This is our project area for managing our consulting services here at Streamdata.io. While we wish that all of our customers had robust, active, and consistent APIs for us to stream, and turn into event-driven subscriptions, many are needing assistance when it comes to getting their API strategy organized. To help push forward the API conversation at the companies we are talking to we engage in regular consulting relationships, and provide workshops that help deliver knowledge around the API life cycle, and how API governance can play a role. Here are the 25 stops along a modern API lifecycle we can help your organization think more critically about.
Helping us organize the definitions used across your API life cycle. Beginning with basic descriptions of services, common schema for resources, while developing OpenAPI contracts that help define the business value an API will deliver. Complete with machine-readable tests that can be executed regularly so you can ensure each API is meeting your service level agreement (SLA).
Talking through the different ways in which API providers are versioning their API definitions, interfaces, and the SDKs, connectors, and other artifacts that are essential to your API life cycle. Keeping your APIs moving forward in a shared and organized way, so that all stakeholders are kept in sync with all forward motion.
Understanding the common approaches to virtualization, mocking, and synthesizing API resources, providing a sandbox, laboratory, and test versions of APIs, and the data they serve up. Delivering robust, production-like versions of your API resources that can be used to develop, test, and hard API solutions, before they ever enter into a production environment.
Exploring the many ways in which APIs can be deployed from the handcrafted artisan variety using frameworks, to gateways, proxies, SaaS solutions, containers, serverless, and much more. There is no single way to deploy an API, but your teams can learn to work together to deploy an API using a shared OpenAPI contract, providing consistent interfaces for use across all applications.
Understanding how developers are orchestrating the API life cycle, establishing reproducible pipelines, that employ regular builds, pre-and post-commit strategies, and other ways to orchestrate the delivery, as well as the integration of APIs across internal groups, with trusted partners, and 3rd party API services.
Understanding what a common authentication model looks like across all API infrastructure. Understanding Basic Auth, API Keys, JWT, OAuth, and other common approaches to securing our API. Maintaining proper identity and access management, while still encouraging the ease of use and integration of all digital assets by whoever is entitled to access them.
Properly serving up, authenticating against, and defining what API access looks like. Having a common API management strategy across all APIs that are made available, whether they are for your internal team, partners, or for public use. Developing an awareness of who is accessing API resources, exactly what they are accessing, and understanding what they are doing with it while measuring and quantifying the value being extracted or generated along the way.
Defining the different plans of access that will be available, requiring that ALL APIs exist within a plan, even if it is just for internal or trusted partner access. Applying limits to all API consumption, while understanding the costs associated with the delivery and integration of all digital assets across your organization.
Providing common portals, available at simple, known locations. Providing one, or potentially multiple locations where APIs can be published, and in turn, discovered and consumed. Establishing a common approach to delivering APIs across internal, partner, and public stakeholders through known locations.
Ensuring that all APIs are properly supported, providing multiple channels for your internal team, partners, and the public to consider when getting assistance during their onboarding and integration journey. Using email, phone, ticketing systems, repositories, social media, and other methods for keeping developers supported throughout this ongoing relationship.
Gathering internal, partner, and public feedback and establish an ever-evolving roadmap, communicating what changes are coming for each API. Providing API specific details on how the API will be changing, and what version releases are being planned in the foreseeable future. Including an active list of known issues, as well as the change log for what has already been done, showing the entire history for each API.
Ensuring all definitions are discoverable through a single document placed in a known location, providing a machine-readable index of API operations, as well as the details of authentication, and all APIs using OpenAPI, JSON Schema, Postman Collections, and other common API discovery formats.
Moving the discussion beyond just a request and response approach to delivering API resources, and employing webhooks, real-time streaming APIs, publish and subscribe models, and other approaches to delivering digital assets where they are needed, when meaningful events happen. Allowing API consumers to tune into, sync with, and subscribe to exactly the events they want, and receive only the data, content, and media that matters in the moment.
Quantifying, measuring, and reporting upon every stop along the API life cycle. Developing an understanding of how APIs are being delivered, establishing benchmarks for what is desirable or undesirable outcomes, and having an awareness of where ALL APIs fit into the overall governance landscape.
We regularly engage with our clients in consulting engagements, which usually end up being in a one or multiple day workshop setting, helping introduce IT, development, and business teams to the concepts involved with delivering web APIs consistently. Helping establish a structured approach to planning, executing, and evolving how APIs are delivered across an organization, providing scaffolding for teams to operate within. All of our workshops leave participants with a working framework they can take back to their operations and begin putting to use on the ground within their teams–getting to work improving and refining the API deliver life cycle immediately.