Professional Documents
Culture Documents
1 2 3 4
PHASE
Design & Develop a Web API 2
#
Info-Tech Research Group 2
Phase 2.1: Design a web API to determine endpoints
1 2 3 4
1 Examine the Opportunities 3 Test the Web API 4 Monitor & Continuously
Web APIs Can Enable Optimize the Web API
2.1 Design a Web API
Design your web API that promotes speed of development and service
reuse.
3
Test the web API
3.1 Create test cases using model, synthetic, and scenario-based test design techniques.
3.2 Create a test plan for your web API.
Participants
Business Analyst(s)
Monitor and continuously optimize the web API Development Manager
4 4.1 Identify roles for your API development projects. Data Architect
4.2 Develop governance for web API development.
4.3 Measure the value of your web API project.
An off the shelf or custom application An API used to enable internal API consumers to
API Consumer that uses the web API. operate within the firewall of the organization.
Use a consistent, standardized method to design, build, and deploy API solutions.
INPUT
• Even though organizations plan for integration initiatives in their projects, very few have
developed a holistic approach to their integration problems, resulting in each project • Existing business
deploying different tactical solutions. process documents
• Architecture provides the footings, boundaries, definitions, and dimensions of information
and application integration with your integration technologies such as ESBs and APIs.
• Without an architectural view, it is difficult to align API integration technology solutions with OUTPUT
business drivers.
• High-level system
architecture
Instructions
1. Develop a high-level system architecture in context of developing your web API with
architectural components that apply to your organization (e.g. ESB, process Materials
orchestration, web servers, partner gateway services, data, infrastructure).
• Identify specific entities pertaining to architectural components, each unique to • Whiteboard and
markers
your organization (e.g. corporate database for data architectural component).
• Web API Design
• Identify how the APIs you are developing are connected to application
Document Template
architectural components. This will drive how your API will be designed in
exercises 2.1.2 through 2.1.7. Participants
2. Document Step 1 into the Web API Design Document Template. Giving your
developers a web API design document provides them with development guidelines on • Business Analyst
interfaces and data payloads, and also gives your operations group guidance on what to • Development
expect for performance, integration, and network connectivity components. Manager
Refer to the following slide for an example of the final output of this exercise.
Example:
Process Orchestration BPM
Legend:
Corporate
Website HTTPS
CRM Apps Web API being
Business
Web developed
Server ERP Apps
Users
Infrastructure
A focus on design is a key part of ensuring user productivity Data Model Object Representation
and a good ROI for the solution. A poor design will frustrate
developers and lead to longer development cycles or complete App Interface HTTP
abandonment of the solution. A well-designed web API will be from_resource()
• In the design stage, expect to go through several iterations before settling on a stable It is worthwhile saying that you
web API. It is more cost effective to design a web API with initial expected should develop an API with the end
functionality and include additional features once more use cases come to light. user in mind, and it’s something that
◦ Determine and document what your web API is trying to accomplish for your needs to be reinforced continually.
web API consumers. The people providing the API as a
◦ Determine what the use cases of your web API will be. Brainstorm and interview service have a certain perspective on
as many potential web API consumers as possible to determine these use cases. the technology they’re building. It’s
◦ Determine how these use cases would translate into specifications for your web necessary to be able to step out of that
API. Keep these specifications short as they will be easier to modify. Determine perspective and consider the
each specification’s appropriateness to the web API. For API specifications, technology being used to implement
categorize each specification into: (1) routines, (2) data structure, (3) object class, the clients to the API and what those
(4) methods, (5) parameters, and (6) variables. client developers are trying to
- When in doubt, leave it out. It’s better to leave out specifications that you achieve.”
are unsure of. – Ken Toole, Senior Director of
Engineering at Adobe Systems
Info-Tech Research Group 9
Run your design sessions as a product development effort
aimed at the consumer of your web API
Establish the key objectives for your web API in order to obtain the right
resourcing to deliver a suitable product.
Involve Key Stakeholders Info-Tech Insight
• A team of development and data experts need to be intimately involved at • API development is driven from the
this stage as there are many possible implementations for a given set of outside in with clear intent. What you
business requirements.
• Also, consider including the following roles:
are trying to achieve will drive many of
o Business Process Owner the design decisions and make it
o Test Lead easier for web API consumers to
understand. It is aimed at improving
the productivity of those who will
Follow Best Practices consume your API.
• Use a multi-pass design approach, where optimization is progressive.
• Conduct an ongoing cost/benefit analysis looking at the trade-offs • Don’t count on your initial API
between short- and long-term objectives. design reaching stability right away.
