An Application Programming Interface (API) allows two systems to communicate with one another. A API have potential to add value to business. So understanding an API and how to measure performance is the key in capturing the potential value APIs offer.
How do we design and standardize our API ? How do we control access to our API? How do we capture metrics and handle alerts?
We will try to give solutions during this conference: designing, documentation, security, logging, monitoring.
Designing: Generally during a project, the team argues about the way the JSON responses should be formatted for the API. A specification plays a big role in this case to share conventions. The goal is to increase productivity and efficiency and focus on what matters: the application. There are many approaches to designing web API from REST, GPRC, to GRAPHQL. What is the best specification for a specific project ? What are the benefits from using a specification over another (JSON API vs JSON LD for instance) ?
Securtity: For a monolith application or microservices, we have to manage security: authentication for one or several services, maintenance of the endpoints, aggregating data,..An intuitive way on a microservices architecture is to hide services behind a new service layer also known as an API Gateway. It will help us on many points: - Protect our services with an authentication layer - restrict inbound and outbound API traffic - transform requests and responses on the fly There are many solutions for API Gateway such as KONG, Apache Knox, Amazon API Gateway,... What is the best solution for our applications ?
Logging ang Monitoring: If APIs fail, your applications fail. That's the main goal behind monitoring API. APIs are critical to a host of business operations and services, but how do you monitor the service level you are getting? There are many tools suchs as Datagod, ELK Stack, .. with can help us to define performance metrics as well a event monitoring for infrastructure and cloud services.