What is an API?
An Application Programming Interface (API) allows two systems to communicate with one another. An endpoint is one end of a communication channel. When an API interacts with another system, the touchpoints of this communication are considered endpoints. The place that APIs send requests and where the resource lives, is called an endpoint. APIs work using ‘requests’ and ‘responses.’
HTTP requests and responses
HTTP is designed to enable communications between clients and servers. HTTP works as a request-response protocol between a client and server. An HTTP client sends an HTTP request to a server. After receiving and interpreting a request message, a server responds with an HTTP response message.
Why should APIs be monitored?
Organizations leverage APIs to transfer vital information, processes, transactions, and more. API usage will only increase as time goes on, and making sure that each endpoint in API communication is intact is vital to the success of each API. Understanding how each API is performing can drastically change the way you’re able to capture the value APIs add to your business. Proactively Monitoring APIs can ensure that you’re able to find issues before real users experience them.
API monitoring in Serverless360
Serverless360 API monitoring helps to set up monitoring on the endpoints and get to know if the API is healthy. If there is a state mismatch, you will be notified of the error details so that you can immediately take action on the API.
You can also configure the request to your endpoint by providing Authorization Credentials, Payload and/or Custom Header. With the API Monitoring feature, you can monitor the endpoint based on Status Code, Keywords in the message body, Response time. API can be monitored for its response and responsiveness.
On talking about Authorization Serverless360 has two mode of authorization they are
- Basic Authorization
- OAuth Authorization
In basic authorization Username and Password is used to generate authorization token. In OAuth authorization, the authorization token is obtained from the user-provided Endpoint.
API end point can be associated like any other resource to a Status Moitor, Threshold Monitor and Watch Monitor. In case of Status Monitor, the API will be pinged at the configured time interval and report with status based on the expected response configuration will be shared on the notification channels.
In case of a Threshold Monitor, the endpoint will be pinged every 1 minute, in case of any error, notification will be fired.
Watch Monitor is to monitor API endpoint at specified frequency between 5 minutes and 15 minutes.
OAuth 2.0 client credentials flow
Serverless360 supports OAuth 2.0 client credentials grant specified in RFC 6749, sometimes called two-legged OAuth, to access web-hosted resources by using the identity of an application. This type of grant is commonly used for server-to-server interactions that must run in the background, without immediate interaction with a user.
Below is an illustration to get access token from OAuth 2.0 using client credentials