API Developer Portal

A free video tutorial from Rajeev Sakhuja
11xAWS Certified, Consultant, Mentor, Innovation evangelist
Rating: 4.4 out of 5Instructor rating
7 courses
83,123 students
API Developer Portal

Lecture description

Student will learn about the essential features of the API developer portal. At the end of the lecture will be in a position to decide whether to build or buy a portal for their API.

At end of the lecture student will see how easily an off the shelf developer portal (Mulesoft) can easily be customized.

Learn more from the full course

REST API Design, Development & Management

Learn the REST API Concepts, Design best practices, Security practices, Swagger 2.0/OAI, Hands on API Management

07:35:14 of on-demand video • Updated August 2020

Design and Develop RESTful API by applying the best practices & REST constraints
Create practices for API security, versioning, lifecycle management, documentation and other important aspects
Write specifications in Swagger2.0/OAI specifications in YAML format
Create an API management strategy for your enterprise
Leverage some of the common API management platforms for building API proxies (APIGEE, IBM API Connect, Mulesoft Anypoint)
English [Auto]
Airport management developable as part of this lecture, a share of some best practices and guidelines around the developer for the Airbus, at the end of this lecture, you should be in a position to decide what features of developer caudal makes sense for your apps. You will be able to decide whether to build an app developer portal or via developer. As part of this letter, I'll also walk you through to DIMOS, one for Apogee and another for me. I like to think of the developable as a one stop shop for the application developers. The application developers can go to the portal for referring to the documentation final, the initiating a request to get access to the areas and get any support they may need. It is a documentation in my discussion on Saigo specification, I showed you how you could document your APAs in the specifications document. Apart from the information that's in this classification document, there is additional information that your developers will need. For example, if you have to show a complex flaw on how the API should be invoked, then that cannot be contained within the specification document. For that, you will create a separate document and publish it on a Web page and then link it with the specifications using the external docs element in this specification. This is a good practice. It is common to see Trich feature on the dashboard for a lot of APIs that I work on, and this feature allows the developer to try to appear on the developer portal itself without needing to write the code. This is a great feature because it helps the developer understand how the API works to make things simple for the application developer and to make them more productive. The suggested that you include. Sample code and sample data on the DART board consider a scenario in which you have created an API that requires the ABDUALLAH to populate certain SCDP headers with some information. Now, there are two ways to explain the requirements to the app developer. One is the traditional way, which is by way of documentation and some illustration, and the second is by way of providing an SDK. The SDK will help the app developer get up to speed quickly without needing to go through the complex documentation. This aspect need to be considered on a case by case basis. I'm on the Wal-Mart Open API developer portal, it's a very simple portal, provides all the documentation not and the Saigo format. There are some example queries and also they're describing the parameters and then they're giving some sample responses as well. The app developer can also try out the app as not. This is more swagga like documentation. There are a couple of apps here that you can try out. For example, if I was to use the search API, I can simply provide the item here and try out. And as you can see, I received some data here. So as a developer, it's very easy for me to just try out the APIs and see what works for me. This is the world of portal, you would find that on this the not only provide the EPA documentation and try feature, but they also have as the case, for example. Right. Request you can use the SDK to add a button for your mobile applications. Before the app developer can access the apps, they need to raise a request for access to the app provider, the app provider or the app owner grants to access or denied the request. There are two ways in which this process can work. One is the ad hoc or the manual provisioning process in which there is no automation and traditional emails or phone calls are made to get the access to the API. And the other one is the automated process or the self provisioning process which is implemented on the dashboard. I'll first go through the manual provisioning process. The app developer connects with the API owner and request for the API access by way of even a phone call or by way of some kind of an internal ticketing system. The owner checks the policy for that API. If it is okay to grant the access, they generate the key and the secret and share it with app developers. This process may work in a small team for internal apps in a controlled environment. So maybe it's OK to use it for internal teams. But it is not suggested that you use this kind of a process for public or partner apps. In the self provisioning process, the app developer logs on to the death portal, looks up the apps, try out the apps, and if they are interested in any specific API, there is a request for access to the API that have portal checks. If the requested API is set up for auto approval, if it is set up for auto approval. The portal generates the key and the secret and the key and the secret are shared with the developers on the portal. If the API was set up for, let's say, manual workflow for approval. In that case, the API owner is notified about the request raised by the app developer. The API owner checks the API policy. If everything is good, the access is granted by generating the key and secret on the portal and the key and secret are shared with the app developer on the portal itself whenever possible. Try to use the self provisioning with auto approval. Let's go over some of the practices around provisioning, you must clearly define the role that will be responsible for authorization of access to the API, whether it is by way of a manual process or by way cell service, you would need someone who can take a decision on whether to authorize the access or not. Some of the EPA access policies for all of your EPA's, so when you are defining the EPA's think about who can access it and set up the policy accordingly, there may be APIs that are meant only for private use or partner use. So if there is an access request from a public developer, you may want to deny it. And this should be clearly specified on Parap basis, the final