Five essentials to keep web APIs from running amok

Web APIs are proliferating across enterprises like wild weeds -- time to get a handle on how APIs are designed, distributed and renewed

Today's enterprises are growing digital from end to end, connecting out to the Internet of Things, and built on cloud, so the tried-and-true approaches to IT management may no longer be enough to keep things functioning as they should. Many organizations are now building up their processes with web application programming interfaces (APIs), and as these multitudes of services proliferate and criss-cross across the enterprise, you risk utter chaos.

That's why it's time to marshal your management skills and resources to get a handle on how APIs are designed, distributed and renewed. In a new post at Service Technology, Vijay Alagarasan, principal architect for the enterprise architecture and strategy department at Asurion, outlines a number of prime components and management considerations for APIs that will help accomplish this. Here are five key examples:

API gateway: Alagarasan describes this as the "logical and physical entity that sits between consumer and provider (back-end services)." This is a vital piece since service providers are essentially invisible or unknown to end users, he adds. Not only does this gateway support Web APIs transactions; but it also mediates SOAP, JMS, XMPP, AMQP, and WebSocket services, he adds. "Key capabilities that it provides include, but are not limited to, the security, transformation, throttling, caching and routing."

API developer portal: Alagarasan says this is developer's self-service portal through which they can publish their APIs, as well as access "API key management, consumer/user management, subscription management, API discovery, API lifecycle and API documentation." Documentation is especially critical, as it helps in the creation and management of services going forward.

API analytics: Metrics are vital to understand consumption trends, and help with decisions about (or automatically trigger) appropriate capacity.

API lifecycle management: Alagarasan incorporated this into the developer portal, but it's important enough to stand alone as a key management component. As he describes it, it's important to "define API maturity model and lifecycle stages with clear metrics that need to be obtained in each stage." In addition, part of the lifecycle is to keep developers informed of new API versions as they are designed and released.

API development user interface: This interface includes the built-in policies essential to service delivery, Alagarasan says.