Course Overview
This three-day course covers how to design, build, manage, deploy, and secure APIs using the Apigee API platform. Learn to use policies and custom code to build API proxies, and discover how to package APIs for app developers.
Key topics include securing APIs against threats using OAuth, JSON Web Tokens (JWTs), federated security, threat protections, and traffic management. Gain hands-on experience validating and extracting payload data, calling external services, and transforming HTTP requests and responses.
Explore how Apigee powers AI-driven experiences by protecting apps from harmful prompts and responses, caching responses by semantic similarity, and managing token usage. Learn about advanced Apigee features for API management, security, and discovery.
A series of hands-on labs ensure practical experience building fully featured, secure APIs on Apigee.
Who should attend
Developers, architects, or engineers responsible for the solutioning, design, implementation, or management of APIs, API products, or digital products that leverage APIs.
Prerequisites
Familiarity with HTTP, XML, JSON, and JavaScript.
Course Objectives
- Describe the features of Apigee that are used to create and manage APIs throughout the API lifecycle.
- Describe the fundamentals of REST API design.
- Discuss API products and API product strategies.
- Describe the use cases and flows for the OAuth 2 grant types
- Discuss the Apigee platform capabilities for implementing mediation, traffic management, caching, and fault management.
- Describe how Apigee integrates with and enhances the use of large language models in AI-based APIs and apps.
- Describe advanced Apigee features that can help with API management, security, and discovery.
- Build APIs with the Apigee API platform.
Follow On Courses
Outline: Developing APIs with Google Cloud's Apigee API platform (T-APIENG-B)
Module 01: Apigee Overview
Description: This module introduces the Apigee platform, API management, and the API lifecycle.
Topics:
- Apigee overview
- API lifecycle
- Apigee organizations and environments
Activities: Quiz
Module 02: API First and OpenAPI Specifications
Description: This module introduces basic concepts of REST API design, API-first development, and Open-AI specifications.
Topics:
- REST API Design: Basics
- API-first development
- Open-API specifications
Activities: Quiz
Module 03: API Proxies
Description: This module introduces API proxies, proxy and target endpoints, environment groups, route rules, target servers, conditions, flows, and policies.
Topics:
- Apigee API proxies
- Proxy endpoints and environment groups
- Conditions, flows, and policies
- Target endpoints, route rules, and target servers
Activities:
- Quiz
- Lab: Generating an API Proxy Using an OpenAPI Spec
- Lab: Target Servers
- Lab: Route Rules and the Debug Tools
Module 04: API Products
Description: This module introduces REST API response design, API products, app developers, apps, API keys, and API product strategies.
Topics:
- API products, developers, apps, and API keys
- API product strategies
- REST API design: Responses
Activities:
- Quiz
- Lab: API Products, Developers, Apps, and API Keys
Module 05: Authentication, Authorization, and OAuth
Description: This module introduces API security concerns, OAuth, JSON Web Tokens (JWTs), federated security, and OpenID Connect.
Topics:
- API security concerns
- Identity, authentication, and authorization
- OAuth introduction
- OAuth client credentials grant
- OAuth password grant
- OAuth authorization code grant
- OAuth wrap-up
- JWT, JWS, and OpenID Connect
Activities:
- Quiz
- Lab: Using OAuth Client Credentials Grant Type
Module 06: Content, Transport, and Platform Security
Description: This module introduces content-based attacks, transport security, and protection against unauthorized access.
Topics:
- Protecting against content-based attacks
- Transport security
- Apigee platform security
Activities:
- Quiz
- Lab: JSON Threat Protection
- Lab: Regex Threat Protection
- Lab: Internal Threat Protection
- Lab: Data Masking
Module 07: Mediation
Description: This module introduces mediation concepts, including payload formats and transformation, service callouts, custom code policies, hosted targets, shared flows, and fault handling.
Topics:
- JSON, XML, and SOAP
- Mediation and service callouts
- Custom code
- Shared flows
- Fault handling
Activities:
- Quiz
- Lab: Add XML Support
- Lab: Mashing Up Services
- Lab: Call Services in Parallel using JavaScript
- Lab: Shared Flows
- Lab: Fault Handling
Module 08: Traffic Management
Description: This module introduces traffic management features of Apigee, including spike arrests, quotas, and caching.
Topics:
- Apigee components
- Managing traffic spikes
- Spike arrest algorithims
- Quotas
- Caching
Activities:
- Quiz
- Lab: Traffic Management
- Lab: Caching
Module 09: Apigee and AI
Description: This module introduces Apigee's AI capabilities and how they support the development, scaling, and securing of AI solutions.
Topics:
- LLMs, agents, and Apigee
- Securing prompts and resources
- Limiting token usage
- Semantic caching
Activities:
- Quiz
- Lab: Sanitize Gemini Prompts and Responses with Apigee
- Lab: Manage LLM Token Usage with Apigee
- Lab: Semantic Caching with Apigee
Module 10: API Publishing
Description: This module introduces API publishing, developer portals, and API versioning.
Topics:
- REST API design: Versioning
- Developer portals
Activities:
- Quiz
- Lab: Developer Portal
Module 11: Logging and analytics Description: This modules introduces message logging, Cloud Logging, and Apigee API analytics.
Topics:
- Message logging
- Apigee API analytics
Activities: Quiz
Module 12: Advanced Topics
Description: This module introduces Apigee deployment options, CI/CD tools and strategies, and advanced features of Apigee.
Topics:
- Apigee offline development and CI/CD.
- Deployment Options.
- Advanced Apigee features
Activities: Quiz