In this article, we will look at the topic of API performance and take a deeper dive into what the State of API 2016 Report revealed about the understanding, expectations, and reality of API performance.
Where Are The APIs?
The State of API 2016 Report includes responses from both API providers and consumers. 62% of survey respondents provide APIs, while 30.1% only consume APIs.
The State of API 2016 Report also includes input from different departments. 41% of the respondents identified themselves as developers, 36% as QA or testing professionals, and 13% as IT/operations.
We asked participants to name the areas where they expect the most API growth in next few years.
Mobile, IoT, and Enterprise Integration were the top choices.
54.14% said that mobile will drive the most API growth, closely followed by Internet of Things (IoT) 44.44%, Enterprise Integrations 28.21%, and Digital Security 24.04%.
When we took a closer look at specific industries, we found that 60% of those representing the financial industry and 57% of those representing banking said that mobile will drive API growth.
To test the hypothesis of APIs being on the emerging side of the technology curve, we asked respondents how long they have been dealing with APIs.
- 1 in 3 respondents said they have been working with APIs for the last 3-5 years.
- 1 in 3 respondents from government organizations and tech industry claimed to use APIs for more than 10 years.
Key takeaway: Even the less technically advanced industries seem to use APIs to accelerate innovation and reduce costs. Now that we confirmed with data that APIs are everywhere, let’s see what our survey respondents thought about the APIs they use.
API Quality and Performance
API providers across all industries agree that performance is the primary way to measure the success of an API. The focus on performance aligns with the expectations of consumers, who look at performance and availability as a top concern when evaluating an API.
Less than one-third of API providers look at number of subscribers, monetization, or retention as the primary method for measuring the success of API. While these metrics are critically important, providers agree that the success of an API will be dependent on its ability to perform and meet user expectations.
We asked API users about the most important characteristics they need in an API. Nearly 37% of respondents cited responsiveness or performance while 36% said service reliability, availability and uptime were the most important characteristics of a high-performing API.
If you look closely, APIs are not so different than your other online assets like websites, web applications, and mobile applications. They need to be up and running at all times, need to perform within a threshold defined by the consumer, and need to be functionally correct for all end users. Whether a business is using APIs to generate revenue, increase collaboration, or reduce costs — they need APIs to function properly at all times.
The importance of API performance isn’t limited to organizations that provide APIs. For example, if your application depends on a third-party API to complete a critical function for your users, you also need to be concerned about how that API is performing.
Highly regulated industries such as banking, finance, government, and healthcare chose performance and uptime/availability over any other measure of success.
The Risk Of a Poor API Performance
We asked respondents what they saw as the greatest potential risks of poor quality APIs to their organization. Respondents agreed that potential loss of customers and damaging company brand were among the top potential risk of poor quality APIs. 1 in 3 respondents mentioned loss of time and resources, and decreased speed of innovation as the most critical risks.
Respondents across industries and job functions agreed to that. We further analyzed the data to see how regulated industries such as finance, healthcare, and telecom see risks with poor quality APIs.
- Every other respondent representing the finance industry said that damaging company brand was a potential risk.
- 36% healthcare respondents said the impact on internal teams was the biggest potential risk.
- 40% of telecom respondents said that decreased speed and missing SLAs were the biggest risks.
Respondents representing various job functions and area of expertise also seemed to agree on the potential risks of poor APIs. Testers cared about damaging company brand while operations experts cared more about missing SLAs. 38.5% of testers said damaging company brand, 33.8% of developers and 28.8% of operations professionals agreed. 33.6% respondents working in Ops said missing SLAs was the biggest risk — 27% developers and 22.5% testers agreed.
What Do We Mean by Poor API quality?
