Does the API prototype or design consider data formats and standards? Are identifiers business friendly and usable for external API consumers? Are they considering security and privacy requiremnets? Does your API and all the endpoints have a clear business-related value proposition?
The API Audit checklist is used to validate that all relevant things have been considered in the prototype or design. See Build API phase for details. For passing this audit stage, you don't need to have a technical design. However, all APIs going to testing or production should pass these audit criteria, too.
Are the designs, whether endpoints or message channels, optimized for use? Does the API utilize HTTP methods or messaging patterns consistently? Does it provide clear responses or acknowledgment messages? Essentially, is the API design comprehensible, technically usable, and secure?
By now, you should have a preliminary technical API design, possibly using OpenAPI or AsyncAPI. While the API might not be fully operational at this stage, any API advancing to testing or production should meet these audit standards.
Is the API ready for publishing to the API consumers? Is it safe? Does it promote good developer experience?
In this step audit the final API design in a run-time environment (staging, production). All APIs going to production environment should pass all audit criteria.
View the checklist and read a 15 min case study on how to use it with a real API, or watch the video.
Great APIs need skilled people and a good method, which let's you create APIs as products - fast.
APIOps Cycles method is vendor & technology-neutral.
Read the free e-book "The 8 wastes of lean in API development". Learn quick tips on how to remove the wastes using the APIOps Cycles method.