How to assess the quality of an API
Whether buying a new house or shopping for a new pair of shoes, you probably have a checklist for the features you’re looking for in a quality product. If you’re looking to invest in an application programming interface (API), then you should maintain the same standards. The potential that an API offers is undeniable. At a base level, APIs present opportunities to:
- Scale quickly
- Improve customer experience
- Acquire actionable data
However, there are also many limits and myths that surround them. To ensure the financial institution is investing in a quality API, be sure to assess the key differentiators for API features and capabilities.
APIs are not “one-size-fits-all”
While a secure and functional API could be developed in a few days, this doesn’t mean every API built through different processes are of the same caliber. Some APIs are just better built and allow for features such as a greater depth of data access, better security, automated testing, deployment controls and documentation, to name a few.
“I’ve heard developers say that they can crank these things out and that it’s really easy to put an API in place,” says Sageworks strategic advisor Paul Kasinski. “While that’s true, at the end of the day, those APIs will likely miss several key requirements.” Simply put, all APIs are not created equal, and it takes careful deliberation to assess if a particular API is right for your institution.
Kasinski recently led the Sageworks webinar, “Busting API Myths at the Intersection of Banking and Fintech,” during which he described practical tools for finding and leveraging an API.
Learn more about growing your loan portfolio.
Key features and capabilities
Breadth and depth of access. More doesn’t always mean better. It’s important to determine who needs access to data and what data needs to be accessed. More specifically, determine what data does not need to be accessed, such as trade secrets and corporate intellectual property, and identify practical limits with regards to the data set, such as limits to size for performance and bandwidth.
Security. APIs, like other technologies, are subject to accidental and malicious events that can jeopardize their security. It’s incredibly important to make sure that the right protocols and security metrics are in place. Attention to security is a huge differentiator in regard to the quality of the API.
Automated testing. Financial institutions should ensure that each API is tested in every conceivable way that a user may use it. Automated testing, and the tools that allow you to perform it, is a very robust process, but it is essential for API development.
Configuration and deployment controls. “It’s important to understand that with an API, when a partner is producing and developing the API that you’re relying on – you’re not the only customer,” warns Kasinski. There are hundreds and thousands of customers that are reliant on that application functioning as it should. With this in mind, the controls around deployment are extremely important.
Documentation and developer tools and portals. These features might seem extraneous, but they are major differentiators when determining API quality. “Even though these seem like ‘nice-to-haves,’ at the end of the day, the effectiveness you have with engaging someone else’s API is going to depend on how well it’s supported and how well the tools work for your developers to be effective,” explains Kasinski.
It can be exceedingly easy to use an API that is well-developed, well-maintained and well-documented. Meanwhile, trying to leverage a poorly designed or documented API can cause a lot of extra development effort and create unpredictable results for your end users. These are all elements of an API you’ll want to assess when determining the quality.
For more information about navigating APIs, watch the webinar “Busting API Myths at the Intersection of Banking and FinTech.”