What is our primary use case?
The primary use case for this solution is to integrate both external applications as well as internal applications. We use some to integrate other applications, but most of them are just proxies that are for fronting the backend APIs.
How has it helped my organization?
We want to create one API to be used by different clients. In terms of management, even though the proxying of an API is not a lot of work, it is better to create a single API that can be reused. When the API version changes, you only have versioning for a single API, rather than in several places with the same capability.
Moving forward, if you change or update the version, the underlying functionality of the application needs to fashion the APIs correctly. This solution is created for the same capability. To prevent that, we just create the same API, and then we productize it and you are versioning a single API and not going back and versioning different APIs that do the same thing.
What is most valuable?
One of the concepts offered with this solution is called Productization. This concept allows you to bundle the APIs together and present them to clients as products, which allows you to configure the API with restricted access for different clients. An example of this would be Client A is granted access as read-only and able to do a few updates, whereas Client B would have full access to the APIs. You can configure different products for them in such a way that one of the products would have limited access, and the other would be granted full access. You are not creating another API, rather you are using the same proxy with limited access to the proxy. This is one of the features that has helped us a lot.
We have APIs that we use internally and externally for clients outside of our network using the cloud with a SaaS solution that needs to access our API. The same API we use internally is the same API we expose externally. The level of security is different for internal applications and for external applications. To accommodate both we use the same API but add additional security features to the APIs.
What needs improvement?
The number one area this solution could be improved is by implementing support. Support is not a part of this solution.
For how long have I used the solution?
We have been using this solution for three years, it was purchased in 2017.
What do I think about the stability of the solution?
I think that this solution is pretty stable, but when the open-source vendors upgrade their software, Apigee doesn't conform with the upgrade of the open-source vendor. They require patch releases and an upgrade for on-premises users. The component is always late.
What do I think about the scalability of the solution?
I think it's pretty scalable. Currently, we are doing about sixteen million calls per quarter. As we are not using it on a large scale, we don't usually have latency issues whatsoever. We have a clustered environment and there is little to no downtime, even when we are running patches on the operating system. We have between twenty-five and thirty regular developers that use this platform. We have four nodes in the cluster that are serving internal traffic, and then we have another four nodes for external traffic so that way we don't really require any upgrade.
At this time there is no immediate need to scale up the environment. We have four servers with four nodes in the cluster that service the internal traffic, and we have another four gateway nodes for the external traffic.
How are customer service and technical support?
The support is lacking. One of the main reasons it is lacking is because they have different applications bundled together. As an example, they are using Apache ZooKeeper and Drupal from different open-source vendors. We have two critical security updates that require support. A claim had been opened in May and did not receive any support.
Compared to other vendors that we deal with, I would have to rate this solution a five or less in terms of support.
We are currently looking for other alternatives because of some issues we are facing.
We believe that they do not want to continue with their on-premises version of the product, as they are not responsive to support cases.
Which solution did I use previously and why did I switch?
We have MuleSoft, but we are only using their ESB, not API management. Apigee is the first solution we are using for API management.
How was the initial setup?
The initial setup is not straightforward. It is very complex. They use different open-source applications in this solution. When installing this solution you have to be knowledgeable in the different applications, what the different applications do, and how they behave with each platform.
The documentation they have available is very good and available online.
Using different applications bundled together in this single product makes the maintenance and installation a challenge.
What about the implementation team?
The deployment took three months. We had many different environments including development, test, QA, and production environments. For the QA and production environments, we had both an external and an internal gateway. We did this ourselves in conjunction with the Apigee team.
Most of the maintenance is being done by two of our offshore colleagues in Chennai, India. They maintain the platform.
What was our ROI?
It's a good return on my investment. In the past, we were struggling with the way we would interface with external clients, where we would open a firewall and do many network-level configurations before we were able to open an API. Now everything goes through Apigee and we only open the first ones for Apigee. After that, all other communication goes through Apigee.
Which other solutions did I evaluate?
We evaluated three different products, including API management from Apigee, API management from CA, and MuleSoft. This evaluation was three years ago, and at that time the Apigee platform was more mature than other platforms.
What other advice do I have?
For on-premises I would not suggest this solution. Generally speaking, the product is a good one, it is matured and the features are okay. If anyone wants to use this solution they should first consider the cloud-based version.
Because the support is lacking, we would have considered a different product. I would rate this solution a seven out of ten. If the support was better, I would have given them a nine.
Disclosure: I am a real user, and this review is based on my own experience and opinions.