Below are some best practices to follow when creating and managing your APIs.
-
You must have Developer mode enabled to use the API manager.
-
Your API management resources are kept for at least 30 days, based on your account's data retention policy.
-
Only Account owners or Account administrators can view and push APIs to the API manager.
-
You can access the console by navigating to Tools → API manager.
-
Only edit your API in the APIM console. Navigate to your Resource menu in integrator.io and select Import or Export, open the Actions (…) menu and click View in APIM. There, you can edit the name, version, and description (among other things).
-
Plans and policies:
-
You can update your plans and policies in the API manager and publish them to the developer portal.
-
-
Rate limiting:
-
Implement rate limiting to prevent API abuse. Define reasonable limits on the number of requests a client can make within a specific timeframe. Add a rate limit policy in the Policy Studio in the API manager.
-
-
Caching:
-
Utilize caching mechanisms to store and reuse responses for common requests. Caching reduces the load on your backend servers and improves response times.
-
-
Optimized Responses:
-
Return only the necessary data in API responses. Avoid sending unnecessary fields to minimize response size and improve performance.
-
-
Versioning:
-
Always version your APIs. Versioning helps maintain backward compatibility when you make changes to the API in the future. You can clone, edit, or push a new version of your documentation.
-
-
Clear Objectives:
-
Define the purpose of the API clearly. Understand what problem it solves or what functionality it provides.
-
-
Clear Documentation:
-
Document the API thoroughly, including endpoints, parameters, request/response formats, error codes, and sample requests. Clear documentation helps developers understand how to use the API correctly.
-
-
OpenAPI specifications (OAS):
-
If integrator.io doesn’t automatically create the OAS, you can create it on the Documentation page in the API manager.
-
Verify every OAS before publishing it to your developer portal, even if they were created manually.
-
In the API manager, if you add or update a plan, change the response schema, or make other changes requiring updating the documentation, you will need to manually update the OAS on the Documentation page.
-
-
Usage Analytics:
-
Implement usage analytics to track how the API is being used. Analyze usage patterns to make informed decisions about future improvements. Specific analytics include:
-
Response statuses, top endpoints, availability, response time, and API call volume.
-
-
-
Error Tracking:
-
Set up error tracking and monitoring tools to receive alerts for API errors. Proactively address issues to maintain high availability.
-
-
Resources used in a flow should not be directly pushed to your API manager. Instead, clone the resource and then push it to your manager.
-
Do not edit your resources after they’ve been created since this can change the API contact for your users.
-
Add a “Do not modify” warning to your resource’s name so it’s not edited in the future.
-
Notice
Slack Channel export – Do not modify
-
Implement strong authentication mechanisms, such as API keys, OAuth, or JWT tokens. Ensure that only authorized users or applications can access the API endpoints.
Perform integration tests to validate interactions between different API endpoints. Test common workflows and edge cases to identify potential issues. You can test through the developer portal or using Postman. There’s also a debugging page in the API manager.
Comments
0 comments
Please sign in to leave a comment.