API quality can be thought of as a combination of a number of critical factors:
- Functional correctness
- Performance or responsiveness
Every component of API quality is vital to successfully using APIs to empower your applications. Case in point: let’s say you are using an API that takes 150ms to establish a connection and additional time to deliver the payload. Depending on your request, the performance of this API may change drastically. For a 50KB payload it may respond in 150ms+100ms, but for a 1MB payload it may take up to 150ms+500ms. While your application awaits the API to complete a request, your end users refuse to wait. They abandon the action or worse, abandon the application.
Gone are the days when performance could be measured in seconds. API performance is measured in milliseconds and simply 1/20th second of a delay could lead to unacceptable user experience and unsatisfied end user. When your application lags or crashes, as the result of a problem with a third party app, your users will look to you for a solution and will associate a poor experience with your application, even if the issue is beyond your control. Functional correctness for APIs is as critical, if not more, as API availability. If the API doesn’t return the right data at the right place, it’s as good as broken for your app.
There are also some secondary and tertiary effects of a poor API quality. GitHub users couldn’t log in to GitHub when Twitter APIs failed in January 2016. Thousands of applications will undergo a mandatory upgrade when Google shuts down its Google Earth API in 2016.
When an API breaks or malfunctions, your applications get affected and so do your users. We asked professionals how they react upon encountering quality or performance issues with the 3rd party APIs they are using.
- One-third of API consumers mentioned that they will consider switching API providers permanently.
- 31% said they will report the problem externally to peers, customers, or partners.
- While 72% mentioned that they will report the problem to the API provider in hopes of faster resolution.
We asked respondents what they expect from API providers when an API issue occurs. Every other respondent said that they would like the API vendor to provide a description of the problem and steps being taken to resolve the issue, which is highly plausible. 45% of respondent mentioned that they would like an immediate notification or alert of an issue.
For API providers to fulfill such requirements, it is important that they monitor their APIs in production.
Then Why Don’t We Just Bulletproof Our APIs?
Considering all the discussion around importance of availability, uptime and performance of APIs, it seems very logical to bulletproof your APIs from all the issues that could ever occur. But it is easier said than done, as you might have imagined.
24% respondents mentioned that it takes providers, on average, 3-6 days to solve API issues.
Why do they take so long to resolve issues? We asked respondents for the biggest barriers to solving API issues.
- 45% mentioned determining the root cause of the issue
- 29% said isolation the API as being the cause of the issue
- 1 in 4 respondents mentioned that engaging the right person to fix the problem was the biggest barrier in solving API issues in a timely manner
We saw that professionals across industries and job functions understand the importance of API performance and availability; they also understand the aftereffects of API failures. But what are they doing to avoid API issues?
This is where API tools come into play. API testing tools help check APIs functionality and performance against various loads. API monitoring solutions help ensure availability and performance during production. Sophisticated application performance monitoring tools help correlate application issues to API issues, leading to quicker root cause analysis and shorter mean time to resolution. Alerting and operational intelligence tools help you engage the right people at the right time, speeding up the recovery.
A premium synthetic monitoring tool like AlertSite enable you to monitor your internal or 3rd party APIs proactively, from within your private network or from across the globe. AlertSite can help you find API and application issues, engage experts in timely manner and fix issues before they impact your end users. If you are using external 3rd party APIs for your mission critical applications, AlertSite can help you monitor SLAs and hold your vendors accountable in case of unavailability or performance degradations.
When asked about the tools organizations utilize to deliver high quality APIs, only 47.5% mentioned that they are actively monitoring the APIs. Over 70% use functional testing tools and 60% use load testing tools.
And this is evident across all industries, where 80% of healthcare professionals are only using functional testing tools and just 36% said they perform API monitoring.
API functional testing tools like SoapUI Pro and load testing tools like LoadUI are essential for testing API functionality and performance in pre-production environment. However to deliver guaranteed and high-quality API performance, it is absolutely essential to monitor the APIs in production.
For organizations that provide APIs, failing to monitor API performance can put you at risk at facing costly delays when attempting to resolve API issues. For companies that rely on third-party APIs to power internal or external systems or applications, failing to monitor can hurt productivity and damage relationships with end users.