Developers and API Management
Developers and API Management
Developers need to keep themselves, and other developers in mind when it comes to developing and managing APIs.
Join the DZone community and get the full member experience.Join For Free
- Developers need to consider API management of microservices. 86% of enterprises expect microservices to be the default application architecture in five years.
Secure every API touchpoints which are usually an afterthought — they are not taken into consideration during the design phase. Security is a key element of API lifecycle management. Given that weak API security could result in exposure to critical vulnerabilities, API security must be built into the API architecture from the beginning – it cannot be relegated as that last design consideration.
- API-first design, consistency across multiple endpoints and in naming, secure without exception. Expect them to be used or discovered regardless of your intention of them being discovered or used. Use your own APIs extensively. Make sure your UI/support tools are 100% powered by your APIs. Always have a gateway in front of your services but still build security mechanisms into each service.
- 1) Traditional data models you develop for APIs differ when building against a database. Realize the data that you are creating and sending out in the world and then it comes back. You have no control over it. There are different ways of developing when you have to deal with that kind of situation.
2) APIs are still HTTP requests at the end of the day. Keeping the request/response time low is of high importance. How web 2.0 affects APIs as you start communicating over tech that’s in an always-connected mode.
- Look at API management solutions and concepts and understand why they are important. Think about problems before you run into them. Think about how to improve implementation, security, and management when you beginning a new API project. Know the current best practices of API development and management.
- The biggest challenge is understanding the full API model is an extension of the IPC model. It’s a distributed system problem, you have to think about what can go wrong, you cannot abstract away problems. Things will always break. Be able to architect a system to deal with things and gracefully degrade it is something every developer should keep in mind.
- Be able to handle any communication issues, including different responses than anticipated but also network errors (expired SSL, timeout error, DNS issues, etc). These can be quickly handled as they all come under the same kind of error ("communication error") but need to be anticipated, nonetheless. Stay informed about any changes. Most API providers issue releases notes and provide versioning to their API in order to not break their current users' integrations, but some tweaks might sometime cause a slight variation in the result that could have important consequences down the road.
- Pay attention to trends in the market. Envoy is complicated but a good way to get started. There's so much knowledge on Google and APIs and Service Mesh, take a simple application and try to play with it. Service mesh hub is everything you can imagine managing and leverage this network abstraction piece. You get the ability to debug, get visibility, canary deploy. Go to servicemesh.io and play and learn.
- Keep it simple and adopt methods like GraphQL and SPARQL. With Github, Netflix, etc. all moving to this model as well, you’ll be in good company.
- Benoit Perrot, Director of Engineering, Algolia
- Paulo Michels, E.V.P. Engineering and Co-founder, ArcTouch
- Mike Schuricht, VP Product Management, Bitglass
- Ryan Breen, Director of API Management, Cimpress
- Jorge Rodriguez, S.V.P. Product Development, Cleo
- Nick Chernets, the Founder and CEO, DataForSEO
- Amrit Jassal, CTO and Founder, Egnyte
- Valery Novikov, Co-founder and CTO, FI.SPAN
- Brian Platz, Co-CEO, Fluree
- Manoj Chaudhary, CTO and SVP of Engineering, Jitterbit
- Derek Smith, CTO and Co-founder, Naveego
- Rob Whiteley, CMO, and Karthik Krishnaswamy, Senior Project Marketing Manager, NGINX
- Mark Cheshire, Director Product Management, Red Hat
- Cyril Nicodème, Founder, Reflectiv
- Chetan Conikee, Founder and CTO, ShiftLeft.io
- Idit Levine, CEO, Solo.io
- Marc MacLeod, Founder & CEO, Stoplight
- Rob Zazueta, Director of Digital Strategy, TIBCO
Opinions expressed by DZone contributors are their own.