The State of the API: Ever-Expanding API Ecosystem
February 18, 2020

Joyce Lin
Postman

The ProgrammableWeb application programming interface (API) directory had just over 1,600 APIs at the end of 2009. Heading into 2020, more than 22,000 APIs are now searchable, with 2019 seeing a faster growth rate than previous years. As we enter a new decade, API trends point to a booming ecosystem that is extending beyond the technology industry and those who code.


More non-developers are working with APIs, and there is greater diversity in where they work, according to the 2019 Postman State of the API Report based on a survey of more than 10,000 API developers, users, testers, and executives. The new report also shows that even though more time continues to be spent working with internal APIs, there is a shift from using public to partner APIs, compared to prior years.

So, who works with APIs, what APIs are they working on, how well are those APIs working, and where are APIs heading in the decade to come? Let's see what the survey says.

Who Works with APIs?

As APIs become more ubiquitous, they are no longer limited to programmers. While the largest group working with APIs is still the developer community, that number is trending down. Last year, 58.6% of respondents identified as either a front-end or back-end developer, compared to only 46.6% this year. A wider range of positions report working directly with APIs, including technical writers and executives.

And though about half of respondents (52.3%) are employed in technology, 41.2% are in business or IT services, with banking and finance coming in third, followed by healthcare, retail and manufacturing. The bottom three industries include government/defense, advertising/agencies and non-profits.

In addition, the majority of respondents are relatively new to APIs. Only 12.2% have 10 or more years of experience, compared to 78.2% with five or fewer years of experience. In such a young, fast-growing space, fresh recruits must come up to speed quickly. Most respondents (71%) say they gain API knowledge from on-the-job experience and colleagues, followed by published documentation (58%). However, most feel that the API documentation being produced is not sufficient. More on that later.

What Do They Work On?

While many organizations employ substantial numbers of developers, they are broken into smaller teams to align with organizational needs. More than half of respondents reveal that their organization employs more than 25 developers, but nearly three-quarters are assigned to teams of 10 or less — suggesting that teams are structured to be more responsive and agile. Most work with only a handful of APIs, while about 13% of those taking the survey report that they handle more than 50 APIs. As the number of APIs increased, so did the average number of people on the team.

The time spent on API tasks breaks down as expected. More time (26.1%) is spent on development than any other task, followed by debugging and manual testing (22.2%), automated testing (11.4%) and designing and mocking APIs (11.2%). Other tasks make up less than 10% of time spent each, including managing others (9.1%), API documentation (7.3%), API monitoring (5.7%), publishing APIs (3.6%), and writing about APIs (3.3%).

Comparing where respondents want to spend most of their time and where it is actually concentrated, the good news is that API development tops both lists. However, there is one disconnect: 70% of respondents devote more time to manual testing and debugging than they think they should. Instead of testing or troubleshooting, they want to shift efforts to designing and automating testing.

How Well Do APIs Work?

Fortunately, when it comes to performance, close to half of the respondents rate APIs high, claiming they do not break, stop working or materially change specification often enough to matter. The other half of respondents acknowledge that breakages and changes occurred on a monthly (28.4%), weekly (15.7%) or daily (3.2%) basis. Just 3.5% of respondents admit that breakages and changes occur too frequently.

While API security is a popular concern — driven by frequent news of API security breaches and misuse — the survey indicates differently. Nearly three-quarters of respondents feel that their APIs are "very secure" or have "above average security." And only 2.4% state that their APIs were “not at all secure."

Perhaps a drop in public API use contributes to increased security. While internal APIs remain steady, there has been a move from public to partner APIs over the last year. In 2019, 28.4% of APIs were shared only among integration partners, compared to 25.7% in 2018. Meanwhile, the percentage of time spent on public APIs openly available on the web dipped from 21.8% to 18.8%.

Where Are APIs Heading?

As we mentioned earlier, documentation needs improvement — more than half of respondents reveal that API documentation is below average or that APIs are not well documented, compared to 28.2% who assert the opposite. With the burgeoning API workforce relying on documentation to do their jobs well, there's a compelling reason for teams to invest more time here. Suggestions on how to improve include clear examples (63.5%), followed by standardization (59.4%) and sample code (57.8%). API consumers also find real-world use cases, better workflow processes, additional tools, and a software development kit (SDK) useful.

Beyond enhanced documentation, what will shape the future APIs? Microservices, containers and serverless architecture are among the most exciting technologies for developers in the next year, cited by 53.9%, 45.5% and 44.0% of respondents respectively. Also on the radar: OpenAPI 3.0, GraphQL, HTTP 2.0, and WebSockets.

As the expanding API ecosystem establishes new connections for more compelling digital experiences, this next decade will no doubt usher in the next chapter in API development.

Joyce Lin is a Developer Evangelist for Postman
Share this

Industry News

February 02, 2023

Red Hat announced a multi-stage alliance to offer customers a greater choice of operating systems to run on Oracle Cloud Infrastructure (OCI).

February 02, 2023

Snow Software announced a new global partner program designed to enable partners to support customers as they face complex market challenges around managing cost and mitigating risk, while delivering value more efficiently and effectively with Snow.

February 02, 2023

Contrast Security announced the launch of its new partner program, the Security Innovation Alliance (SIA), which is a global ecosystem of system integrators (SIs), cloud, channel and technology alliances.

February 01, 2023

Red Hat introduced new security and compliance capabilities for the Red Hat OpenShift enterprise Kubernetes platform.

February 01, 2023

Jetpack.io formally launched with Devbox Cloud, a managed service offering for Devbox.

February 01, 2023

Jellyfish launched Life Cycle Explorer, a new solution that identifies bottlenecks in the life cycle of engineering work to help teams adapt workflow processes and more effectively deliver value to customers.

January 31, 2023

Ably announced the Ably Terraform provider.

January 31, 2023

Checkmarx announced the immediate availability of Supply Chain Threat Intelligence, which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.

January 31, 2023

Qualys announced its new GovCloud platform along with the achievement of FedRAMP Ready status at the High impact level, from the Federal Risk and Authorization Management Program (FedRAMP).

January 30, 2023

F5 announced the general availability of F5 NGINXaaS for Azure, an integrated solution co-developed by F5 and Microsoft that empowers enterprises to deliver secure, high-performance applications in the cloud.

January 30, 2023

Tenable announced Tenable Ventures, a corporate investment program.

January 26, 2023

Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.

January 26, 2023

Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.

January 25, 2023

SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.

January 25, 2023

Venafi introduced TLS Protect for Kubernetes.