Welcome!

@DevOpsSummit Authors: Yeshim Deniz, Zakia Bouachraoui, Pat Romanski, Liz McMillan, Elizabeth White

Related Topics: @DevOpsSummit, Java IoT, Microservices Expo, @CloudExpo, @ThingsExpo

@DevOpsSummit: Article

APIs: A Costly Blind Spot | @CloudExpo #API #IoT #DigitalTransformation

The increased adoption of APIs brings with it some exciting opportunities

APIs: A Costly Blind Spot for Your Application
by Priyanka Tiwari

APIs have taken the world by storm in recent years.

The use of APIs has gone beyond just traditional "software" companies, to companies and organizations across industries using APIs to share information and power their applications.

According to SmartBear's State of API 2016 Report:

  • More than half of API providers began developing APIs within the last five years.
  • 1 in 5 API providers began developing APIs in the last two years alone.

The increased adoption of APIs brings with it some exciting opportunities.

For some organizations, APIs are the biggest revenue drivers. For example, Salesforce generates nearly 50% of annual revenue through APIs. In other cases, APIs can increase a business's footprint and initiate collaboration. Netflix, for example, reported over 5 billion calls per day to its API in 2014.

Increasingly, more organizations are adapting 3rd party or public APIs to accelerate R&D and leverage external programming talent. For example Visa, a leading player in highly regulated payment processing industry, recently released a set of APIs that includes 150 endpoints across all Visa products and welcome partners to their API ecosystem.

Another example of a thriving API ecosystem is Fitbit. Who reportedly saved over $1 million in R&D when it opened its APIs in 2011. Since then, hundreds of apps use FitBit APIs to collaborate and innovate.

What does this all mean for you?

All of these examples highlight the incredible opportunity that APIs present. But they also show the importance of API performance. Whether a business is using APIs to generate revenue, increase collaboration, or reduce costs - they need APIs to function properly at all times.

The importance of API performance isn't limited to organizations that provide APIs. For example, if your application depends on a third party API to complete a critical function for your users, you also need to be concerned about how that API is performing.

When an API breaks or malfunctions, your application feels the effects and so do your users.

  • One-third of API consumers will consider switching API providers permanently upon encountering an API quality issue.
  • 31% of consumers will report the problem externally to peers, customers, or partners.

When your application lags or crashes as the result of a problem with a third party app, your users will look to you for a solution and will associate a poor experience with your application, even if the issue is beyond your control.

Unfortunately, when SmartBear asked API consumers about the average time it takes providers to resolve an API quality issue, less than 10% said that issues are resolved within 24 hours. Nearly 1-in-4 said that quality issues remain unresolved for one week or more.

Bottom Line: Simply checking that your API is available is not enough.

If you look closely, APIs are not so different than your other online assets like websites, web applications, and mobile applications. They need to be up and running at all times, need to perform within a threshold defined by the consumer, and need to be functionally correct for all end users.

Gone are the days when performance could be measured in seconds. API performance is measured in milliseconds and simply 1/20th second of a delay could lead to unacceptable user experience and unsatisfied end user.

Functional correctness for APIs is as critical if not more as API availability. If the API doesn't return the right data at right places, it's as good as broken for your app.

What can you do?

First, spend the time to map out your expectations around uptime and response time.

Synthetic monitoring can be used to understand performance of third-party APIs before in pre-production environments. Proactively monitoring your APIs will help understanding infrastructure requirements of your APIs. This step will also help identify API's contribution to the availability and performance of your application.

Next, address the challenges that could keep you from resolving an API issue.

According to the State of API 2016 Report, the three biggest barriers to solving API issues are:

  • Determining the root cause of the issue (45%)
  • Isolating the API as being the cause of the issue (29%)
  • Engaging the correct person(s) to fix the problem (25%)

Addressing these challenges before an issue occurs will limit the amount of time it takes to resolve problems with your API.

Finally, you'll want to invest in the necessary tools to protect your application from API performance problems.

Proactively monitoring the APIs you consume will help you ensure availability, performance and functional correctness of your APIs and the applications that use them. Proactively monitoring the applications for all diverse user cases will help you find and fix issues before they impact your end users. Correlating API performance with the application performance will help you improve overall application performance and isolate faulty components in case of performance degradation.

When setting up your first API monitor, there are a few important steps you'll need to consider:

  • Re-use functional tests from development: Given that your functional API tests are set up to assert and provide relevant error messages, the corresponding API monitors will have the ability to give you much more detailed error information for root cause analysis than regular availability monitors.
  • Create tests that mimic your use cases: If you are mainly integrating with 3rd party APIs, need to make sure that you know about their failures before your users notice. Here it is essential that the monitors you create actually mimic how you use that API. Monitor the entire flow of your use cases; don't just monitor the first API request; monitor them all, in sequence - just like your application uses them.
  • Use a dedicated account: Many (most) APIs require you to specify some kind of credentials or access key in your requests; make sure you are using a dedicated account(s) for your monitoring, both for your own APIs and 3rd party ones.

With the right plan, you'll be able to cover your application's blind spot and ensure that your APIs and apps are exceeding user expectations.

More Stories By SmartBear Blog

As the leader in software quality tools for the connected world, SmartBear supports more than two million software professionals and over 25,000 organizations in 90 countries that use its products to build and deliver the world’s greatest applications. With today’s applications deploying on mobile, Web, desktop, Internet of Things (IoT) or even embedded computing platforms, the connected nature of these applications through public and private APIs presents a unique set of challenges for developers, testers and operations teams. SmartBear's software quality tools assist with code review, functional and load testing, API readiness as well as performance monitoring of these modern applications.

@DevOpsSummit Stories
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Addteq is a leader in providing business solutions to Enterprise clients. Addteq has been in the business for more than 10 years. Through the use of DevOps automation, Addteq strives on creating innovative solutions to solve business processes. Clients depend on Addteq to modernize the software delivery process by providing Atlassian solutions, create custom add-ons, conduct training, offer hosting, perform DevOps services, and provide overall support services.
Contino is a global technical consultancy that helps highly-regulated enterprises transform faster, modernizing their way of working through DevOps and cloud computing. They focus on building capability and assisting our clients to in-source strategic technology capability so they get to market quickly and build their own innovation engine.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addresses many of the challenges faced by developers and operators as monolithic applications transition towards a distributed microservice architecture. A tracing tool like Jaeger analyzes what's happening as a transaction moves through a distributed system. Monitoring software like Prometheus captures time-series events for real-time alerting and other uses. Grafeas and Kritis provide security polic...
DevOpsSUMMIT at CloudEXPO will expand the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike. Recent research has shown that DevOps dramatically reduces development time, the amount of enterprise IT professionals put out fires, and support time generally. Time spent on infrastructure development is significantly increased, and DevOps practitioners report more software releases and higher quality. Sponsors of DevOpsSUMMIT at CloudEXPO will benefit from unmatched branding, profile building and lead generation opportunities.