APIs: A Costly Blind Spot for Your Application
The use of APIs has gone beyond just traditional “software” companies, to organizations across industries using APIs to share information and power applications.
Join the DZone community and get the full member experience.Join For Free
APIs have taken the world by storm in recent years.
The use of APIs has gone beyond just traditional “software” companies, to companies and organizations across industries using APIs to share information and power their applications.
According to SmartBear’s State of API 2016 Report:
- More than half of API providers began developing APIs within the last five years.
- 1 in 5 API providers began developing APIs in the last two years alone.
The increased adoption of APIs brings with it some exciting opportunities.
For some organizations, APIs are the biggest revenue drivers. For example, Salesforce generates nearly 50% of annual revenue through APIs. In other cases, APIs can increase a business’s footprint and initiate collaboration. Netflix, for example, reported over 5 billion calls per day to its API in 2014.
Increasingly, more organizations are adapting 3rd party or public APIs to accelerate R&D and leverage external programming talent. For example Visa, a leading player in highly regulated payment processing industry, recently released a set of APIs that includes 150 endpoints across all Visa products and welcome partners to their API ecosystem.
Another example of a thriving API ecosystem is Fitbit. Who reportedly saved over $1 million in R&D when it opened its APIs in 2011. Since then, hundreds of apps use FitBit APIs to collaborate and innovate.
What does this all mean for you?
All of these examples highlight the incredible opportunity that APIs present. But they also show the importance of API performance. Whether a business is using APIs to generate revenue, increase collaboration, or reduce costs — they need APIs to function properly at all times.
The importance of API performance isn’t limited to organizations that provide APIs. For example, if your application depends on a third party API to complete a critical function for your users, you also need to be concerned about how that API is performing.
When an API breaks or malfunctions, your application feels the effects and so do your users.
- One-third of API consumers will consider switching API providers permanently upon encountering an API quality issue.
- 31% of consumers will report the problem externally to peers, customers, or partners.
When your application lags or crashes as the result of a problem with a third party app, your users will look to you for a solution and will associate a poor experience with your application, even if the issue is beyond your control.
Unfortunately, when SmartBear asked API consumers about the average time it takes providers to resolve an API quality issue, less than 10% said that issues are resolved within 24 hours. Nearly 1-in-4 said that quality issues remain unresolved for one week or more.
Bottom Line: Simply checking that your API is available is not enough.
If you look closely, APIs are not so different than your other online assets like websites, web applications, and mobile applications. They need to be up and running at all times, need to perform within a threshold defined by the consumer, and need to be functionally correct for all end users.
Gone are the days when performance could be measured in seconds. API performance is measured in milliseconds and simply 1/20th second of a delay could lead to unacceptable user experience and unsatisfied end user.
Functional correctness for APIs is as critical if not more as API availability. If the API doesn’t return the right data at right places, it’s as good as broken for your app.
What can you do?
First, spend the time to map out your expectations around uptime and response time.
Synthetic monitoring can be used to understand performance of 3rd party APIs before in pre-production environments. Proactively monitoring your APIs will help understanding infrastructure requirements of your APIs. This step will also help identify API’s contribution to the availability and performance of your application.
Next, address the challenges that could keep you from resolving an API issue.
According to the State of API 2016 Report, the three biggest barriers to solving API issues are:
- Determining the root cause of the issue (45%)
- Isolating the API as being the cause of the issue (29%)
- Engaging the correct person(s) to fix the problem (25%)
Addressing these challenges before an issue occurs will limit the amount of time it takes to resolve problems with your API.
Finally, you’ll want to invest in the necessary tools to protect your application from API performance problems.
Proactively monitoring the APIs you consume will help you ensure availability, performance and functional correctness of your APIs and the applications that use them. Proactively monitoring the applications for all diverse user cases will help you find and fix issues before they impact your end users. Correlating API performance with the application performance will help you improve overall application performance and isolate faulty components in case of performance degradation.
When setting up your first API monitor, there are a few important steps you’ll need to consider:
- Re-use functional tests from development: Given that your functional API tests are set up to assert and provide relevant error messages, the corresponding API monitors will have the ability to give you much more detailed error information for root cause analysis than regular availability monitors.
- Create tests that mimic your use cases: If you are mainly integrating with 3rd party APIs, need to make sure that you know about their failures before your users notice. Here it is essential that the monitors you create actually mimic how you use that API. Monitor the entire flow of your use cases; don’t just monitor the first API request; monitor them all, in sequence – just like your application uses them.
- Use a dedicated account: Many (most) APIs require you to specify some kind of credentials or access key in your requests; make sure you are using a dedicated account(s) for your monitoring, both for your own APIs and 3rd party ones.
With the right plan, you’ll be able to cover your application’s blind spot and ensure that your APIs and apps are exceeding user expectations.
Published at DZone with permission of Priyanka Tiwari, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.