Why do APIs Need to be Managed?
The APIs that an organization exposes contain core assets the organization would want to protect. As with the services they support, these APIs have a life cycle, need to be managed and governed, and require mediation and security at run time.
From an API provider's perspective, an API management tool is needed that enables the provider to do the following:
Maintain an inventory of APIs and their associated resources.
Publish, secure, and retire APIs according to defined service level agreements.
Onboard API developers and give those developers the ability to publish APIs on behalf of the organization.
Onboard API consumers who use the published APIs in their own applications.
Provide tiered access to APIs, for example according to authorization level.
Track key performance indicators (KPIs) to help monitor and interpret API use.
From an API consumer’s perspective, an API management tool should provide the ability to:
Browse a catalog of APIs and obtain details and code samples for a specific API.
Sign up and request and manage access tokens to download an API and its associated resources and documentation.
Test the functionality of an API.
Collaborate with other API consumers by way of forums or integration with social media.