Systems and/or methods for intelligently detecting API key domains
First Claim
1. An application programming interface (API) management system, comprising:
- a plurality of APIs, each said API having a native endpoint;
a plurality of gateways providing virtual endpoints to respective APIs, the gateways being configured to identify consumers attempting to access the APIs and forward API calls for authorized consumers to the native endpoints;
a registry stored on a non-transitory computer readable storage medium, the registry storing (a) registration information indicating which consumers have registered for which APIs, (b) metadata that includes information concerning operations supported by, and native and virtual endpoint information for, the APIs, and (c) runtime data from the gateways for at least API call type events, the runtime data including, for each API call type event, a timestamp, a consumer identifier, a location, and an identifier of the API being called;
a communications channel defined between the gateways and the registry, the communications channel being configured to transmit runtime data from the gateways to the registry; and
processing resources comprising at least one processor and a memory, the processing resources being configured to;
detect API domains by analyzing the registration information and the runtime data from the gateways, each said detected API domain including at least two of the APIs, andfor a given detected API domain,receiving an indication as to whether the respective detected API domain is approved of by a provider of the APIs included therein, andin response to the respective detected API domain being approved of by the provider, registering the respective detected API domain with the registry by storing in the registry metadata including information concerning operations supported by, and native and virtual endpoint information for, the respective detected API domain.
1 Assignment
0 Petitions
Accused Products
Abstract
Certain example embodiments described herein relate to an application programming interface (API) management system and/or method that automatically detects API domains, e.g., by analyzing consumer registration and runtime data, while also allowing API providers to provide approval for proposed detected domains and/or continued governance. The technology set forth herein not only provides an automatic detection mechanism, but also provides the capability of full management/control, while also allowing API producers to dynamically expand or otherwise modify their API domain offerings based on usage, etc. This dynamic process can be fully or partially automated and is efficient.
-
Citations
30 Claims
-
1. An application programming interface (API) management system, comprising:
-
a plurality of APIs, each said API having a native endpoint; a plurality of gateways providing virtual endpoints to respective APIs, the gateways being configured to identify consumers attempting to access the APIs and forward API calls for authorized consumers to the native endpoints; a registry stored on a non-transitory computer readable storage medium, the registry storing (a) registration information indicating which consumers have registered for which APIs, (b) metadata that includes information concerning operations supported by, and native and virtual endpoint information for, the APIs, and (c) runtime data from the gateways for at least API call type events, the runtime data including, for each API call type event, a timestamp, a consumer identifier, a location, and an identifier of the API being called; a communications channel defined between the gateways and the registry, the communications channel being configured to transmit runtime data from the gateways to the registry; and processing resources comprising at least one processor and a memory, the processing resources being configured to; detect API domains by analyzing the registration information and the runtime data from the gateways, each said detected API domain including at least two of the APIs, and for a given detected API domain, receiving an indication as to whether the respective detected API domain is approved of by a provider of the APIs included therein, and in response to the respective detected API domain being approved of by the provider, registering the respective detected API domain with the registry by storing in the registry metadata including information concerning operations supported by, and native and virtual endpoint information for, the respective detected API domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of managing application programming interfaces (APIs), the method comprising:
-
providing a plurality of gateways providing virtual endpoints to APIs that have respective native endpoints, the gateways being configured to identify consumers attempting to access the APIs and forward API calls for authorized consumers to the native endpoints; storing, in a registry provided on a non-transitory computer readable storage medium, (a) registration information indicating which consumers have registered for which APIs, (b) metadata that includes information concerning operations supported by, and native and virtual endpoint information for, the APIs, and (c) runtime data from the gateways for at least API call type events, the runtime data including, for each API call type event, a timestamp, a consumer identifier, a location, and an identifier of the API being called; detecting, via at least one processor, API domains by analyzing the registration information and the runtime data from the gateways, each said detected API domain including at least two of the APIs; and for at least some of the detected API domains and using the at least one processor; receiving an indication as to whether the respective detected API domain is approved of by a provider of the APIs included therein, and in response to the respective detected API domain being approved of by the provider, registering the respective detected API domain with the registry by storing in the registry metadata including information concerning operations supported by, and native and virtual endpoint information for, the respective detected API domain. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method of managing application programming interfaces (APIs), the method comprising:
-
providing a plurality of gateways providing virtual endpoints to APIs that have respective native endpoints, the gateways being configured to identify consumers attempting to access the APIs and forward API calls for authorized consumers to the native endpoints; storing, in a registry provided on a non-transitory computer readable storage medium, (a) registration information indicating which consumers have registered for which APIs, (b) metadata that includes information concerning operations supported by, and native and virtual endpoint information for, the APIs, and (c) runtime data from the gateways for at least API call type events, the runtime data including, for each API call type event, a timestamp, a consumer identifier, a location, and an identifier of the API being called; and responding to a consumer registering for a plurality of APIs by using at least one processor for at least; generating, via at least one processor, API domain proposals by analyzing the registration information and the runtime data from the gateways, each said API domain proposal including at least two of the APIs, and for at least some of said API domain proposals, receiving first input indicating whether the respective domain proposal is approved of by a provider of the APIs included therein, in response to the respective domain proposal being approved of by the provider, receiving second input indicating whether the respective domain proposal is accepted by the consumer registering for the APIs, and in response to the respective domain proposal being approved of by the provider and accepted by the consumer registering for the APIs, registering the respective domain proposal with the registry as an API domain by storing in the registry registration information indicating that the consumer has registered for the respective API domain, and by storing metadata including information concerning operations supported by, and native and virtual endpoint information for, the respective API domain. - View Dependent Claims (29, 30)
-
Specification