Hi peers,
I work as Enterprise API Architect at a retailer company with 10,000+ employees.
I would like to discuss the following: What should be the key focus areas of an API strategy of an organization?
In my POV, the key areas alongside People, Process & Technology, the focus should be around:
a) Developer experience
b) API management
c) Business alignment
What do you guys suggest?
Thanks!
Governance and Security
Especially if you are going into s hybrid deployment.
Developer experience is important. It is extremely surprising how many developers struggle with OAuth. We ended up doing video tutorials.
Not sure how much legacy you have to deal with but it is a good thing to standardize on auth patterns to simplify back-end.
As an example, we are migrating to JWT (away from LTPA or custom Lambda implementations.
This added the ability to adopt token exchange grant types for middle layers.
For integration between different API systems we do introspection.
Error code standards are important for front-end developers when you start building up a catalog of different APIs developed by different teams, BUs and companies. We gave adopted RFC7807 but this can be overridden in our API Portal.
Hi,
I will move "Business alignment" to the top of the list...
Relevant white paper: https://tyk.io/whitepapers/app...
Avi
You've asked a rather large and complex question, and there isn't a short answer to it.
My recommendation would be to look at a book - https://amzn.to/3m6cSoh . This is largely vendor-neutral and explains all the different areas I think you've mentioned. The book has been written based on accumulated experience helping organizations address your questions and others (I can attest to this as the book was written by my boss and I worked with some of the customers).
HTH