What Do You Use to Design and Manage APIs?

To gather insights on the state of integration, API design, and API management, we spoke with 19 executives who are familiar with integration and APIs and asked them, "What are the technical solutions you use to design and manage APIs?"

Here's what they told us:

Swagger

• Swagger destination auto-populates API endpoints. Loader, JMeter. We wrap and test our APIs with our own test connectors.
• Open source tools. Swagger and Rommel to document.
• Swagger is the standard for how people expose APIs. Make sure you’re able to work with any API. API lifecycle management has evolved to look at building, packaging, running, and retiring. This affects how you approach integration. Take a contract-first approach. Design the UX, web interface, and mobile experience. Define API inputs, outputs and then go implement the service. Your API must be easy to work with or the developers will work with something else.
• Swagger. Open API Swagger specification. We advocate using SwaggerHub to take API development to the next level.
• We started by exposing our Java APIs for our server products. As we grew, we exposed REST APIs that were built for specific data and use cases. We now use Swagger to define API structure and generate API documentation as part of our build process. We have heard loud and clear from our developer ecosystem that well-maintained, easy-to-use API documentation is a top priority for them when building new apps on our platform. This allows us to keep the documentation in sync with a quickly evolving code base, as well as expose microservices, which have been used for internal applications for our developer community.
• Swagger is an intuitive tool that spits out SDKs and documentation. It’s easier for developers to integrate with our system.
• First, our API backend is Java-based. Second, we use web-based technologies such as HTML, CSS, and JavaScript to allow apps and integrations to present their own UI/widgets within Flock. Third, we use a swagger-inspired code generator to add new method definitions and objects to SDKs.

Built Your Own

• We design the API first using our own technology. We look at bridge API providers but they don’t integrate workflows. We push integration with market leaders (e.g., Salesforce). We pull integration with smaller CRMs with two to 5,000 customers by providing a suite of APIs with which they can integrate.
• Most are proprietary as we are completely API based. We tackle integration with a cloud-based pipeline using Apache Kafka for integrations for publishers and subscribers.
• We support the main standards and have our own design tools for building drop to code. We implement as microservices through JavaScript.
• All proprietary and purpose-built.
• There are different aspects of API management. The authentication part, mostly based on both OAuth 1 or OAuth is dealt with in PHP. We then read most APIs with our historical backend, in PHP, and when possible we prefer to use real-time technologies such as webhooks and websockets. Posting data, however, is done via Node.js. To handle data, we use JSON Schemas, with integrated validation, to normalize all data flowing through our system.
• Stitch manages APIs. It acts as a REST API that sits on top of our housed data giving apps easy access to that data. It also makes it very easy and timely for developers to integrate with other managed services without writing backend code, but rather configuring the services they want to integrate with.

