A survey of more than 10,000 developers of application programming interfaces (APIs) suggests there’s lots of room for improving the overall efficiency of API lifecycle management.
The survey was conducted by Postman, a provider of a platform for building APIs. Respondents on average said they only spend a quarter of their time (26%) on the development of APIs. The rest of the time is consumed by debugging and manual testing (22%), automated testing (11%), designing and mocking APIs (11%), managing others (9%), documentation (7%), monitoring (6%) and publishing (4%). A full 70% said they are spending more time on manual testing and debugging than they thought they should.
All that time spent on manual testing and debugging may be having an adverse impact on the number of APIs that can be built, tested and deployed at a time when a transition to microservices-based architectures is requiring organizations to build and support more than ever.
According to the survey results, about a quarter of respondents (24%) work with more than 20 APIs. Well over half those employed on average (53%) are for internal use, compared to 28% employed specifically for integration and 19% that are made public.
In terms of technologies survey respondents are most excited about for the coming year, microservices (54%), containers (46%) and serverless computing frameworks (44%) top the list.
As far as the performance is concerned, survey respondents are evenly split. Just under half (48%) said they feel that their APIs do not break, stop working or materially change specification often enough to matter. However, 28% said these issues arise on a monthly basis, while 16% said they deal with these issues weekly. Another 3% said it was a daily challenge.
In terms of security, survey respondents are relatively confident: Nearly three-quarters of respondents (73%) said they feel that their APIs are “very secure” or have “above-average security.” Only 2% said they felt they were not at all secure.
It’s hard to say how secure any API is without testing it. Rebecca Johnston-Gilbert, a marketing manager for Postman, said it’s apparent more organizations are starting to address security at the design phase rather than after the API has been built and deployed. Many organizations have already adopted an API-first approach to application development that enables them to manage them in isolation from the applications they are designed to support, she said.
Among other survey findings, 73% of survey respondents said they work on a team of 10 members or less, while a quarter (26%) work on teams with 22 to 50 members. In addition, 78% of respondents have five or fewer years of experience in developing APIs.
In general, survey respondents said they would like to see improvements in the areas of documentation (64%), standardization (59%) and sample code (58%), which suggests consuming APIs is still not all that simple.
There is no doubt organizations increasingly will be applying best DevOps practices to the building and maintaining APIs. The challenge organizations face is, not only do they need to build and maintain what could soon be hundreds (if not thousands) of APIs to support microservices but also those APIs will need to be a lot more resilient as the dependencies between microservices exponentially increase.