Runscope API Testing and Monitoring    Learn More →

API Monitoring for API Management: The Ins & Outs

By Jon Wilfong on .

During my years at Mashery, an API management provider, I had the privilege of helping customers launch and scale successful API programs. Now that I'm at Runscope, I want to share my knowledge of how API monitoring can help companies using any form of API management. Including myself, more than 25% of Runscope employees have previously worked at API management companies, so we often find ourselves discussing the ways in which Runscope can help companies who have deployed API proxies, gateways and ESBs. 

API management and API monitoring are two different but complementary solutions that support your APIs:

  • API management will help you stand up your API, allow the intended audience to procure API keys and help you to manage throttling, access controls and more.
     
  • Once you’ve stood up your API, API monitoring keeps a constant eye on the API that your developers and company rely on. It does so by running scheduled tests and alerting you to when an API goes down, is slow or is returning incorrect data so you can solve API problems before they impact your customers.

Most of the time, reaping the benefits of API Management requires the insertion of a reverse-proxy or API gateway into your infrastructure and API call flow. Many of these solutions are designed for scale and reliability, but as most of us in the tech industry know, there can always be a time that something fails.

Here are the ways that you can prevent, identify and solve issues with API proxies and gateways a heck of a lot faster by using Runscope.

Monitoring the Ins & Outs

In order to identify the source of an API issue, keeping an eye on all the segments of an API call is critical. Gateways and proxies, whether they’re in the cloud or on-premises, introduce another component in your infrastructure, and thus another component that needs monitoring.

If your APIs are responding too slowly and/or are returning unexpected status codes or incorrect data, this could affect your mobile clients and integrations, potentially hurting your business.

Do you currently have the insight needed to identify where the problem is occurring? Are you confident that you’ll find the problem before your customers or partners do? 

Here's how you can use Runscope to monitor your proxies: 

Step 1: Create tests in Runscope that hit the gateway/proxy. Run them on a frequent schedule. I recommend once-a-minute basic tests that assert on latency, response codes, different HTTP verbs and also validate some expected responses.

Step 2: Create another set of tests which mimic the first tests as closely as possible but direct them to your application server instead of your gateway. You may be able to to skip some authorization and authentication since your gateway likely provides these services.

Note: You’ll most likely want to use Runscope’s 12 global cloud locations as well as the On-Premises Agent in tandem for monitoring both of these scenarios from within and outside of your own network.  The On-Premises agent will execute tests against private and/or unprotected APIs and send results to Runscope’s cloud-based dashboard.

Alerting the Right Team

Option 1: An automated service tells you that something is wrong.

Option 2: Your customer tells you that something is wrong.

Feel free to vote for Option 2, but be prepared for an influx of support tickets that could have been prevented.

Now that you’re running frequent functional tests against different components in your stack, Runscope can notify you and your team when assertions fail before or after hitting your gateway. We’ll even let your team know when and where issues arise via Slack, Hipchat, PagerDuty and more.

Fix It Faster

Reproducing issues is a pain. Have you ever experienced a production issue, tried to get help, and been told, “I don’t see any problems on my side. Can you try reproducing the issue?"

That’s why we have sharable links, which let you solve problems faster within your own team, and even with outside groups. If a scheduled test fails when hitting the API gateway but passes when hitting your services directly, why not send a link of both results directly to your vendor? Getting a clear picture of the request and response should cut out some extra steps, shorten incident time and minimize the amount of effort spent by both you and your vendor.  Everyone wins!

Recap / TL;DR

API gateways and proxies offered by API Management vendors can save your team a huge amount of time and effort, but they can also create another point of failure in your stack. Runscope can help you prevent, identify and solve API problems faster if you have a gateway or proxy in your infrastructure.  How?

Prevent: Run tests on a schedule from multiple locations. Monitor at your gateway as well as at your API source.

Identify: Notifications inform you of problems before your customers find them. Quickly determine where in your stack the problem is getting introduced.

Solve: Inspect the request/response before and after the call hits your gateway. Share the results internally and with your vendors for a faster resolution.

Let us know if you’re using API monitoring in conjunction with your API management solution in the comments and sign up for Runscope for free to start monitoring your APIs—and your API proxies today. I’m happy to help get you started, feel free to email me at jon@runscope.com with questions!

Categories: api ecosystem, howto, monitoring

Everything is going to be 200 OK®