• Sometimes a less than optimal solution is necessary so that the overall Design efforts can continue for a long
organization benefits through standardization. time since it is an iterative process. Aim
for a minimum viable product at each
We try to provide APIs that are clear in their intent and usage so that iteration rather than trying to over-
you can avoid having clients make assumptions that are invalid. As a engineer a web API.
service provider, you have to take a bit of ownership over, “Did you
provide an API that allowed clients to do things that become • Document your changes as part of
problematic in the future, or were you very clear and explicit about an overall enterprise architecture.
how your API should be used in the design of the API itself?” This will enable discussions related to
– Ken Toole, Senior Director of Engineering at Adobe Systems impact analysis for process or system
changes to be simplified.
Use these best practices to define API requirements, use cases, and
design entities in the next exercise.
Instructions INPUT
1. As a team, define your web API requirements (business, functional, non-functional). • Web API use cases
Brainstorm the use cases of how your web API will be used by API consumers. For more from the business
information on defining requirements and use cases, and design techniques, please refer to
Info-Tech’s blueprint on Application Development.
2. Using the sticky notes and the whiteboard, define design entities for your web API based on OUTPUT
requirements. Map design entities to the requirements and use cases of your web API.
• Web API use cases
3. Document steps 1 and 2 in the Design Requirements Template.
• Design entities for
web API
RQMT RQMT RQMT
1 2 3 Materials
• Whiteboard and
markers
USE • Sticky notes
CASE • Design Requirements
USE USE Template
USE
CASE CASE
CASE
Participants
• Business Analyst
• Development
DESIGN DESIGN Manager
DESIGN ENTITY ENTITY
ENTITY DESIGN
ENTITY
• In some cases, multiple processes can benefit from a single web API.
• Use the detailed design to provide context for business use cases which, in turn, can be used to create
functional test cases for applications that make use of each web API.
Make It Happen:
• List all the business rules in a given process. This can be done by initially looking at decision points
within each process flow. You can create test cases to ensure your web API works under those
conditions.
• Determine the URI filters based on how your web API will be consumed. If, for example, most
cases only require a subset of the entire data available, don’t send all the data unless a particular flag
has been set in the URI.
• Design your web API to be consumed easily. If the API consumer is expecting JSON data, for
example, but your web API only offers XML, that will require additional development effort which could
make your web API less attractive.
Instructions INPUT
1. Map the high-level step-by-step process of the use case to show your best estimate at the
• Existing business
intent of how the web API will be used.
process documents
2. Identify where business rules exist in the process workflow.
3. Identify which business processes belong to a specific application/system. Then, identify
where web API integration is required. OUTPUT
4. Document steps 1 through 3 in the Web API Design Document Template.
• Business process
Example:
workflow
Above/Below $5,000
Budget?
Materials
Create a Get Finance Generate Email
• Whiteboard and
Campaign Approval Below Budget List
markers
• Web API Design
Above Budget Document Template
JSON
Get Additional data Participants
exchange
Funds • Business Analyst
• Development
Manager
Push Emails
Launch
Into Email
Campaign
server
Info-Tech Research Group 13
Map the relationships among data tables through Entity
Relationship Diagrams (ERD)
Use ERDs to document the relationships and understand the construction of
objects exposed by your web API.
Why is it important?
• You need to understand how internal objects are connected for maintenance purposes. Entity
relationship diagrams describe how one data set (entity) uses or points to another entity. Actions indicate
the purpose or logic behind the use of each entity.
• Your data may be coming from different systems that require customization to support your web
API. The ERD could be an abstracted view of a database and the relationships among multiple
databases which all need to be based on the same semantic understanding.
• To serve as a framework for developing wireframes and storyboards. Each entity can be an
interface with each data type as an interaction object and in which the action defines the interactions
between the wireframes of a storyboard.
How should ERDs be created and documented?
• Elicit process descriptions and make all nouns into entities, noting any hierarchical dependencies
between them.
• Begin with an end user or requirement and flush out the types of data required to support each use
case.
Instructions INPUT
1. Determine hierarchical model will be used to create your entity-relationship diagram (Class
• Documentation on
Type, Ownership, or Association).
data sets
2. Denote all data sets into data tables. Map data tables that will be specifically exposed by
the web API being developed. If you are not certain which ones will be exposed, include all
data tables that you would think would be valuable to the API consumer.
OUTPUT
3. Map relationships among data tables. This will depend on the hierarchical model used.
Make sure to define the actions between entities which will map the interaction workflow • Entity relationship
from one data set to another. diagram
4. Document steps 1 through 3 in the Web API Design Document Template.
Example:
Materials
Campaign Customer Organization
• Whiteboard and
Name FirstName OrgName markers
• Web API Design
Description LastName Address
Document Template
StartDate Role Phone
Participants
EndDate Organization City
Description Items
Availability Date
• Identifying data inputs and outputs can lead to discussions around establishing the true source of data
within the enterprise.
• It can help assess the payload necessary and provide insight into network traffic and possibly
performance issues.
• In some cases data may not be immediately available due to dependencies from other systems, which
leads to discussions around workarounds. Temporal aspects of data are documented in the data flow
diagram.
