API-oriented architecture is rapidly becoming the foundation for digital transformation. It offers significant benefits. For example, it enables the creation of future-ready solutions, provides control over data exposure, enhances security, maintains consistency, and simplifies service delivery across a growing range of devices. This empowers businesses to quickly add new features and minimise time to market.
API Management with Google Apigee
When dealing with APIs, an efficient API management platform is crucial for security, configuration, analysis, and management. Google’s Apigee, an intelligent platform for developing and managing API proxies, is featured on TechRadar by Devoteam. Apigee manages the entire API lifecycle, enabling the effective and secure delivery of user-friendly APIs for app developers.
Understanding the API Management Lifecycle is key to grasping the steps involved in effective API management. Let’s explore the API Management Lifecycle and how Apigee helps businesses manage it.
API Management Lifecycle Steps/Phases
The API management lifecycle, as depicted in the image above, is a multi-step process that enables API teams to manage APIs efficiently and successfully.
Let’s delve into the details, starting with the key components of the API management lifecycle.
Design
he design phase is the crucial first step. It requires careful consideration and definition, focusing on delivering real value to consumers. The interface/contract should be designed to meet business requirements. It’s vital to create APIs that fulfil consumer needs, rather than simply creating interfaces in front of your backend. A flawed design will lead to rework in later stages.
To avoid rework, dedicate ample time to the design phase. This can involve collaboration between technical architects, app developers, and business analysts, followed by a sub-cycle of simulation, validation, feedback, and refinement.
Consider the URL design, schema, base URLs, RESTful communication, methods/verbs, request/response parameters, request/response body, authentication mechanism, and message format (JSON). Apigee supports OpenAPI specification (formerly Swagger) for sophisticated API design.
“Designing the API first provides a clear vision of the final product and how consumers will interact with it, before any code is written. It’s cost-effective, as modifying the design is easier than changing working code. It also enables collaboration and parallel development. For example, you can mock the API and share it with consumers while the backend API is under development. Once ready, connect it with Apigee for seamless deployment without impacting any apps.”
With Apigee, you can store the API design specification on Apigee Edge or in your preferred repository, such as Git.
Develop
This stage involves using the API specification to generate an API proxy. Development and maintenance are configured on Apigee Edge, which provides all the necessary features for API management. Edge is a browser-based interface where developers can create, configure, and maintain APIs. It allows for creating API proxies by editing code, tracing request flows, adding/modifying policies, handling messages, logging, rate limiting, security, analytics, configuring environments, deploying, testing, and more.
Apigee enables API proxy creation using an OpenAPI specification, saving time compared to creating an API from scratch. By reading the basepath and methods from the specification, Apigee can generate an API in a few clicks.
However, the OpenAPI specification alone doesn’t cover the entire development phase, as it only describes certain properties. To address this, we recommend an Integration Pattern document alongside the design and supporting documentation. This document guides API developers in building and configuring the API based on the pattern and API design.
While development occurs using Edge, source control and a proper branching strategy are crucial, especially for large teams and multi-environment setups. This facilitates CI/CD implementation, static code quality analysis, unit testing, integration testing, and API documentation updates.
Secure
Securing APIs is a core strength of API management. Apigee offers several built-in security features, including OAuth 2.0, API key validation, access control, basic authentication, JSON and XML thread protection, JWT, LDAP, and SAML. It also supports traffic management policies like Spike Arrest and Quota to prevent DDoS attacks.
Publish
Apigee features one-click deployment through its user interface, simplifying deployment management. Automating deployment, version control, and testing is crucial for efficient releases across environments. Apigee provides a build-deploy script for automating deployment, including environment configurations like cache, KVM, and target servers.
Beyond API deployment, Apigee offers a sophisticated way to publish APIs to a dedicated portal, Apigee Developer (Drupal-based). This portal provides Developer Services for building a customised website to list APIs, onboard app developers, and offer services like forums, blogs, and FAQs. This facilitates API administration, developer education, and onboarding workflows.
Scale
Scalability is essential to handle growing workloads and ensure uninterrupted API calls. Apigee cloud manages scalability through auto-scaling groups, handling workload peaks without requiring customer intervention.
Monitor
Continuous environment monitoring is critical for ensuring application availability. Apigee Edge’s monitoring dashboard allows operations teams to monitor API health and receive alerts about anomalies, enabling quick restoration of API service levels.
Analyse
Analytics provide insights into the performance of systems, processes, and calls. Apigee offers a comprehensive set of analytics reports, including proxy performance, target performance, cache performance, and developer engagement. This allows for analysis of proxy/target error codes and latency checks.
Monetise
While monetisation can make API calls profitable, not all companies choose this approach. Apigee’s monetisation control is flexible, allowing enforcement by developer, developer groups, pre/post plans, and variable/fixed rates.
Conclusion
For any API to succeed, certain steps must be taken. Apigee streamlines this journey with its comprehensive features. It highlights the importance of understanding and implementing these steps from the outset to ensure a stable lifecycle process.
The actors and roles involved are equally important. When each team member performs their tasks effectively, the API management platform runs smoothly, delivering rapid business gains. “Don’t be just one more, be the example to be followed.”
More about API Management
The digital ecosystem is constantly evolving. Organisations are adopting multiple channels to drive sales, create new business models, and generate revenue. This necessitates securely unlocking business assets to the outside world. The rising demand from internet business models, IoT, social media, and cloud adoption will exponentially increase the need to expose business assets through APIs.
Other relevant content
Ready to put your skills to work in a team where ideas turn into impact?