Setting Up API Broker Workspaces
08 Jun 2020
I had begun playing around with the concept of API brokers back in 2014, and it is something that is recurring and evolving in a handful of the conversations I am having in the Postman ecosystem lately. API brokering is the concept that instead of developers directly engaging with all of the public APIs they will ned for an application, that a professional API broker could discover, sign-up, setup applications, and aggregate documentation, client libraries, and other essential items for developers. So all an application developer has to do is fire up a workspace, and they have all the docs, code, keys, and other elements ready to go for them to just start building. Saving an organization time and money by outsourcing much of the tedious work involved with discovering APIs, on-boarding with them, and preparing to build an API, letting organizations focus on what they do best.
Most of my talk in the past has been conceptual around being an API broker, but now with Postman I can actually do it for realz. I can take the many different workspaces of API collections I have and use them to populate client specific workspaces. Meaning I can setup a workspace specifically for companies I know that want quick access to a variety of APIs--without the friction of on-boarding themselves. Here are the building blocks I’ve established for my own definition of the API broker / client relationship.
- User - I am on the business plan, so I add a new slot for each of my clients, paying for their team license as part of the overall value that I am delivering to them. They use this user account whenever they are engaging with the API I am maintaining for them. I can apply appropriate roles, and terminate access whenever the relationship ends.
- Workspace - I setup a single workspace for my client, allowing them to access only the API, collections, environments, tests, and other artifacts I have established for them. I can create and manage one or many workspaces to help provide ready to go API integration solutions to assist them in the applications they are developing.
- Collections - Many of the collections I will be making available to clients will already be assembled and living in another workspace, so all I have to do is share them into each client workspace when they are requested. When I create new ones I will also follow this pattern, building them in a central workspace, and then sharing them to any workspace where they are needed.
- Environments - This is where things get personal with each client, and we taking the secrets, tokens, and keys we’ve gathered for them as part of the API broker relationship and we setup them up as a logical set of Postman environments. Abstracting away secrets from each collection, and allowing me as the API broker to reduce the friction of on-boarding for my customers. Making it single click for them to get up and running with each API made available via the workspace.
- Feedback Loop - Each API and collection I put in a workspace has a comment feature, allowing me to create inline feedback loops around each individual API, and even specific API requests. I am still working on the best approach to doing this across many clients, but I’m just looking to map out the basics as part of this first draft of an API broker model using the Postman platform.
- Role Based Authentication and Control - Postman also has RBAC enabled at the user, workspace, collection, and now environment layers of this conversation. Allowing me to make some of the essential parts and pieces of this readonly so that things don’t get broken along the way. Providing me with an important layer of control over the customers of my API broker business.
That is a pretty complete formula for an API broker business. All you need is a website, email address, and you are off and running. The beauty of it, the more collections you have created, the higher your margins become with each “client”. With Postman you can publish aggregate documentation and code libraries along with each of the APIs being made available via a workspace--which all helps lower the total time and cost of integration, and helps a customer be more efficient and consistent in how they integrate with APIs. Ultimately, I see a wealth of new services that could emerge from these workspaces, but I think the custom delivery of a variety of API collections, complete with personalized environments is a great place to start for anyone looking to get going.
I cam envision agencies that have multiple user accounts and workspaces for clients because they are providing ready to go API resources for a variety of applications. I need to put more thought into the business model around something like this and where you charge, and what you give away for free. I also imagine you’d see brokers pop up in the larger, more heavily regulated industries like healthcare and banking, where you already have standardized API specifications in place, but you also have a huge market of companies looking to integrate APIs into applications. I will keep pondering the possibilities of operating an API broker agency, and publish some more stories on the topic. I just wanted to lay down the base of what I had in mind when it came to operating an API brokerage on Postman out there, preparing me for some other conversations I am having on the subject.