Jump to content

API management

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 74.57.228.80 (talk) at 03:49, 29 January 2024. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

API management is the process of creating and publishing web application programming interfaces (APIs), enforcing their usage policies, controlling access, nurturing the subscriber community, collecting and analyzing usage statistics, and reporting on performance. API Management components provide mechanisms and tools to support developer and subscriber communities.[1]

Components

While solutions vary, components that provide the following functions are typically found in API management products:

Gateway

A server that acts as an API front-end, receives API requests, enforces throttling and security policies, passes requests to the back-end service and then passes the response back to the requester.[2] A gateway often includes a transformation engine to orchestrate and modify the requests and responses on the fly. A gateway can also provide functions such as collecting analytics data and providing caching. The gateway can provide the functionality to support authentication, authorization, security, audit and regulatory compliance.[3] Gateways can be implemented using technologies like Nginx or HAProxy.

Publishing tools

A collection of tools that API providers use to define APIs, for instance using the OpenAPI or RAML specifications, generate API documentation, govern API usage through access and usage policies for APIs, test and debug the execution of API, including security testing and automated generation of tests and test suites, deploy APIs into production, staging, and quality assurance environments, and coordinate the overall API lifecycle.

Developer portal/API store

A community site, typically branded by an API provider, that can encapsulate for API users in a single convenient source information and functionality including documentation, tutorials, sample code, software development kits, an interactive API console and sandbox to trial APIs, the ability to subscribe to the APIs and manage subscription keys such as OAuth2 Client ID and Client Secret, and obtain support from the API provider and user and community.

Reporting and analytics

Functionality to monitor API usage and load (overall hits, completed transactions, number of data objects returned, amount of compute time and other internal resources consumed, the volume of data transferred). This can include real-time monitoring of the API with alerts being raised directly or via a higher-level network management system, for instance, if the load on an API has become too great, as well as functionality to analyze historical data, such as transaction logs, to detect usage trends. Functionality can also be provided to create synthetic transactions that can be used to test the performance and behavior of API endpoints. The information gathered by the reporting and analytics functionality can be used by the API provider to optimize the API offering within an organization's overall continuous improvement process and for defining software Service-Level Agreements for APIs.

Monetization

Functionality to support charging for access to commercial APIs. This functionality can include support for setting up pricing rules, based on usage, load and functionality, issuing invoices and collecting payments including multiple types of credit card payments.

Market size

A number of industry analysts have observed that the size of the market for API management solutions has been growing rapidly since the early 2010s. Gartner estimated the size of the market for API management to be $70 million in 2013 and to be growing at 40% a year.[4] According to Forrester Research, in the US alone, annual spend on API management was $140 million in 2014, expected to grow to $660 million by 2020 with total global sales are predicted to exceed a billion dollars by that year. The most recent market analysis, conducted by KBV Research in 2019, predicted continuing CAGR of 28.4% taking the total market value to $6.2billion by 2024[5][6][7]

    • Recommandation en faveur de l'Option 3 : Ne pas utiliser de passerelle sur site**

Dans le contexte de votre entreprise, qui envisage d'adopter le cloud conformément à un décret gouvernemental, et compte tenu de l'absence actuelle d'orchestrateur et d'expertise dédiée, la recommandation privilégiée serait d'explorer l'Option 3, c'est-à-dire de ne pas utiliser du tout une passerelle sur site et de s'appuyer exclusivement sur une architecture cloud native.

    • Avantages Stratégiques :**

1. **Agilité pour l'adoption du cloud :** En éliminant la passerelle sur site, l'entreprise gagne une flexibilité maximale pour adopter les services cloud conformément au décret gouvernemental, sans les contraintes liées à une infrastructure locale.

2. **Simplicité Architecturale :** L'absence de la passerelle sur site simplifie considérablement l'architecture, réduisant la complexité opérationnelle et les points de défaillance potentiels. Cela peut favoriser une transition plus fluide vers le cloud.

3. **Économies de Coûts Potentielles :** En se libérant des coûts associés à une passerelle sur site, tels que la maintenance et la gestion de l'infrastructure locale, l'entreprise peut réaliser des économies potentielles à long terme.

    • Précautions à Prendre :**

1. **Évaluation Approfondie des Services Cloud :** Il est crucial de mener une évaluation approfondie des services cloud disponibles pour s'assurer qu'ils répondent aux besoins spécifiques de l'entreprise en termes de performances, de sécurité et de conformité.

2. **Renforcement de la Sécurité :** En l'absence d'une passerelle sur site, une attention particulière doit être portée à la sécurité des données transitant par le cloud. Le renforcement des mesures de sécurité, y compris le chiffrement, est essentiel.

3. **Planification de Migration Progressive :** Un plan de migration progressif doit être élaboré, prenant en compte les applications existantes et leurs dépendances, afin de minimiser les perturbations pendant la transition.

    • Conclusion :**

En considération des objectifs de l'entreprise et de son contexte actuel, l'Option 3 semble offrir une voie stratégique vers une architecture cloud native. Cela nécessitera une préparation minutieuse, un renforcement des mesures de sécurité, et une planification de migration progressive. Cependant, les avantages potentiels en termes d'agilité, de simplicité et d'économies peuvent positionner l'entreprise de manière favorable pour répondre aux exigences du décret gouvernemental tout en évoluant vers une infrastructure cloud moderne. La décision finale doit être alignée sur la vision à long terme de l'entreprise et sur sa capacité à gérer une transition significative vers le cloud.

References

  1. ^ Oracle. "An Oracle white paper - A Comprehensive Solution for API Management" (PDF). www.oracle.com. Retrieved 16 January 2019.
  2. ^ "The API gateway pattern versus the Direct client-to-microservice communication". Microsoft. Retrieved 16 January 2019.
  3. ^ "API Management Market Key Company : Microsoft, Amazon Web Services, Inc., International Business Machines Corp. is Dominating the Global Industry in 2019". 21 January 2019. Archived from the original on 1 February 2019. Retrieved 31 January 2019.
  4. ^ Garrett, Owen. "Standard for Containerized Applications". Archived from the original on 2018-11-30.
  5. ^ Heffner, Randy; Yamnitsky, Michael; Mines, Christopher; Fleming, Nate. "Sizing The Market For API Management Solutions". Forrester Research. Retrieved 23 September 2016.
  6. ^ Yamnitsky, Michael. "The API Management Solutions Market Will Quadruple By 2020 As Business Goes Digital". Forrester Research. Retrieved 23 September 2016.
  7. ^ "API Management Market Size, Share & Industry Analysis Report, 2024". KBV Research. Retrieved 2020-06-12.
Retrieved from "https://en.wikipedia.org/w/index.php?title=API_management&oldid=1200254349"