August 2019 Release: SnapLogic API Management Updates

In this video, we will demonstrate how SnapLogic enables customers to easily create and manage APIs through a single unified integration platform. In the capabilities released in the August 2019 release, SnapLogic API Management now offers flexibility and ease of use for API Developers and Consumers with a self-service API Portal.

SnapLogic API developers can focus on the integration problem and the project at hand by leveraging SnapLogic’s 500+ strong Snaps catalog to implement their data and app integration projects.

API managers can focus on the API management lifecycle activities such as:

Creation and deployment of API proxies, Application of API policies, Monitoring API usage, and performance, Managing user management aspects for API Developer/Consumers, Performing API administration tasks such as: Determining internal/external exposure for APIs on the portal, Managing Access Control List based, API request authorization flows to provide great user experience while providing controlled access for critical APIs

And lastly, API consumers, who may be a developer or a non-developer persona can conveniently search, discover, test and consume APIs through the API Developer Portal without the need to have expertise around SnapLogic APIs or access to the platform.

To illustrate an end-to-end flow, I have created an API in SnapLogic called “API_Query_Student_DB”. Once the API is created, I will create an API proxy, apply API policies, and deploy this package onto the SnapLogic API Gateway. To achieve this, I will start with the API proxy creation wizard flow:

We will first assign a unique name to the API Proxy. Next, we will select the APIs, which could be triggered or ultra tasks that are to be bundled as part of the API Proxy. 

Next, we will select necessary values for “Discoverability” and “Approval Type.” The “Discoverability” option takes a value of either “External” or “Internal. “External option is the default option and it will make this API proxy and its content discoverable through the API Developer portal. 

API managers should select this option for mature APIs.If an API proxy is marked ‘Internal’, the proxy and its content won’t be discoverable through the API Developer portal. However, SnapLogic users can login into the SnapLogic platform to iteratively develop, test, and consume these APIs.

Next, we will choose one or more API policies from a list of policy options which are: 

Basic Authentication, OAuth 2.0 authentication, IP Restriction, Rate Limiting, Request Transformer, Response Transformer, CORS

For example, selecting a security related policy such as “Basic Authentication” or “IP Restriction” ensures that these policies get applied in addition to the security flows that may be configured at the application level.

Now, on this screen, we will review the information that has been filled in for accuracy. If everything looks accurate, we will click on the “Deploy” button to publish the API proxy on to the API Gateway that is hosted in the SnapLogic platform.

On the last step of the wizard, you can review the deployment status or download the Open API specification. The Open API specification acts as a good documentation for the API Proxy

Once the API Proxy has been deployed onto the API gateway, we can navigate to the API Manager portal to perform administrative tasks as necessary. 4:45 On the API Manager page, there are 4 tabs, each designed to help with a core administrative task meant for effective management of the hosted APIs:

‘Proxies’ tab act as a central API Proxy repository that allows the API manager to view: API proxies and their content, Location of the API resource within the gateway, API developer

Currently chosen discoverability and approval type. On this page, administrators can modify this as necessary based on the permissions the user has on the SnapLogic platform, the contents of this page will be updated. 

As an example, a SnapLogic org admin like myself would have a global view of API proxies and APIs across all projects and project spaces, and therefore would be highly convenient from an administrative standpoint.

Through “Users” tab, API admins can easily perform API consumer user management tasks such user creation and deletion. An API consumer is a special type of user that can access the API developer portal, test APIs, and consume APIs that are hosted on the API Gateway. However, this user account is different from a SnapLogic platform user account.

Through “Access” tab, API admins can manage API requests securely. When an API consumer discovers an API through the developer portal, they will make an explicit API access request. The request will be logged here and the API admin has the option to either approve or deny it. Based on the action taken by the API admin, access is either granted or denied to the API consumer for the particular API proxy. Additionally, API admins have the option to revoke API access that was previously granted.

With ‘OAuth’ tab, API Managers can effectively manage OAuth2 applications.

Next, I will show the API Developer portal. To access the portal, I will use my API consumer credential and also specify the SnapLogic organization tied to the portal. After logging in as an API consumer, I can search for API Proxies, APIs and filter results based on status such as: pre-approved, pending, approved, denied, revoked, not-requested.

Once I identify an API proxy, I will click on it to drill down into it and review its contents. Next, I will navigate to the APIs tab to review the API’s request type, signature, among other things.

Another convenient aspect of this functionality is that API consumers can leverage this portal to test and consume APIs without having to rely on 3rd party Rest clients. By simply authorizing the API consumer user, we can click on the “Try it” button to test an API. 

As you can see here, users have the option to pass query parameters to the API dynamically before clicking ‘Execute’. Upon its invocation and execution, we see a 200 OK which indicates that the API call was successful. Additionally, you can validate the correctness of API design and functionality by reviewing request headers and response headers.

To summarize, we demonstrated how SnapLogic API Management enables API administrators to easily manage various aspects of API lifecycle such as security, access control, and re-usability.

Thank you for watching this video! If you would like to know more about SnapLogic API Management, please visit snapLogic.com.