Research: Pursuing a 360-Degree View of the Customer Will Destroy Your Business_, Gartner Research, Article IDG00748343, available at https://www.gartner.com/document/4003189Pursuing a 360-degree view of the customer doesn’t adhere to data privacy regulations, relies on soon-to-be obsolete data collection methods and obliterates customer trust. Instead, CMOs should prioritize data collection to focus on delivering value to customers.

ZOOM

  • 07:04:11 From jeff kennedy To Everyone: The "A" Team!
  • 07:07:03 From jeff kennedy To Everyone: Welcome, Sue-Adrie = elsewhere, we recently welcomed HEITSA into the CAUDIT + EDUCAUSE + UCISA family of higher-education IT associations contributing to the Higher Education Reference Models = https://library.educause.edu/resources/2021/9/the-higher-education-reference-models = and i hope they've found their way to you!
  • 07:08:23 From Sue-Adrie Jefthas To Everyone: The enterprise architect at our University did mention a meeting a HEITSA regarding the reference models.
  • 07:08:37 From Sue-Adrie Jefthas To Everyone: Thank you for the welcome
  • 07:13:33 From jeff kennedy To Everyone: "Free the Data" = how are the data to be freed (first) being determined? and is the end goal something like "anything a person can do through a web interface they can also do programmatically through an API"?
  • 07:14:22 From jeff kennedy To Everyone: "Reduce Shadow IT" = that comes across as a bit of a governance/reduce/control aspect, and i wonder if there is a flip-side here around "enable and empower our business colleagues to innovate safely", etc?
  • 07:21:19 From jeff kennedy To Everyone: On the 360-degree-view aspirations, i've been loving this "maverick" piece from Gartner, and the title and the abstract say enough, for those without Gartner access: Foo Kune, L. & Benjamin Bloom, B. (2021) _Maverick* Research: Pursuing a 360-Degree View of the Customer Will Destroy Your Business_, Gartner Research, Article IDG00748343, available at https://www.gartner.com/document/4003189
  • 07:24:49 From jeff kennedy To Everyone: @Herman = why are those student requests being denied?  Are the APIs built on an all-xor-nothing basis, rather than "who are you?" (for person-based access) or "what are you?" (for application-based access)?
  • 07:26:11 From John Gunvaldson To Everyone: On the API Technology and advanced use - https://www.apollographql.com/events/virtual-event/graphql-summit/
  • 07:26:27 From John Gunvaldson To Everyone: On API Growth
  • 07:26:39 From John Gunvaldson To Everyone: 1 - API’s we create and expose/promote
  • 07:27:14 From John Gunvaldson To Everyone: 2 - API’s other infrastructure exposes and we can leverage (NiFi, Airflow, APIM itself) - so leveraging other APIs hosted by our services
  • 07:29:05 From John Gunvaldson To Everyone: 3 - Campus API to API strategies (a specific use case comes to mind that we support) and some of those challenges
  • 07:37:54 From jeff kennedy To Everyone: @Jon those "ancillary systems" weren't on the chopping-block through those HR and FS implementations, they were sustained beyond those Workday implementations?
  • 07:41:19 From Jon Terrones To Everyone: @Jeff, some will indeed go away. There are many that have been identified as needing to stay, like hundreds.
  • 07:41:47 From jeff kennedy To Everyone: ^^now archived but still useful, we did an "API Strategy Maturity" assessment from Gartner, and it paints a bit of a sad picture! = the five-dimension framework has some features we are discussing here (e.g., business alignment, measures of success, enabling developers...).
  • 07:51:42 From jeff kennedy To Everyone: @Ashish = "internal" and "external" are APIs on the SaaS systems you use considered to be "internal" and APIs from other organizations considered to be "external"?
  • 07:53:47 From jeff kennedy To Everyone: @Ashish = that's a hugely-valuable document outlining your approach to APIs, and i'm seeing a mix of detail in there, with some "strategy" that would be excellent and invigorating for the top-table business stakeholders and other content in there of a more technical-architecture-directional nature like "this is how we do things here".  Between those two are some great conversation-starters!
  • 07:58:07 From jeff kennedy To Everyone: Mindful of time = there are tradeoffs in terms of data-acquisition-and-understanding workload, GraphQL demanding more of API consumers than traditional endpoint structures.
  • 07:58:11 From jeff kennedy To Everyone: ^^and trust!



  • No labels