The State of the API: Ever-Expanding API Ecosystem
February 18, 2020

Joyce Lin
Postman

The ProgrammableWeb application programming interface (API) directory had just over 1,600 APIs at the end of 2009. Heading into 2020, more than 22,000 APIs are now searchable, with 2019 seeing a faster growth rate than previous years. As we enter a new decade, API trends point to a booming ecosystem that is extending beyond the technology industry and those who code.


More non-developers are working with APIs, and there is greater diversity in where they work, according to the 2019 Postman State of the API Report based on a survey of more than 10,000 API developers, users, testers, and executives. The new report also shows that even though more time continues to be spent working with internal APIs, there is a shift from using public to partner APIs, compared to prior years.

So, who works with APIs, what APIs are they working on, how well are those APIs working, and where are APIs heading in the decade to come? Let's see what the survey says.

Who Works with APIs?

As APIs become more ubiquitous, they are no longer limited to programmers. While the largest group working with APIs is still the developer community, that number is trending down. Last year, 58.6% of respondents identified as either a front-end or back-end developer, compared to only 46.6% this year. A wider range of positions report working directly with APIs, including technical writers and executives.

And though about half of respondents (52.3%) are employed in technology, 41.2% are in business or IT services, with banking and finance coming in third, followed by healthcare, retail and manufacturing. The bottom three industries include government/defense, advertising/agencies and non-profits.

In addition, the majority of respondents are relatively new to APIs. Only 12.2% have 10 or more years of experience, compared to 78.2% with five or fewer years of experience. In such a young, fast-growing space, fresh recruits must come up to speed quickly. Most respondents (71%) say they gain API knowledge from on-the-job experience and colleagues, followed by published documentation (58%). However, most feel that the API documentation being produced is not sufficient. More on that later.

What Do They Work On?

While many organizations employ substantial numbers of developers, they are broken into smaller teams to align with organizational needs. More than half of respondents reveal that their organization employs more than 25 developers, but nearly three-quarters are assigned to teams of 10 or less — suggesting that teams are structured to be more responsive and agile. Most work with only a handful of APIs, while about 13% of those taking the survey report that they handle more than 50 APIs. As the number of APIs increased, so did the average number of people on the team.

The time spent on API tasks breaks down as expected. More time (26.1%) is spent on development than any other task, followed by debugging and manual testing (22.2%), automated testing (11.4%) and designing and mocking APIs (11.2%). Other tasks make up less than 10% of time spent each, including managing others (9.1%), API documentation (7.3%), API monitoring (5.7%), publishing APIs (3.6%), and writing about APIs (3.3%).

Comparing where respondents want to spend most of their time and where it is actually concentrated, the good news is that API development tops both lists. However, there is one disconnect: 70% of respondents devote more time to manual testing and debugging than they think they should. Instead of testing or troubleshooting, they want to shift efforts to designing and automating testing.

How Well Do APIs Work?

Fortunately, when it comes to performance, close to half of the respondents rate APIs high, claiming they do not break, stop working or materially change specification often enough to matter. The other half of respondents acknowledge that breakages and changes occurred on a monthly (28.4%), weekly (15.7%) or daily (3.2%) basis. Just 3.5% of respondents admit that breakages and changes occur too frequently.

While API security is a popular concern — driven by frequent news of API security breaches and misuse — the survey indicates differently. Nearly three-quarters of respondents feel that their APIs are "very secure" or have "above average security." And only 2.4% state that their APIs were “not at all secure."

Perhaps a drop in public API use contributes to increased security. While internal APIs remain steady, there has been a move from public to partner APIs over the last year. In 2019, 28.4% of APIs were shared only among integration partners, compared to 25.7% in 2018. Meanwhile, the percentage of time spent on public APIs openly available on the web dipped from 21.8% to 18.8%.

Where Are APIs Heading?

As we mentioned earlier, documentation needs improvement — more than half of respondents reveal that API documentation is below average or that APIs are not well documented, compared to 28.2% who assert the opposite. With the burgeoning API workforce relying on documentation to do their jobs well, there's a compelling reason for teams to invest more time here. Suggestions on how to improve include clear examples (63.5%), followed by standardization (59.4%) and sample code (57.8%). API consumers also find real-world use cases, better workflow processes, additional tools, and a software development kit (SDK) useful.

Beyond enhanced documentation, what will shape the future APIs? Microservices, containers and serverless architecture are among the most exciting technologies for developers in the next year, cited by 53.9%, 45.5% and 44.0% of respondents respectively. Also on the radar: OpenAPI 3.0, GraphQL, HTTP 2.0, and WebSockets.

As the expanding API ecosystem establishes new connections for more compelling digital experiences, this next decade will no doubt usher in the next chapter in API development.

Joyce Lin is a Developer Evangelist for Postman
Share this

Industry News

July 09, 2020

ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.

July 09, 2020

RunSafe Security announced a partnership with JFrog that will enable RunSafe to supercharge binary protections via a simple plugin that JFrog users can deploy within their Artifactory repositories and instantly protect binaries and containers.

July 09, 2020

LeanIX closed $80 million in Series D funding led by new investor Goldman Sachs Growth.

July 08, 2020

Afi.ai introduced Afi Data Platform, a cloud-based replication and resiliency service that helps to monitor, predict downtime and recover K8s applications.

July 08, 2020

D2iQ announced the release of Conductor, a new interactive learning platform that enables enterprises to access hands-on cloud native courses and training.

July 08, 2020

SUSE entered into a definitive agreement to acquire Rancher Labs.

July 07, 2020

Micro Focus announced AI-powered enhancements to the intelligent testing capabilities of the UFT Family, a unified set of solutions designed to reduce the overall complexity of automating the functional testing processes.

July 07, 2020

Push Technology announced the launch of a new Service API capability for Diffusion Cloud, Push’s Real-Time API Management Cloud Platform.

July 07, 2020

Lightrun exited stealth and announced $4M in seed funding for the first complete continuous debugging and observability platform for production applications.

July 01, 2020

JFrog announced the launch of ChartCenter, a free, security-focused central repository of Helm charts for the community.

July 01, 2020

Kong announced a significant upgrade to open source Kuma, Kuma 0.6, available today.

July 01, 2020

Compuware Corporation, a BMC company, announced new capabilities that further automate and integrate test data and test case execution, empowering IT teams to achieve high-performance application development quality, velocity and efficiency.

June 30, 2020

Couchbase announced the general availability of Couchbase Cloud, a fully-managed Database-as-a-Service (DBaaS).

June 30, 2020

Split Software announced new capabilities designed to accelerate the adoption of feature flags in large-scale organizations.

June 30, 2020

WhiteHat Security announced a discounted Web + Mobile Application Security bundle to help organizations secure the digital future.