DOT Agencies
Important Links
*Note: Access to onboarding, technical references, and help desk requires a developer portal account and staff membership in an agency.
Developer Portal Account (Required): Simple 3-step process to access all of the developer portal content and features.
Agency Onboarding Technical Overview: Required configurations, access procedures, how to request support.
AASHTOWare Service Registration and Activation: Varies by product application and requires agency onboarding.
Architecture & Configuration
Agency use of AASHTOWare OpenAPI requires incoming and outgoing internet traffic (illustrated below) to AASHTOWare applications which may require firewall configuration. Those specific settings, procedures, and requirements are detailed in the full onboarding reference (developer account required).
AASHTOWare OpenAPI is a cloud-based solution that incorporates an API management system. This API management system includes a dynamic policy-driven gateway which acts as the API request “switchboard” for endpoint routing. The AASHTOWare OpenAPI does not host API implementations, nor does it store AASHTOWare application data. Instead, it orchestrates API requests to their proper target endpoints. API implementations are deployed to existing agency AASHTOWare assets and are then registered within the AASHTOWare OpenAPI. These API implementations require secure (SSL) https traffic between their endpoints and the platform’s gateway. The AASHTOWare OpenAPI is public-internet accessible, however, agency endpoints are only required to communicate with the dedicated gateway. The diagram below illustrates that basic architecture:
Infrastructure & Platform
The AASHTOWare OpenAPI is a 100% PaaS (platform-as-a-service)/iPaaS (integration platform-as-a-service) modern cloud architecture solution, design specifically for the AASHTOWare suite of systems. In this role, the platform behaves more like a business or enterprise orchestration system than a data repository. AASHTOWare OpenAPI uses cutting-edge hosting systems based on the latest technologies. Instead of using traditional servers or virtual machines, AASHTOWare OpenAPI is fully cloud-native: all platform resources are serverless, microservice-based, and founded in modern practices. By leveraging the PaaS/iPaaS approach, the platform is more readily aligned to current security and resource stewardship practices. Automated audits are continually conducted through the use of well-known benchmark standards, many of which are compliance requirements in government, finance, and public enterprise. Resources are isolated per agency, environment, (application) product, and any related external partners. With the AASHTOWare OpenAPI service foundation, agency application data is never stored. In key scenarios, the AASHTOWare OpenAPI functions exclusively as a connection hub. In its extensibility features, if agencies require any type of supplemental storage, that data is fully controlled by the agency, fully secured, and fully compliant with any applicable standards. Secondarily, AASHTOWare OpenAPI also incorporates a “BYOE” (bring your own enterprise) where agencies can leverage their existing resources in a truly hybrid cloud configuration – further allowing flexibility if needed.
The AASHTOWare OpenAPI quality controls extend past automated checks and include comprehensive inspections for reliability, security, performance, and (technical architecture) best practices. The platform also provides, “audit on demand” for each or all of these aspects at any time. Audit results are compiled, tracked, and referenced for historical analysis.
The AASHTOWare OpenAPI is a commercial-caliber and enterprise grade solution.