10 Things To Do Before Your API Launch Posted in Strategy J Simpson November 9, 2022 You never get a second chance to make a first impression, as the saying goes. You’ve only got one chance to launch your API and have it go smoothly. Anything less could have the opposite effect of what you’re going for. Imagine you’re launching an API to help get your company’s name out there in your industry. Now imagine it starts returning 503 errors 15 seconds after launch. Instead of thinking of the brilliant innovators you no doubt are, users could associate your company with technical errors and an unreliable product. It’s vital that your API launch goes as smoothly as possible. The same goes for any updates you make — it might be even more important, as disrupting the service of your existing customers could have even more disastrous consequences than alienating new ones. To help avoid any potential issues that might arise, we’ve put together a checklist of things to consider before your API goes live. Your API Launch Checklist 1. Verify Your API Meets Stakeholders’ Needs While you hope your API is useful and attracts a broad audience of new users, first and foremost, you want to start by ensuring it meets the needs of your existing user base. You’ll want to do that before you launch your API in earnest, too, as once it’s live, it becomes exponentially harder to alter at a structural level. Some changes can be made by adding new endpoints or adding new fields, but changing the overall structure can cause breakage, which you don’t want. Uninformed API changes are often caused by different departments existing in siloes. The API development team doesn’t consider the sales team’s needs, for instance, because they don’t know what they are. There are a few ways this tendency can be avoided. The first is to adopt a design-first approach to API development. This way, you know what is needed before you begin building your API in earnest. Once you’ve settled on a design, you can capture the layout using an API specification like OpenAPI, which can then be shared with your teams, shareholders, or existing customers who will be using your API. They can then provide feedback before launching. Secondly, you could circulate a poll or form to your customers and shareholders asking for feedback about the project. It likely won’t be as particular as the OpenAPI feedback, but it’ll still give you some ideas of what actual users are looking for. 2. Check It Meets Quality Assurance and Testing Standards Software developers often follow a standard protocol to ensure their products are meeting up to industry standards. ISO/IEC 9126, for example, lays out guidelines to make sure your products are: Functional Reliable Usable Efficient Maintainable Portable It also ensures a product is effective, efficient, and satisfying in specific scenarios. Performance testing can tell you how your API will function under specific circumstances. It can tell you how quickly you can get a response from a specific endpoint, for instance. You could also check the response time for different geographic areas to see how your API will perform in other regions. API testing can even help you be ready for anything. For example, chaos engineering injects confusion and intentional harm into a software system to see how it reacts. Some API management tools like Postman or Kong have built-in chaos engineering, so it’s easy to integrate into an automated testing system. Finally, mutation testing puts your API through the paces by unleashing a mutating dataset and seeing what happens. This will give you an idea of how your API will perform in the wild, away from tightly-controlled testing environments. It’s to your benefit to do as much testing as possible on your API before launching. You should take this opportunity to get as close to being ready for anything as possible. 3. Release a Beta Version There’s nothing quite so useful as testing your products in the wild. Once you’ve settled on a design and implemented the key features and endpoints, releasing a demo as a beta version will help you obtain tangible feedback from real users. A beta version can help receive feedback from users who aren’t already stakeholders or existing team members. It can also offer invaluable insights into how users are actually using your product. 4. Identify Breaking Changes As part of the API design process, it’s vital you identify any changes that could cause other features to break. Once your API goes live, your API contract dictates it remain active and operational as much as possible. After you identify changes that can break your existing API, you can follow the proper protocols to prevent that from happening. Versioning can stop a great majority of breaking changes. Giving your users ample warning before any changes are rolled out will prevent even more. 5. Make Sure It’s Secure Security is one of the most critical aspects of an API. It’s well-known that APIs can be a real security risk if not implemented properly. This can be disastrous, especially if your API interacts with sensitive data like user info. Even if you’re in a rush, it’s important to be thorough in your API security testing. Take the time to review each endpoint and ensure it returns appropriate data. Do this for APIs intended for internal and external users alike. Refrain from assuming your internal APIs don’t need to be secure, as that often leads to loopholes that can become security vulnerabilities that cybercriminals can exploit. 6. Keep Documentation Up To Date This step mostly pertains to new versions of existing products. If you’re releasing a new version of an old API, it’s essential to ensure your documentation remains relevant and up-to-date. Much API documentation is generated directly from the OpenAPI specification, so it’s entirely possible that your existing documentation won’t capture certain changes unless you’re using specification-driven development. Make sure that your code examples remain up-to-date, as well. At the very least, a new user should be able to quickly achieve a simple Hello World! by reading your API documentation. 7. Release a Changelog This also applies to changes made to existing products. Releasing a changelog is a quick, easy way to alert users to what’s changed in a new version. This changelog can be easily disseminated among your existing users and customers, housed within the developer portal, attached to your GitHub, or even returned by the API itself. 8. Identify Changes to API Management Layer API management and API gateway layers exist between your code and your users. When implementing changes, it’s essential to make sure your API management layers are updated, as well. Ensure they’re configured to receive requests from new URLs to avoid potential issues. It’s possible to automate some of these changes as part of a CI/CD pipeline. Many API management solutions offer automated tools for registering new endpoints and applying new security options for any features you’ve altered. 9. Make Sure Your API Matches Existing API Contract Again, it’s important to remember that your API contract is your agreement with your customers. It’s vital that you can keep up with your end of the bargain, even after implementing a new product. Making sure your new API can meet existing standards laid out in your API contract should be part of the testing process. Many API specifications also have built-in standards, such as OpenAPI. This means automated testing tools can be used to verify your API will fulfill existing API contract standards. 10. Update API Testing Scripts You should run your API through as many tests as possible before going live to help avoid any unforeseen problems. API developers often run their APIs through functional testing and unit tests. This checks each endpoint to ensure it’s functioning correctly and that errors are handled properly. Acceptance testing makes sure that your API is doing what it’s supposed to do. This is also called solution-oriented testing. If you make any changes to your API, you’ll need to remember to update your testing scripts as well. It’s a simple step but can sometimes be overlooked when dealing with many different things. API Launch Checklist: Final Thoughts Following these ten simple steps will help you bridge the gap between API developer, c-suite, and end user. It’ll help you consider everybody that’s going to be using your API. It also enables you to think through potential issues systematically, so you can identify problems before they happen. You want your API to make a good impression. For example, if you’re offering your API as a product or service, you must strive to be as close to 99.999% uptime as possible. If you’re not, someone else will be. If you’re releasing an API to increase your clout in your industry or niche, it’s even more vital. A malfunctioning or underperforming API could have the opposite effect of what you’re going for. These above steps will help you avoid as many of these issues as possible to ensure your API rollout goes as smoothly as possible.