APIs are at the core of application development and they are at the center of any solution architecture. APIs are there from the time when everyone started developing internet-based applications. The high-level concept of connecting the frontend and the backend application did not change much – there was always some form of interface between the frontend and backend.
So what’s new? Why are we discussing API now? – There was no better time than now to emphasize the importance of a good API management solution towards a companies success. Companies that succeed in the digital platform had a very strong foundation in API management.
APIs have evolved with different tools, solutions, architecture styles, design patterns, etc. And everyone who works on digital enterprises would agree that still we are in the process of identifying a better API management solution as a whole from ideation to development to marketing to monetizing to maintenance and so on.
What is API Economy?
Enterprises expose their digital assets and services to the outside world in the form of APIs in a secured way. It brings in revenue to the organization – Prepaid or postpaid. This digital economy in other words can be referred to as the API economy. Many times enterprises expose their digital assets and data directly or by tieing up with API providers and aggregators.
What is API management?
The end-to-end process of designing, creating, publishing, managing, monetizing APIs in a secured way is known as API management. API management within an enterprise or organization among various product teams
- Should be easy to manage
- Should be mutually exclusive of functionalities
- Should not have dependencies on each other
- Should be able to scale independently
- Must goto ‘Live’ state independently
Among many API management solutions, Apigee is a market leader. Below are some of the reasons for choosing Apigee –
- Completely backed by google
- Covers all the lifecycles involved in API management
- Constantly evolving with new features
- Easy integrations in multi-cloud environments
- Highly secure architecture
- Plenty of documentation and resources
- Established developer community to support
Quick bites on the major life cycle activities in the API management –
Develop and publish-
- The development team spends a majority of the time here framing out the API specifications, resources, methods, etc. Integrating the different services needed to serve the data back on the called request
- The digital product management team classify and group the different API and publishes the digital asset for the consumers
Consume and manage –
- Consumers create the API apps on the publisher portal depending on the needs. There are different models publishers come with for the consumers to subscribe
- Consumers create a client ID and secret key through their app created in the publisher portal. These values should be securely stored by the consumers as these are means to consume the API’s and every request counts against the rate plan
- If the secrets are compromised, the consumers can rotate the keys from the publisher portal in their app
Inspect and analyze –
- Custom reports and dashboards to visualize the data based on metrics, dimensions, filters, etc
- The different parameters help the API administrator to take necessary actions if needed
Secure and protect –
- Apigee Sense helps in identifying and alerting the administrators about suspicious API behavior
- Data masking/hiding, last-mile security by enforcing the proxy to present the credentials while calling the backend services, API keys, JSON threat protection policy, XML threat protection policy, Regular expression protection policy, and many more features can be utilized out of the box for securing the API’s
Below are the majority of the items that Apigee offers for the developers and highlighted the items on what I think API developers should know in each of these items –
Please share your experience on the API management platforms.