top of page

API Product Management

  • Aug 25, 2017
  • 2 min read

Why API

API Value

  • Strategic business asset

  • Expand the reach of your brand

  • Use with your legacy platforms

  • Develop faster at lower cost

  • Standard based APIs (REST, JSON, etc.)

API Design

Know why API is being implemented. You are designing an interface for programmers so use the app developers point of view

  • Stability and Consistency

  • CRUD - GET, POST, DELETE

  • Query Parameters

Documentation

Documentation, tutorials and sample code

OpenAPI spec (OAS)

API Versioning and Maintainence

consistency in versioning is important. it should not happen too often as it impacts developers. Companies will need to establish their own standards when it comes to versioning. A new version may be needed when

  • new fields

  • previous data is removed

embedded version no can be put in the api uri path such as get v1/domainname/

older versions should remain active and maintained for some period of time.

API Proxy Revision

wont impact API consumers. may be invisible to them. adding or removing fields that change proxy. these are backwards compatible.

impact

API Security

Authentication

  • Client ID & secret / User name and password

  • External Identities / Identity Attributes

  • Enterprise – Federation, Multi-factor authn, Risk-based authn

Authorization

  • Down to resource whether user can access that information

  • Role based, attribute based, contextual based authorization

  • Enterprise – for Web & API apps, Risk based authorization

Throttling

  • Control how much data per second a specific user can pull down in a session

  • Throttling is another type of authorization

  • Role based, attribute based, contextual based authorization

  • Enterprise – for Web & API apps, Risk based authorization

Auditing

  • Monitor and demonstrate compliance

  • Audit log

  • API Client, Identity, Web & API

API user

Flexibility Security Ease of Adoption

API Usecases

  • Retail – omnichannel efforts, mobile

  • Healthcare – interoperability with FIRE

  • CPG – loyalty programs, digital experience

  • Financial experience – retail banking apps, payments, investment opportunity

API Client Developer training

easily integrate with third party solutions

Comments

bottom of page