API Connect: End-to-end solution example

This example summarizes the concepts relating to the creation and use of APIs in the API Connect on-premises solution. It depicts the workflow and highlights some of the default roles for the tasks completed during the API lifecycle.

The following diagram shows an example of the workflow steps that are completed by the provider and developer organizations.

API lifecycle actions for API providers and API consumers

Action: 1

Cloud Owner icon Cloud Administrator icon The minimum requirements for an on-premises API Connect solution consist of one Management server to manage and analyze APIs, one Gateway server to direct API traffic, and a server to host the Developer Portal. As a Cloud Owner or Cloud Administrator, you gather a collection of Management, Gateway, and Developer Portal servers to create clusters to load balance and isolate traffic. A cluster has a single network address through which you can access its capabilities.

Action: 2

Organization Manager icon Organization Owner icon With the infrastructure in place, Organization Managers and Organization Owners can manage organizations of users who create APIs, provider applications, and associated Products. Users belong to one or more provider organizations and individually or collectively work on the APIs or applications that belong to the organization. Project teams, departments, and company divisions are all examples of groups of users that might be members of the same provider organization in API Connect.

Action: 3 4 5

API Developer icon Once defined as a user in a provider organization and assigned access permissions, API Developers (who might be assigned more than one role) can design, develop, and test APIs, and associate them with Plans and Products. As an API Developer, you specify policy settings to limit the usage of the APIs exposed by the Plan. You can define a single quota policy that applies to all the API resources accessed through the Plan, or you can define separate quota policies for specific API resources. You can also define policies on API resources to configure capabilities such as security, logging, routing of requests to target services, and transformation of data from one format to another. Such policies control aspects of processing in the Gateway during the handling of an API invocation, and are the building blocks of assembly flows. While developing and maintaining APIs, you can also create separate deployment targets called Catalogs for testing and production. Each Catalog is associated with a specific Developer Portal and endpoints. If you have administrative privileges, you can restrict deployment access to a Catalog and require actions, such as approving deployment of new API versions.

Action: 6

Product Manager icon To control access to APIs that are ready for publication and ready to be included in applications, a Product Manager defines and manages organizations of users who own developer applications and call published APIs from these applications. A developer organization is assigned an owner, and might represent a business partner, or a group of internal or external developers. Developer organizations can also be grouped into communities to which one or more APIs (in their containing Plans and Products) can be collectively published. As a Product Manager, you manage access to APIs, manage the relationship between the provider organization and developer organizations, provide support to application developers when needed, and analyze API usage.

Action: 7 8

API Administrator icon After APIs are created and successfully tested, an API Administrator publishes one or more Products to expose the APIs on the Developer Portal for discovery and use. APIs are included in a Plan, which is contained in a Product, before being published, and can be published to one or more developer organizations, thereby restricting visibility of the API. Only application developers in the specified organizations can see the API on the Developer Portal and obtain application keys to access it. The API Administrator is also responsible for managing the lifecycles of Products and their associated APIs, and uses analytics to track API usage and determine whether an API is fulfilling its intended purpose.

Action: 9

Developer Organization Owner icon After a developer organization is created, its designated Developer Organization Owner can invite other users to join the developer organization so that they can access the Developer Portal and use the APIs that have been made available to the developer organization. The Developer Organization Owner or another user with relevant access can also configure the Developer Portal site; for example, customize its appearance, create and control forums, post blog entries, and configure blogs.

Action: 10 11 12

App Developer icon After a Product is published, authorized App Developers gain access to its APIs by registering applications to access the Plans in that Product. An application developer uses the Developer Portal to browse for a required API, subscribe to its associated Plan, and then includes the API in an application that can subsequently be deployed to a device.

When the API is invoked from the deployed application on a device, a sample request/response flow of the API Connect runtime interactions might be as follows:

The device user opens the application, which then issues the API request.
The request is handled by the Gateway (which performs load balancing and security validation for all API requests) and the API runtime:
1. The Gateway validates access policies with the API Manager and invokes the API.
2. The API runtime executes the API and obtains the data payload from the back-end system.
3. The API response is sent back to the Gateway.
4. The Gateway forwards the response to the calling application.
5. The Gateway reports usage metrics and analytics to the API Manager.

All members of the developer organization can optionally view API analytics information relating to individual applications or the entire organization.