• Security restrictions should be documented in the data flow diagram including firewall port requirements
and payload limitations.
Instructions INPUT
1. In process flow-like diagram, determine how each data set relates to another using verbs • Documentation on
that are based on HTTP methods. data sets
2. For each data set, determine all associated attribute variables and function methods.
3. Identify in your data flow diagram where data integration is required. This will be where your
web API be located. OUTPUT
4. Consider the following when conducting this activity:
• Is the data read-only or can the application and users edit and modify it? • Data flow diagrams
• Which components are managed and operated by third-party providers? What is
your level of control?
• What is the taxonomy of data in your system? Is it standardized and is the data
encrypted? Materials
• How often are your databases updated? Is it real-time or periodic extract, transfer,
• Whiteboard and
and load (ETL)? markers
Example: • Web API Design
Customer Account Manager Document Template
GET Account Manager
FirstName Name Participants
POST Customer
LastName Customer • Data Architect
• Development
Role Level CRM ERP
Manager
Organization
API
Type Private Cloud
• APIs are critical components of your system architecture which provide access to native INPUT
hardware features and facilitate communication with enterprise systems, third-party
services, and other devices. • Documentation on
• By not paying attention to your API development, you risk: data sets
o Heavy-weight communication over slow mobile networks which will drive down
performance.
o App misuse due to exposed and unsecured APIs. OUTPUT
o Unavailable services because APIs do not accommodate changing end points
and fragmented data schemas. • Data flow diagrams
• Identifying potential risks associated with data exposed by your web are important when
determining the development practices that need to be used to mitigate those risks.
Instructions Materials
1. Using your data flow diagram as a reference, identify existing and potential • Whiteboard and
markers
performance bottlenecks, security gaps, integration issues, and other • Web API Design
technical issues. Document Template
2. Write your gaps on sticky notes and place them on top of your diagram.
3. Determine development-related practices that mitigate the identified risks for Participants
successful API development. Write these practices on sticky notes and place • Data Architect
them on top of the gaps on your data flow diagram. • Development
Manager
Refer to the following slides for leading questions to reveal current or potential security,
performance, and integration risks in your data flow and for an example of the final output of this
exercise.
Example:
High Payload, Data
Encryption
Legend:
Slow
Application CRM
Execution
ERP
API Risk of Data Performance
Consistent
Leak Issue
Object
Notation
Data Customers Account Manager Security Gap
Managed by Integration
Infrastructure Corp. Database Private Cloud
Third Party Risk
Solution
Customer Account Manager
GET Account Manager
FirstName Name
POST Customer
LastName Customer
Organization
API
Type Private Cloud
Instructions INPUT
1. Based on the data flow diagram created in 2.1.3, group data sets into objects. Name the
objects in plural and as nouns. • Documentation on
data sets
2. Document step 1 in the Web API Design Document Template.
OUTPUT
Example:
• Data flow diagrams
/customers with web service
objects defined
1 2 3 4
1 Examine the Opportunities 3 Test the Web API 4 Monitor & Continuously
Web APIs Can Enable Optimize the Web API
2.1 Design a Web API
Considerations
Web API API
Consumer
• Be prepared for extra development and
testing required to support the override.
Considerations
API
• Be prepared for designing your web API so Web API
Consumer
that each format can be supported. Non-
alphanumeric characters can sometimes
throw off the formatting.
Example Description:
• There are well known HTTP response
• In this example, the client side submits a bad request
codes that should be passed after a
which your web API will capture and send an error status
response has been processed.
with additional details in JSON format.
• Provide an additional payload information to
assist developers who use your web API HTTP/1.1 400 Bad Request GET /customers/cust10
during development and troubleshooting. ... ...
Considerations
• Lack of industry consistency. Facebook, for API
Web API
example, returns only status code 200 with Consumer
error messages in the payload. Twilio provides
hyperlinks in their payload to aid in
troubleshooting.
Generate documentation for your web APIs Train your team on proper design of APIs
• API Academy
• APIBlueprint
• Pluralsight
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-
3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Phase 2 Results:
• Understanding of best practices for design and development for web APIs.
• Web API design created.
Understand how your web API fits into your system architecture
2.1.1
The facilitator will walk you through the exercise of developing a high-level system
architecture to determine how your web API development project fits into your
business processes.
2.1.2 Info-Tech will facilitate discussion around how the web API should be designed
based on requirements and use cases.
2.1.3 Info-Tech will facilitate discussion on the current state of your business process and
walk you through an exercise on mapping your business processes using process
workflow diagrams.
2.1.4 Info-Tech will facilitate discussion on the current state of your data and walk you
through an exercise on mapping your relationships between data sets using entity
relationship diagrams.
2.1.7 The facilitator will walk through an exercise on how to create data collections
(objects) for web service exposure.