criteria for Automattic versus Manuell provisioning. So in these self-service provisioning, Mortel, you can mark the EPA's automatic or manual provisioning EPA. The idea there is that you have a set of some criteria and there are quite a few factors that can decide whether the EPA should be automatic or manual. Some examples of those are criteria, the sensitivity of data, highly sensitive data. You would want to make sure that every EPA request is looked at before it gets approved. So you will pocket as limited capacity in the back. And you don't want everyone to start using the EPA because you may have some constraint and the resources on the backend. You will decide to categorize your app developers in some kind of a trustee system, and then you can use the of your system to decide whether to approve the request or not. If the EPA is for internal use only, then it is suggested that you do not publish on the portal to avoid these kind of requests coming to you, which you anyway will not draft. I want the Twitter defago, and I'll demonstrate to you how you can register on the portal for accessing the Twitter apps. So first, you have to create a new app, and once you provide all the details in the app, you will be given the clanky and the secret. So at this point, my application is creating. And now I can use the. AP, a key and the secret to invoke the restabilize for Twitter, so this was an example of the self-service provisioning where the apps are set up for automatic approval. The EPA management platform provide control on the provisioning aspect of the EPA. These are just some of the example of the platform that allow you to set up the apps for Manuell or self provisioning. Let me show you how it works on RPG, an RPG, in order to publish an app to a portal to create a product. I won't go into the details of product. I'll cover that later. In the definition of the product, you can decide if the product, which is just a bundle of apples, will be visible on the portal or not, and to who it will be visible that is controlled by way of the access. It can be internal only it can be made visible to users who have been explicitly authorized for viewing the EPA. What can be public, which is any registered developer, can view the key approval is where you said whether the approval will be automatic or manual. The benefit of using the app management platform is that you can control the visibility and provisioning aspects of the app by way of configurations. And the other one is that the runtime and the dashboard are integrated. As an Apio provider, you will need to support your apps, the portal is the one stop shop for all support needs that your application developers will have. There are multiple factors on which the level of support will depend. The first one is internal only if your APIs are internal only the app developers may be supported by way of internal ticketing system. You may not need to have a very elaborate dashboard, but if your APIs are public or monetized, then you have to provide quite a few things on your death order to support your app developers. Here are a couple of ideas you need to provide guidance on how to solve common problems. So and if you need to provide best practices, provide a contact form, provide a bug reporting form with the app developers can report bugs. Now, once your apps have become popular for to Dolapo community use social media, for example, or Twitter, you can use Facebook, provide a forum on the dev portal itself where the developers can solve each other's problems and discuss the best practices. Last but not least, have the exports from the API provider to write some blogs and publish them on the dashboard of. Twitter has a thriving Dolapo community. This is the website for the developer community. They have this Twitter account where you can subscribe to to get the tweets for the developers. They have these Twitter developer communities, they have developer forums and they organize these events that you can attend. So this is an example of an excellent community which revolve around the apps for Twitter. Not a million dollar question or that portal is just a Web application, should you be building it or should we be buying it? The answer is it depends on your budget and the nature of is that you are publishing your roadmap. I'll just share some thoughts with you on the buy versus build decision for the world option perspective. If you are looking for a simple dark quarter, which is just informational, then you can simply publish the documentation generated from cyber. You don't really need to have a very feature that call for self-service provisioning, though. You will have to create a workflow or you will have to adopt a manual workflow that I described earlier. From the buy option perspective, most API vendors are providing their product with the dashboard, which is integrated with the runtime. These products also support the look and feel customization so you can change the dashboard or to look like your other website or customize to a point that the developers, the app developers will not know whether they are interacting with the dev portal that was created by you or is off the shelf product. Some of these portals also allow you to extend to include the features such as forums, blogs, etc.. Next, I'll show you a very short demo on how much soft support customization of Blackwater. So this is a short time just to give you an idea, I'm on the mules of management portal. And in one of the earlier lectures, I created an app called Acme Travel using the Ramlal specification to add a portal to the. Achmad travel epper, so here, as you can see, it says, create a new portal or create a new portal and. In this, you have couple of choices, I can make it public, I can select a team and I select a team, I can actually select an image that I want to use for my app portal. So change the image. Now, I can also change the team. Here are all the colors that I can change. And now I have my image. So let's updated. Next thing is, I need to add the references to the API, so let's go ahead and add some references. Let's go ahead and test him. And here is our that call. And you can see the apps. So that's how you can customize the portal in this lecture. I covered the topic of developer portal. A developer portal enhances the productivity of your application development. There are three elements of developer portal plus. One is the documentation of the EPA, along with the Triad feature samples as dickeys. Next one is the self-service provisioning, you can automatically provisioning process for your apps by using a deferent. Support you need to provide support for APAs must have the use best practices, and once your APIs are popular, maybe create a developer community on your forum. Most of the management products come under with a developer program, and these developer codes can be customized and can be extended, consider investing in an efficient management solution that provides enough water.