Api Product Manager
API Product Manager#
API as a Product#
Product Concept -> Product Development
Product release must be monitored
API’s will eventually need to be retired
API are visible actionable part of problem solving
Components of an API#
- Usability Aides
- Engagement
- Interface
- Analytics
- Learning Aides
- Visibility
API Management - Manipulate and engage the product control for the resource being accessed
API Manager for manager to view and monitor usage
Data and services can let external actors use the API to expand their business
API needs to be managed along the full cycle
API publishers can break consumers with slight alternations
With a significant amount of API Users, it does not matter what you promise in the contract: all observable behaviours of the system will be depended on by somebody - Hyrum Wright
proto-api’s: ETL, file transfer and application integration (batch mode)
Key capabilities of API Management platform:
- Accelerate mobile and IoT development
- Unlock the value of customer data
- The ability to integrate and create API’s
- Ability to secure the Open Enterprise
Private APIs may be distributed publicly but the interface itself is not public
API as a Product: Deployment and Publishing#
capabilities in the enterprise:
- secure data
- application portfolio
- ID/authentication
- Reporting and analytics
capabilities outside the enterprise:
- Internet of things
- Mobile
- Saas/Cloud solutions
- Partner Ecosystems
- External Developers
Integrate and create API’s:
- Easily integrate SOA, ESB and legacy applications
- Aggregate data including NoSQL
- scalable cloud solutions
- live business logic
Accelerate IOT development:
- Simplify and control developer access to data
- Build a wider partner or dev ecosystem
- Leverage tools that reduce mobile app delivery time
IT governance considerations:
- Development: Dev Ops
- Application architecture: Microservices
- Deployment and Packaging: Containers
- Application infrastructure: Cloud
API Gateway:
- Live runtime capability
- API traffic management and enforcement
Hybrid API management:
- Separate of design time and runtime
Benefits of Hybrid API management:
- fast time to market
- integrate to your IT assets
- Optimised for performance
- Best-in-class security
- Microservices enabler
- Low TCO (Total cost of Ownership)
API management as a service:
- API registration
- API discovery
- API Docs
- API Access control
- Analytics
- Developer Management
- Monetisation
If an organisation is accessing internal corporate info from inside the network - it is best to stay inside the network for API management
API Documentation and Learning Aids#
Documentation makes it easier for people to use and understand
Instructions on how to use and integrate with an API
Documentation for developers, machines or API designers
For Humans#
- Visual style
- Include: Structure, navigation and visibility
Parts:
- Title
- Version
- Host/path details
- Resource description
- Onboarding registration process
- Subscription/consumption instructions
- Security Info
- Usage dashboard
For Machines#
Formats that have disappeared from usage:
- WADL
- RAML
- API (Blueprint)
OpenAPI has emerged as the defacto standard for API specification documents (Swagger)
OpenAPI schema is based on the json schema standard
For API Designers#
- Create a style guide
Contents of style guide:
- URL naming
- Methods supported
- Error messages
- Status codes
- Representations - currency, time
- Special features - pagination, filtering
- Use of Links
Content model#
template model for uniform API documentation
- Discovery
- Concepts - what do novice users want - the minimum required to make a successful call. proficient users want the basic rules and recommended way to consume the API
- Usage / tutorials - common needs and goals, steps, actual user scenarios
- Cautionary
- Troubleshooting
- Reference
- Example
advanced concepts:
- Edge cases
- Special controls for power users
Special rules:
- pricing
- terms of usage
- data privacy
- frequency of change
Make it difficult for developers to make mistakes
Snippets:
- demonstrate a small part of the api
- use familiar programming languages
- show the request and response
- are located in close proximity to the information being demonstrated
level 0: Implementation
level 1: Reference
level 2: Examples
level 3: Conceptual
level 4: Interactive - try it out
level 5: Predictive and Adaptive
API as a product: DevOps Scalabilty and Evolvability#
Devops - development and operations
Single team can maintain application and operate
Enhance the speed and quality of software through continuous workflow
continuous deployment pipeline
- Continuous development
- Continuous integration
- continuous testing
- continuous monitoring
decrease development cycles and increase automation
Leverage the cloud
Scale and evolve:
- Leverage existing assets in the API
- Provide continuous testing, monitoring, integration, delivery and deployment
- Automate change management
- Use microservices to quicken development
Focus on horizon open communication with developers working with external developers
API Monitoring finds these issue:
- Checking unreachable and unresponsive API’s
- Authentication and authorization errors
- Increased Latency
- Non-200 response codes
- Improperly Formatted Data
API as a product: Devops Lifecycle#
Increase reliabiltiy, reduce support costs
Planning and Design - Codify why choices were made in OpenAPI Monitoring - availability, security, benchmarking and SLA Testing - better to do during planning Builings
Simple Up time check
Logs are the lifeblood of security practitioners
Sensitive transactions:
- API Traffic
- Server side validation
- User dwell time on application
- Application throttling