Skip to Content
API GovernanceAPI and Application Inventory

📋 API Inventory and Application Inventory in API Governance (ATA)

In AllThingsAPI (ATA), API Inventory and Application Inventory are two essential components for managing, tracking, and organizing APIs and their associated applications across your company. These features provide visibility, governance, and control over the lifecycle of APIs and applications, allowing you to easily track which APIs are available, which applications are using them, and their version history.

Together, these inventories help enforce API Governance by providing a clear structure to manage access, dependencies, and documentation while ensuring compliance with company standards.

🔑 What is API Inventory?

API Inventory in ATA is a centralized listing of all the APIs that have been created within API Spec in Developer Studio. This inventory provides a comprehensive overview of your organization’s API landscape, allowing users to quickly find, track, and manage APIs.

How API Inventory Works in ATA

  1. Listing API Details: Example:
    • Application Name: The name of the application associated with the API, making it easier to associate APIs with the correct applications.
    • Endpoint Name: The specific name of each API endpoint exposed by the application (e.g., /users/\{id\}, /products/\{id\}).
    • API Exposure Type: This specifies how the API is exposed. Examples include:
      • Internal: APIs meant to be used only within the organization.
      • External: APIs intended for external use, such as by clients or third-party partners.
      • BFF (Backend for Frontend): APIs designed specifically for frontend applications.
    • Team: The team responsible for the API, typically the Producer team. This helps in managing ownership and accountability for each API.
    • Business Application: The business context to which the API belongs (e.g., “E-commerce”, “User Management”). This provides additional insight into the purpose and scope of the API.
    • Created By: The individual or team that created the API, providing transparency and helping to identify the owners or maintainers of the API.
    • Application Name: User Management API
    • Endpoint Name: /users/{id}
    • API Exposure Type: Internal
    • Team: Backend Team
    • Business Application: User Management
    • Created By: John Doe
  2. Visibility and Tracking:Example:
    • API Inventory allows you to track the version of each API and its associated exposure type. This is particularly important when managing multiple versions of an API or tracking which teams have access to the API.
    • The API Inventory interface provides an overview of all published APIs, showing their details and version history, making it easier to manage dependencies across teams.
    • A version of the API, such as v1.0.0, is shown with its respective details like exposure type and which team owns it.
  3. API Dependencies:Example:
    • API Inventory also allows you to view dependencies between APIs. This enables you to understand how different APIs interact with one another, which is critical for managing updates, versioning, and testing.
    • It helps track which APIs are Producers (owners) and which are Consumers (users), ensuring proper access control and preventing issues when APIs are modified.
    • If API A (User Authentication API) depends on API B (User Profile API), you can see this dependency in the inventory. If API A is updated, ATA will automatically flag API B as potentially impacted, prompting the need for testing.

📱 What is Application Inventory?

Application Inventory in ATA is a view-only interface that displays all the applications created within your organization. This section aggregates information from Developer Studio and provides an overview of application details, API specs, linked collections, and associated documentation.

How Application Inventory Works in ATA

  1. Viewing All Applications:Example:
    • Application Inventory provides a view of all applications created within your company. You cannot modify applications directly from this view, but you can see detailed information about each application, including:
      • Package Info: Details about the application package, including its version and release status.
      • Release Notes: View release notes generated for the application, providing context on what has changed in each version.
      • API Spec: Access to the OpenAPI Spec associated with the application, detailing the API’s structure and endpoints.
      • Linked Collections: See which collections are associated with the application, ensuring that the correct test scenarios and validations are linked.
      • Documentation: Access the generated Swagger Docs, Design Docs, or File Level Docs associated with the application for easy reference and testing.
    • Application Name: User Authentication API
    • Package Info: v1.0.0
    • API Spec: OpenAPI Spec (Swagger)
    • Linked Collections: Test Collection A
    • Documentation: Swagger Docs for interacting with the API.
  2. Business Visibility:Example:
    • Application Inventory helps teams and business units stay informed about the applications being developed and managed within the organization. It ensures that all APIs, their versions, and associated documentation are organized in one place for easy access.
    • Since this is a view-only interface, users can see the current state of all applications in the organization without making modifications, ensuring transparency and centralized management.
    • Teams can use the Application Inventory to quickly find and review APIs being developed by other teams, ensuring they are aware of the latest changes and versions.
  3. Tracking Dependencies and Versions:Example:
    • Application Inventory also lets you track which APIs and API versions are used by each application. This provides a clear view of how applications are consuming APIs and helps manage dependencies across teams.
    • It also helps ensure that all applications are using the correct version of an API, which is critical when you want to avoid breaking changes when APIs are updated.
    • API A version 1.0.0 is used by Application X, while API A version 2.0.0 is used by Application Y. Application Inventory ensures that Application X is aware that API A v2.0.0 is now available and may need to be tested for compatibility.

⚙️ How API Inventory and Application Inventory Help with Governance

Both API Inventory and Application Inventory are essential tools for enforcing API Governance within your organization. Here’s how they support governance efforts:

1. Tracking API Usage and Ownership:

  • API Inventory ensures that all APIs are properly tracked, with clear ownership and version history. By associating APIs with specific Producer teams and Business Applications, it allows for better management of access, dependencies, and updates.
  • Application Inventory provides visibility into which APIs and API versions are being used by each application. This allows for easier coordination across teams and helps ensure that each application uses the correct version of an API.

2. Enforcing API Access Control:

  • By providing a view of the Producer-Consumer relationships, API Inventory and Application Inventory help enforce access control by showing which teams or applications have access to a given API.
  • Approval workflows for access requests can be managed with the information stored in these inventories, ensuring that only authorized users have access to sensitive or critical APIs.

3. Tracking API Dependencies:

  • API Inventory helps you track dependencies between APIs, showing which APIs rely on others for functionality or data. This is crucial for impact analysis when an API is updated or deprecated.
  • Application Inventory allows you to see how different applications depend on various APIs. This ensures that changes in one API don’t negatively affect others and provides insight into potential compatibility issues.

4. Ensuring Documentation and Compliance:

  • Application Inventory shows the associated API documentation (Swagger Docs, Design Docs, File Level Docs), ensuring that your API specifications are properly documented and easily accessible to all relevant stakeholders.
  • By linking API Specs and documentation to applications, ATA ensures that your APIs remain compliant with organizational standards and are ready for integration or consumption by other teams.

🧑‍💻 How to Access and Use API Inventory and Application Inventory

Accessing API Inventory:

  1. Navigate to the API Inventory section within the API Governance tab in ATA.
  2. View the list of APIs with details like:
    • Application Name
    • Endpoint Name
    • API Exposure Type
    • Producer Team
    • Consumer Team
    • Version and Business Application
  3. Track dependencies between APIs and manage how different teams and applications interact with each API.

Accessing Application Inventory:

  1. Go to the Application Inventory section within API Governance.
  2. View all applications created under your organization.
  3. See detailed information like:
    • Package Info
    • Release Notes
    • API Spec
    • Linked Collections and Documentation
  4. Get visibility into how different applications interact with and use APIs.

Conclusion

API Inventory and Application Inventory in ATA provide centralized visibility and control over the APIs and applications within your organization. These tools are critical for ensuring proper API governance, managing dependencies, tracking versions, and ensuring compliance with internal standards.

By integrating these inventories with API Governance, you can ensure that APIs are properly documented, accessible, and compliant across teams and projects, reducing the risk of integration failures and improving overall collaboration.

Happy managing! 🚀

API GovernanceAPI Info,Exposure and Secret_Manager