The State of the API: Ever-Expanding API Ecosystem
February 18, 2020

Joyce Lin
Postman

The ProgrammableWeb application programming interface (API) directory had just over 1,600 APIs at the end of 2009. Heading into 2020, more than 22,000 APIs are now searchable, with 2019 seeing a faster growth rate than previous years. As we enter a new decade, API trends point to a booming ecosystem that is extending beyond the technology industry and those who code.


More non-developers are working with APIs, and there is greater diversity in where they work, according to the 2019 Postman State of the API Report based on a survey of more than 10,000 API developers, users, testers, and executives. The new report also shows that even though more time continues to be spent working with internal APIs, there is a shift from using public to partner APIs, compared to prior years.

So, who works with APIs, what APIs are they working on, how well are those APIs working, and where are APIs heading in the decade to come? Let's see what the survey says.

Who Works with APIs?

As APIs become more ubiquitous, they are no longer limited to programmers. While the largest group working with APIs is still the developer community, that number is trending down. Last year, 58.6% of respondents identified as either a front-end or back-end developer, compared to only 46.6% this year. A wider range of positions report working directly with APIs, including technical writers and executives.

And though about half of respondents (52.3%) are employed in technology, 41.2% are in business or IT services, with banking and finance coming in third, followed by healthcare, retail and manufacturing. The bottom three industries include government/defense, advertising/agencies and non-profits.

In addition, the majority of respondents are relatively new to APIs. Only 12.2% have 10 or more years of experience, compared to 78.2% with five or fewer years of experience. In such a young, fast-growing space, fresh recruits must come up to speed quickly. Most respondents (71%) say they gain API knowledge from on-the-job experience and colleagues, followed by published documentation (58%). However, most feel that the API documentation being produced is not sufficient. More on that later.

What Do They Work On?

While many organizations employ substantial numbers of developers, they are broken into smaller teams to align with organizational needs. More than half of respondents reveal that their organization employs more than 25 developers, but nearly three-quarters are assigned to teams of 10 or less — suggesting that teams are structured to be more responsive and agile. Most work with only a handful of APIs, while about 13% of those taking the survey report that they handle more than 50 APIs. As the number of APIs increased, so did the average number of people on the team.

The time spent on API tasks breaks down as expected. More time (26.1%) is spent on development than any other task, followed by debugging and manual testing (22.2%), automated testing (11.4%) and designing and mocking APIs (11.2%). Other tasks make up less than 10% of time spent each, including managing others (9.1%), API documentation (7.3%), API monitoring (5.7%), publishing APIs (3.6%), and writing about APIs (3.3%).

Comparing where respondents want to spend most of their time and where it is actually concentrated, the good news is that API development tops both lists. However, there is one disconnect: 70% of respondents devote more time to manual testing and debugging than they think they should. Instead of testing or troubleshooting, they want to shift efforts to designing and automating testing.

How Well Do APIs Work?

Fortunately, when it comes to performance, close to half of the respondents rate APIs high, claiming they do not break, stop working or materially change specification often enough to matter. The other half of respondents acknowledge that breakages and changes occurred on a monthly (28.4%), weekly (15.7%) or daily (3.2%) basis. Just 3.5% of respondents admit that breakages and changes occur too frequently.

While API security is a popular concern — driven by frequent news of API security breaches and misuse — the survey indicates differently. Nearly three-quarters of respondents feel that their APIs are "very secure" or have "above average security." And only 2.4% state that their APIs were “not at all secure."

Perhaps a drop in public API use contributes to increased security. While internal APIs remain steady, there has been a move from public to partner APIs over the last year. In 2019, 28.4% of APIs were shared only among integration partners, compared to 25.7% in 2018. Meanwhile, the percentage of time spent on public APIs openly available on the web dipped from 21.8% to 18.8%.

Where Are APIs Heading?

As we mentioned earlier, documentation needs improvement — more than half of respondents reveal that API documentation is below average or that APIs are not well documented, compared to 28.2% who assert the opposite. With the burgeoning API workforce relying on documentation to do their jobs well, there's a compelling reason for teams to invest more time here. Suggestions on how to improve include clear examples (63.5%), followed by standardization (59.4%) and sample code (57.8%). API consumers also find real-world use cases, better workflow processes, additional tools, and a software development kit (SDK) useful.

Beyond enhanced documentation, what will shape the future APIs? Microservices, containers and serverless architecture are among the most exciting technologies for developers in the next year, cited by 53.9%, 45.5% and 44.0% of respondents respectively. Also on the radar: OpenAPI 3.0, GraphQL, HTTP 2.0, and WebSockets.

As the expanding API ecosystem establishes new connections for more compelling digital experiences, this next decade will no doubt usher in the next chapter in API development.

Joyce Lin is a Developer Evangelist for Postman
Share this

Industry News

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.

November 23, 2020

Fugue announced the availability of its SaaS product in AWS Marketplace, further simplifying the process for Amazon Web Services customers to use Fugue to bring their environments into compliance quickly, demonstrate compliance at any time, and Shift Left on cloud security.

November 19, 2020

Rollbar announced AI-assisted workflows powered by its new automation-grade grouping engine.

November 19, 2020

Buildkite expanded its integration with GitHub and introduced a new onboarding experience.

November 19, 2020

Rancher Labs launched a new Partner Program for the OEM and embedded community.

November 18, 2020

Puppet announced its evolution to an integrated automation platform to enable key business initiatives such as scaling DevOps, risk reduction, policy as code, and evolving cloud strategies.

November 18, 2020

Adaptavist has joined the GitLab partner program as a Select partner.

November 18, 2020

Postman launched the beta version of public workspaces, a hub that makes it possible for both API producers and consumers to seamlessly communicate and collaborate in real time without team or organizational boundaries.

November 17, 2020

Red Hat introduced new capabilities for Red Hat Enterprise Linux and Red Hat OpenShift intended to help enterprises bring edge computing into hybrid cloud deployments.

November 17, 2020

Humio announced the availability of the Humio Operator.

November 17, 2020

Accurics announced that Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC), has been extended to support Helm and Kustomize.