Other

• Well, first off, there’s the language we write in, Clojure! It lets us write concise, robust APIs and microservices in LISP, which run on (and can interoperate with) the JVM. Clojure is full of great ideas like immutability and code-as-data that inform a lot of our other architectural choices. We generally design APIs by declarative specification, as Clojure offers several excellent libraries to do this (e.g., Pedestal, Compojure). Whenever possible we like to make them self-documenting with Swagger, this really eases the process of outbound integration. Inside of our API boundaries we’re getting a lot of leverage out of persistent streams (e.g., Kafka and Amazon Kinesis), which allow us to perform real-time joins and persistent queries with ease.
• We use APIs to expose the tablets and fields in SAP without knowing SAP. We enable with connectivity and templates. We simplify for the citizen integrator. We look at the whole world as an API call out and connect and create to be consumed internally or externally. Creating APIs or microservices. Externally exposing to distributors, suppliers, or someone else who needs our data to run their business better. A secure gateway with integration.
• We strictly apply the REST principles in designing the API for all our products and services. JSON for data exchange format and OAUTH for authentication are standard across our APIs. We use POSTMAN to test our APIs, by acting both as a client and interceptor. We also use tools to automate the documentation for our APIs.
• Spark web-based UX filters and patterns.
• 1) B2B integration: Our cloud supports B2B integration natively. A broad range of MFT connectivity and canonical models, data formats and B2B exchange libraries are included. B2B data transformation libraries support a wide variety of protocols and industry-standard data formats. Protocols supported are AS2, AS3, ebMS 2.0 (ebXML Messaging Service), fasp™, FTP, FTPs, SSH FTP, HTTP, HTTPs, IBM® WebSphere® MQ, MLLP, OFTP, OFTP2, RNIF, SMTP, SMTPs and Web Services. Data formats supported are unstructured (Word, Excel, PPT, PDF, Star Office, AFP, PostScript, PCL, HTML), flat files (positional, nonpositional, variant files and undocumented binaries) and industry standard data formats including XML, EDIFACT, X12, HIPAA, HL7 v.2, HL7 v3, HIX, NCPDP, ACORD, ACORD XML, BAI, DTCC, IFX, FIX, FpML, NACHA, SEPA, SWIFT, ASN.1, Bloomberg, Thompson Reuters, MISMO, ISO 20022, RosettaNet, Tradeacoms, ODETTE, OAGI, OAGIS XML, TWIST, JSON. 2) Process integration: Cloud Real Time supports process integration and automation scenarios. The runtime supports WS-BPEL 2.0, WS-HumanTask 1.0 and BPEL4PEOPLE 1.0, Business Rules. Process Designer offers a simple and elegant way to support most service and process integration scenarios, including orchestration, long-living business processes, and human workflow. It includes full support for modeling, testing, and simulation. Informatica Cloud Real Time provides important process governance capabilities like support for continuous operation, configurable process persistence, registration, policy assertions, auditing, logging and exception management. 3) Composite applications: Screenflow technology is a tailored solution to extend an existing cloud application (i.e. SaaS), allowing composition of multiple services. Specifically, Screenflow targets use cases simplifying repeatable human-centric processes within SaaS solutions. For example, streamlining order process within Salesforce, taking a salesperson through guided steps and thus eliminating errors, improving productivity and delivering clean data. Screenflow also exposes the composed services/processes to mobile devices - tablets and smartphones. We also offer UI widgets and Wizards that can be embedded directly into a custom application or SaaS application. We do not expose its PaaS development capabilities to build full-fledged portals or composite apps from the ground up. 4) Integration of mobile apps: Mobile applications can be integrated with REST APIs that can be created, orchestrated and consumed with our Cloud Designer and executed in real time. Additionally, Cloud Screenflow technology can be leveraged to develop integration/orchestration widgets that can be embedded within the mobile application. The widgets’ stylesheets and other UI properties can be customized per user's requirements.

What other solutions have you observed being used for integration, API design, or API management?

Here’s who we talked to:

• Murali Palanisamy, E.V.P., Chief Product Officer, AppViewX
• Kevin Fealey, Director of Automation and Integration Services, Aspect Security
• Max Mancini, VP of Ecosystem, Atlassian
• Shawn Ryan, V.P. Product Marketing, Digital as a Service, Axway
• Parthiv Patel, Technical Marketing Manager, Built.io
• Chaitanya Gupta, CTO, Flock
• Anwesa Chatterjee, Director of Product Marketing,  Informatica Cloud
• Simon Peel, CMO, Jitterbit
• Keoki Andrus, VP of Products and Steve Bunch, Product Manager APIs and Integrations, Jive
• Rajesh Ganesan, Director of Product Management, ManageEngine
• Brooks Crichlow, Vice President, Product Marketing, MongoDB
• Derek Smith, CEO, Naveego
• Guillaume Lo Re, Senior Software Engineer, Netvibes
• Vikas Anand, V.P. Product Management and Strategy – Integration, Oracle
• Keshav Vasudevan, Product Marketing Manager, SmartBear
• Kevin Bohan, Director of Product Marketing, TIBCO
• Pete Chestna, Director of Developer Engagement, Veracode
• Milt Reder, V.P. of Engineering, Yet Analytics