Contact Us
Use of cookies

We use cookies to make the website optimal and to continuously improve it. By continuing to use the site, you consent to the use of cookies. Please refer to the privacy policy for more information.

Ok

Subscribe

digitalML Blog: The Key to the Intelligent Enterprise

  • API Strategy
  • Banking and Payments
  • Innovation
  • Insurance and Healthcare
  • IT Modernization
  • TechTrends
    • Generic selectors
    Exact matches only
    Search in title
    Search in content
    Search in posts
    Search in pages

    API Management Implementation – What Works

    November 28, 2018

      |   Reading Time: 2 minutes
    In Part 1 of this series, we discussed the lessons learned from a large insurance company during their implementation of an API Management Program. In this post Simon discusses what they found to work well during that journey. 
     

    Decisions and steps we have taken that have proven to be effective in implementation of an API Management program:

    1. Define security models upfront

    Security policies should not be invented on the fly by each API designer. In our case we identified a limited set of security policies which we wanted to support, and the API designer selected from that list. This has resulted in a consistent and reliable security implementation.

    2. Automate publication to the Dev Portal

    The design platform, as the system of record for API data, is the logical point from which information can be published to the Developer Portal. We elected to do this once the API reached a specific lifecycle state. This allowed us to automate the creation of entries in the Developer Portal with API descriptions expressed in Markdown, and with request and response examples presented in the portal along with the OpenAPI specification. By mapping the API in the design platform to various taxonomies we were able to control the layout out of the API in the portal.

    3. Adopt standards for completeness

    Our initial experience with the design platform led us to realize that the API designer was unlikely to fully define the API, especially to the degree necessary to support automation of policies and API portal integration. We successfully introduced a self-enforced governance checklist which let the API designer validate their work, and which resulted in higher quality products.

    4. Business traceability

    Once several hundred APIs have been created it becomes difficult to understand what has been created.  To address that we represented a business capability model within the design platform and mapped each API to a part of capability hierarchy. This gives us the ability to look at a part of the business and see which APIs are supporting that function.  We similarly implemented a Journey taxonomy, for the same purpose.

    business traceability of new APIs in API Management program

    Successful implementation of an API Management program requires business traceability of new APIs


    Read on for the final part of the series where Simon discusses the opportunities that a successful API Management Strategy as well as a Holistic Abstracted Catalog unlocks for large enterprises.

    Related Posts

    About the Author
    Simon HoareSimon Hoare
    Simon is an IT professional and Delivery Consultant at digitalML. Prior to that he was a customer of ignite at a large insurance company. His career spans over 26 years, and throughout it he's held a number of senior positions, primarily in architecture. In his most recent role before coming to digitalML, he demonstrated proven success in launching, building, and growing a successful API best practice program – moving the organization from a SOA strategy to one in which they’re leveraging micro-services and API management best practices, working with everyone from API analysts to the business.