API reference architecture model
POSTED : February 15, 2018
BY : Patrick Chipman

This reference architecture is an overview of the runtime components needed for the effective, mature delivery of APIs. In our reference architecture, legacy services and data are consumed by APIs, which either proxy calls to enterprise services or use microservice aligned data stores to provide accelerated query delivery. A CDN and caches improve the delivery of large entities and slowly changing data. Virtualized endpoints enable a “sandbox” where external developers can test their consuming applications against realistic simulations of production. IdP and IAM systems provide security, while the API portal enables the consuming developer experience. External and internal monitoring systems provide proactive notifications of problems in your APIs. In the middle of all of this, the API gateway provides centralized management of security, transformation, and routing.

API reference architecture


  • Threat exposure management
  • Endpoint monitoring and alerting

Legacy systems

  • Enterprise service delivery
  • Shared data stores: Data stores shared by more than one application or for the general operational storage of data

API systems

  • Internal user IdP
  • External user IdP/IAM
  • API gateway
  • CDN
  • Cache
  • API portal
  • Virtualized endpoints: A functioning mock of each API, creating a production sandbox to serve consuming applications’ SDLC
  • Operational monitoring
  • API delivery
  • Microservices aligned data stores
  • Data designed and stored for the purposes of organization and agility

However, this reference architecture only covers runtime components. A mature API program also includes lifecycle components not depicted here. These include interface editors and collaboration tools that you can use to develop API definitions and iterate on them with your consumers, as well as continuous delivery tools to deploy APIs in an agile way. Another key lifecycle component is the formal definition, made up of business use cases and test cases, which defines the behavior of the API and guides its development.

As you can see, a solid bedrock of tools is necessary to enable an API program, but there’s far more to API delivery than just an array of software. PK has the experience and knowledge to help you select and implement the API reference architecture, lifecycle tools, and business processes necessary to unlock the value of consumer-driven APIs.

Learn more about how to build APIs for consumers, not systems.

Tags: , , , ,