Here are the steps to follow for your UCSB campus IT department to publish an API in the Apigee system for others to consume.
Publishing your API has two aspects.
On the Administrative side we need to review and record details about the API being offered in case of any problems once it is in use. We also address issues like data protection level, security information, who to contact about problems and questions and recording who is responsible for the data offered via the API.
This will trigger a review workflow process where a campus Apigee team member will review the API. An administrator of your department will need to approve publishing the API as well.
On the Technical side use of the Swagger documentation standard is required. If you have not yet done so please document your API with Swagger.
API Guidelines and Standards. In this document you can review the standards that the API Management team has set for APIs published in the API Gateway.
Creating an API Spec. This document is geared towards the Gateway Admin and it is helpful to understand how to get your API ready for publishing.
After filling out the "API Publishing Request" form your request will go through an approval process.
You should receive an email notification at each step in the approval process.
This process is necessary to ensure that the person responsible for any data your API provides is aware of the API and approves the exposure. It is also ensures that the API offered meets minimum technical standards.
Things to be aware of:
- Any non-public data that will be available via the API you're offering needs to be approved by a responsible party.
- The Apigee API system has been designed to be appropriately secure and flexible.
- Approval steps:
- Initial Review - A member of the Apigee admin group will review the request. If additional information is needed the request may be marked "Pending More Info" for a time.
- Business Review - In this step the responsible business person is asked to review and approve the publishing of the API. This is typically a unit or department head. If additional information is needed the request may be marked as "Pending more business info" for a time.
- Technical Review - A member of the Apigee admin group will review the API to see if it performs as documented and conforms to the technical guidelines. If additional information is needed the request may be marked "Pending more Admin info" for a time.
- Published - This is when the request is made available through the Apigee API Gateway and usable via the Apigee Gateway.
Other possible states:
- Business Denied - If the Business Officer responsible for the data decides the API is not suitable they can deny the request to publish.
- Admin Denied - If in Technical Review the API is found to be lacking necessary features, safeguards or other aspects, the request may be denied.
- Retired - If an API is obsolete, superseded or otherwise no longer needed it will be retired.