This article is a summary of Rafael Rocha’s presentation, head of Solutions Architecture @ Sensedia, during APIX 2019.
Why API Governance?
API Governance is becoming increasingly important as API strategies quickly grow into complex scenarios, involving different teams and business units, and being available for consumption by up to thousands of developers.
In turn, the adoption of server-based and microservice architectures, as well as integrations with ecosystems, bring even more governance challenges to digital businesses.
These challenges are also reflected in specific difficulties for several areas, that need to be addressed by the governance team:
- Operation: anticipate and solve problems quickly;
- Development: accelerate deliveries and reuse components;
- Security: apply appropriate security mechanisms for each context;
- Business: reduce time-to-market and maintain alignment with business strategy;
Beyond these specific needs, digital businesses require control without reducing agility and autonomy that drive innovation, and this control must also be context-driven, allowing a continuous and gradual evolution.
Why API Adaptive Governance?
Adaptive Governance is the ability to determine styles and governance controls required to different contexts of digital businesses.
This capability, when developed and tailored for digital strategies, has a direct impact on business critical outcomes such as:
- Time-to-market reduction, cost reduction and productivity increase;
- Risk reduction, higher security and compliance;
- Higher quality and operation control;
- Better experience for devs and customers;
To develop this capability, the API Governance Team needs to establish basic API governance pillars (policies, processes, KPIs, responsibilities, materials, tools) that enable:
- Management of the diversity of environments, contexts and team workflows;
- Guarantee of the application of security policies, best practices, standards;
- Prevention of outages and quick troubleshooting;
- Understanding of the dependencies scenario to assess impacts of API changes or failures;
- Organization of the API catalog, with documentation and versioning;
- Reuse of APIs and their alignment to business strategies;
- Tracking of real-time metrics to control and evolution of the API portfolio;
Why Sensedia Adaptive Governance?
- Advanced API catalog with attributes and detailed search;
- Visualization of dependencies and impact analysis;
- Definition of requirements and templates for publishing APIs;
- Automatic policy enforcement and workflow creation;
- API Interface Completeness Score;
- Configurable and preventive alerts;
- Timeline of changes (audit);
These features go with governance-related funcionalities already native to Sensedia API Platform, for instance:
- Customizable real-time dashboards with business and technical metrics;
- Configuration of access plans and application of security mechanisms;
- Complete logging & tracing (with payload logging and additional data);
- Creation of teams, roles, permissions and environments;
- Version and deployment control, automatic creation and update of documentation;
- Dev portal for publishing and organizing APIs;
In addition to the Sensedia Adaptive Governance module, Sensedia’s consulting team has developed an API Governance playbook to support its clients in building an API Governance Team and in several activities like defining governance models, policies, standards, security mechanisms, KPIs, impact analysis, prioritization, workflow configuration … – to ensure control and evolution of your digital strategies with APIs.
Want to know more?