Your API Catalog Just Got an Upgrade

On September 30, we launched API Discovery, which helps you discover, monitor, and secure your APIs easily. It continuously monitors your API traffic within Fastly’s extensive Edge network to build a continuous snapshot of your APIs, keeping you aware of any new, updated, and unexpected API requests coming to your origin.

API Discovery helps you with the important first step: knowing what you don’t know. But what happens once you’ve made a list and checked it twice? We know that managing a long list of APIs can be opaque and time-consuming. The challenges fall into three main categories.

Problem #1: There are too many APIs

If you’re in charge of governing APIs for your organization, this comes as no surprise. When there are many APIs to manage, it can be difficult to find the specific API endpoints you’re looking for in a living list that may contain hundreds or thousands of entries.

Problem #2: There are new APIs all the time

Some APIs are older, and some are newer. It’s easy to get distracted by what’s new and urgent, but you can’t ignore the critical information being surfaced in the API traffic to your legacy applications or neglect to inspect traffic to your staging environments. It’s difficult to find the time to pay sufficient attention to the older APIs you need to manage when new ones are constantly piling up on top.

Problem #3: Relationships between APIs matter

APIs don’t exist in a vacuum. Understanding the connections between the applications in your organization is crucial for understanding the reality of your API picture. Simply looking at a list of what exists isn’t enough – you need to be able to interpret what you see in the context of the business you are in. For example, you might use information in the API path to understand which resources are being referenced and where they exist within another application or microservice – building a mental map of how requests are processed within your ecosystem.

That’s why we’ve developed our API Security to be intuitive, so that you can navigate your catalog of APIs, surface those less-frequently-called-but-no-less-critical APIs, and visualize how your APIs connect to their underlying resources. 

Here is an example. Someone using API Discovery might see disconnected API calls rise to the top of their Discovery table. It might look something like this:

(Figure 1: API Discovery Table View)

This is a simple roundup of API calls sorted in reverse chronological order by the timestamp of the latest matching request. It contains lots of useful information, like relative recency and navigability. This helps you target and review the most frequent API requests to origin. When you know what you’re looking for, it’s easy to find everything with the searching and sorting options. 

Sometimes, however, you need to see other relevant information. What other author-related APIs have been discovered? Do we add to royalties with the Authors API, the Books API, or in the Users API? How many v1 APIs haven’t made it into v2 yet? Is that deprecated, expensive logging API still around somewhere? Can we turn that off?

These questions touch on the relationship between your APIs and your underlying resources. This gets even more complicated when we account for the complexity of typical production environments: more hosts, more environments, more versioning, more APIs, more chaos. When you need to check on how your APIs fit into the bigger picture, you need a little more. 

That’s why we’re offering a bigger picture of your discovered APIs, which we call tree view:

(Figure 2: API Discovery Tree View)

(Uh oh, looks like we’ll have to wait on turning off that logging endpoint for now.)

When APIs are organized in a tree view, they appear within the overarching resource hierarchy. This makes it easier to navigate through the collection and make sense of the chaos, because the collection itself aligns, not with some arbitrary standard, but with how these APIs are defined, implemented, and hosted within your own architecture. Tree view simply reflects the context you’ve already built into your services and reflects the living reality of how systems fit together.

And if someone on your team implements something new outside your typical data model conventions? API Discovery will make it easy to find, because it will stand out from the rest. You’ll spot the issue quickly and address it before it becomes a major support headache.

Put simply, it can be hard to see the forest for the trees, but it’s easier with tree view.

Ready to give API Discovery a try? It’s easy to turn on with just one click. Get instant visibility, cut the noise, and keep your APIs secure – without the hassle. See it in action with a personalized demo or chat with our team of security experts to see what Fastly can do for you.