When the team here at ProgrammableWeb first started brainstorming the idea of this API University series on maximizing the ROI on your API, we called it “the Decision Series.” In fact, we were calling it that up until the very last minute because of how it covers so many decisions that must be made once your API journey begins.
Even as we “went to print,” we debated as to whether this was really a series about API strategy more than it was about return on investment. But, as you can see from the list of chapters and case studies below, while this series covers some strategic issues such as which service to open up first and picking business models for your APIs, it also covers key decisions that have to be made once the strategy is in place. For example, how to best engage developers and support them with great documentation and portals. And how to measure API outcomes.
Taking the plunge into APIs is not a decision to be taken lightly. One point we make in this series and elsewhere on ProgrammableWeb is how important it is to treat your APIs like you would any other product. Any time you launch a new product, it’s a major undertaking which is why no stone should be left unturned when it comes to maximizing its chances of success. In other words, driving the most return on investment. The decisions covered in this series are the ones that stand between, the success of your API, and maybe even the success of your company.
We also realize that when reading about APIs here on ProgrammableWeb and elsewhere around the Net, much of the prescriptive advice can come across as theoretical. We’re often reminded of the old saying that “those who can’t do, teach.” There are a lot of experts out there who aren’t doers but they’re somehow knowledgable enough tell others how to do it. That’s why this series also ushers-in a more formal ProgrammableWeb effort to publish case studies that use real world stories to bring home many of the core recommendations you’ll find in API University. This series includes four case studies covering Dixons, Dun & Bradstreet, Intercom, and Ziggeo, a company that was literally zigging when it decided it had to zag. Another one of our API University series on real world business strategies contains eight other case studies and, if case studies are all you want to read, ProgrammableWeb is searchable by content type; one of those types being “case study.”
Finally, like most of the articles you'll find on API University, we take the “living content” approach. In other words, we view our educational content as content that lives and evolves over time. As such, we fully expect to be updating these articles as new API approaches, ideas, and techniques for maximizing success come to light. If you feel we’re leaving out some important points, we welcome your feedback and suggestions on how our content can be improved for the betterment of the entire API community.
Part 1: Making API Decisions: Are You Connecting Business and Technical Interests?
When a business starts its API journey, it has to make a number of key decisions. Not surprisingly, at each decision point, multiple options branch out it can become easy to become confused and cautious quickly. How do you make the decisions to embark on a successful API journey?
Part 2: How To Get the Team and Support in Place for Your API Strategy
This is Part 2 of ProgrammableWeb's series on maximizing the ROI on your API. In this part we explore how to build a team that can build internal support by liaising with various business units. The article also looks at putting together the right team to drive your API strategy.
Part 3: What Data and Services Should Your API Expose First?
To mitigate risks, Raygun uses several layers of security for our APIs. All calls are done with a customer's API key and authentication credentials.
A simple first layer is to offer a "regenerate authentication credentials " option. If you choose to re-generate your credentials, the original credentials are no longer valid.
The reason this is essential to protecting your system is to prevent anyone with malicious intent gaining access to your account. For example, if a developer accidentally checked your credentials into a public repository, you're safe because that key will no longer be valid.
After authenticating your credentials, we'll then generate a time-based token for subsequent API calls, expiring after 15 minutes.
Raygun also employs an independent third party to run penetration tests (sometimes call Pen Tests ) against the service every quarter, alongside automated security tests that are run continually. As attackers become more sophisticated, you must continually invest in security.
Lastly, we undertake security training with our software team and ensure that we review pull requests before being merged, with an eye towards security concerns.
Extend your AI capabilities with MuleSoft.
Start your trial.
Try MuleSoft Anypoint Platform free for 30 days. No credit card, no installations.
Talk to an expert.
Tell us a bit more so the right person can reach out faster.
Stay up to date.
Get the latest news about integration, automation, API management, and AI.
