API Lifecycle Management is a term illustrating the need to manage all steps in a life of an API, from creation to retirement.
APIs are proliferating, as they are the lynchpin for digital business. The main challenge for companies is to cope with the increasing demand for new APIs by:
- Creating APIs very rapidly
- Controlling them by managing a catalog and enforcing a strong security level
- Consuming them directly or via 3rd party developers
The API Lifecycle Management approach provides an holistic view on how to manage the different stages in the life of an API, from creation to retirement.
The API Lifecycle Management diagram below represents a detailed view of the steps in the life of an API, which we are going to talk more about below.
API Creation stage:
- MODEL – Visually or programmatically specify the data needed for your API endpoints.
- Let’s assume you have an existing database that contains data you want to expose with APIs. Thanks to connectors, you can easily expose the data model and define your own API format.
- Same applies for SaaS applications which APIs you can connect to with connectors in order to turn them into your own API format.
- ORCHESTRATE – Combine and normalize data from multiple sources.
- You might want to expose an API that combines information from different underlying APIs. With the orchestration capability, you can do this easily, both in an synchronous or asynchronous way.
- TRANSFORM – Convert legacy formats (e.g. XML) to modern consumable formats (e.g. JSON).
- When it comes to connecting to the internal systems, such as the ESB, there are still many internal SOAP Web Services (XML) that need to exposed into REST APIs (JSON) for easier consumption by digital apps. A Visual Mapper allowing easy and graphical conversion between those two formats is an important tool to have.
- DOCUMENT – auto-generate docs and code-snippets for models and API operations.
- API Documentation is key for developers to manipulate them easily. But this is also a very tedious, boring and error-prone task. Having a tool that generates API documentation automatically is a big pain reliever.
API Control stage:
- DEPLOY – Instantly deploy APIs to the target environment with zero setup effort.
- In a digital world, the time between code delivery and deployment need to be as short as possible. DevOps tools accelerate this with Continuous Integration and Continuous Delivery. To manage your APIs, you need a solution that integrates very well into your DevOps strategy. For smaller projects, you even need a solution that comes with an elastic runtime you can deploy to with just a single click.
- MANAGE – Manage access to API and protect quality of service via rate limiting and SLAs.
- The more APIs you have, the more unmanageable they get. You will feel very quickly the need for an API Catalog you can browse easily and where you can manage the publication state of your APIs (unpublished/published/deprecated/retired) and their versioning. The API Catalog should also contain rate limiting settings (to protect your internal systems against high traffic peaks coming from API usage) and SLA enforcement.
- SECURE – Establish and enforce enterprise policies for security and firewalling APIs.
- SCALE – Auto-scale infrastructure up or down to run your sever-side apps.
- The Web traffic is unpredictable and very variable. You need an infrastructure that adjusts automatically with the traffic, with no manual intervention needed.
API Consumption stage:
- PUBLISH – Market to internal groups, partners or the general public via a central API catalog.
- APIs from the API catalog are published into an API Developer Portal to be easily consumed by developers.
- There are 3 types of APIs, requiring different settings for your API Portal:
- Private APIs – the ones for internal use only
- Partner APIs – the ones for a specific set of partners only
- Public APIs (aka Open APIs) – the ones available to anyone.
- Those API types need to be managed differently, for example partner APIs require you to have a partner onboarding process in the solution.
- The marketing aspect shouldn’t be neglected. An Open API Portal will require an attractive branding and also promotion through the different marketing channels.
- DISCOVER – self-service access for developers to browse APIs, their attributes and documentation.
- The API Portal is aimed to be available in self-service. Developers should be able to connect 24/7 and experience a smooth navigation with documentation, Q&A and support widget if help is needed.
- Before using an API, developers prefer test it first, so your API Portal should offer an easy try-it feature.
- INVOKE – Execute API operations or out-of-the-box MBaaS services from a client app.
- To use APIs, developers get an automatically generated from the API developer portal and can then integrate those APIs into their code with help of an API SDK for their favorite development language.
- To accelerate your mobile app development, out-of-the-box MBaaS services are a great to have available in your API Portal.
- MONETIZE – Track utilization and apply rate plan policy to generate API revenue.
- API monetization is a complex topic. Most of the time, APIs are offered for free because they represent a new way of making business and the business value doesn’t reside in the API itself but in what it represents in terms of larger outreach and new market share.
- But in some cases, companies might want to monetize their APIs because their underlying data is part of their business. A good example is the Data as a Service Dun & Bradstreet project using Axway API Management solution.
- You can see on the API Lifecycle Management diagram above a circle in the middle named “Analyze”. This position in the middle means that API Analytics are paramount across the full API lifecycle management.
- Why? Simply because you can’t control nor improve what you can’t measure.
- Embedded Analytics for API Management are a must have when you want to manage your growing number of APIs.