đź” Want to get alerted when your API stops working?
Go to Better Uptime and start monitoring your endpoints in 2 minutes.
API monitoring is an automated way of checking whether an API is functioning correctly. When API encounters issues with authentication, redirects, or returned content, the API monitoring spots the issue and alerts the right person on the development team.
Go to Better Uptime and start monitoring your endpoints in 2 minutes.
The API monitoring process works by sending automated
HTTP requests
requests at a pre-defined frequency to the desired URL and checking for the
desired response. Depending on the API’s use case a corresponding HTTP code is
sent (usually a GET
, POST
, PUT
or PATCH
). For requests with parameters,
a specific request body can be added to the checks as well. The pre-defined
frequency depends on the specific user need but generally ranges anywhere from
30 seconds for business use-cases up to 10 or more minutes for hobby projects.
The desired response from the API endpoint is usually the 200 OK
HTTP response
code (other codes might be applicable as well in specific cases). To assure the
correct function the response can be checked for a desired keyword, like a
specific parameter for example.
The authentication is automatically monitored as well since every request includes some form of user credentials. The two main authentication methods are Basic access authentication (this includes the HTTP authentication username and password) and Bearer token authentication (this includes the Bearer token). Similarly, the redirects are monitored and if there is an error along the way an API incident is created and the API monitoring tool starts alerting according to the on-call calendar.
An API incident is a period of time during which a given API service is unavailable or not functioning properly. Any users that are trying to use the API during the time of the incident will either receive an error or a wrong message.
An API incident can be also a situation where the request sent by the monitor doesn’t receive a response in a given time frame. The request timeout can be anywhere from 5 seconds to 1 minute, depending on the priority of the monitor.
After an incident is spotted by the API monitor it needs to be communicated to the service admins. This process is called incident alerting or on-call alerting. This is because, in case of an incident, the person from a team who is currently on-call (has scheduled duty) receives the incident alert.
The most common types of getting alerted by an API monitor include automated phone calls, SMS, Slack, and Microsoft Teams messages. Ways of alerting depend on factors like the importance of the monitored service, time of the day, and team preference.
API alerts include information about what API check went wrong and when. It also
includes information about the error that triggered the incident, specifically
the received response. This can be a simple error message (like
401 Unauthorized error
) or a regular API response, that is just missing the
desired content.
API alerts also include a call to action for the on-call person to take. Those usually include the option to acknowledge the incident or to view the incident.
After an alert is received it should be acknowledged immediately. If the alert is not acknowledged in a specified time frame (usually 3 minutes), the person next in line on the on-call duty is alerted. This process could continue further until the whole team is alerted. The best practice however is to have the on-call schedule set up in a way that the first team member is always ready to solve incoming incidents.
Once the incident is acknowledged the escalation process is paused and the team can fully focus on solving it. The speed by which an alert is acknowledged is called Time to acknowledge (TTA). Its average from different incidents called Mean Time to Acknowledge (MTTA) is a widely used incident management metric.
The next steps in the downtime resolution process are individual to different teams and apps. For larger teams, they can include collaborations between a few developers or even teams of developers, delegations of incidents to dedicated team members, and more. There are some best practices that should be used by all teams managing incidents. These include incident communication (both internal and external) and incident post-mortems.
Businesses that provide API functionality to their users can use API monitoring to make sure that their service is working correctly. Since API monitoring is a fully automated process that can run as often as every 30 seconds. The best-case scenario is that, any incidents are fixed quickly, keeping the number of affected users to a minimum.
API integrations like payment processing, site search, recommendation plugins, CRMs or analytics are integral in many modern applications.
Monitoring their functionality is necessary to accommodate for any performance degradations or downtime incidents. Monitoring them is also essential in both incident communication to your users and holding your vendors accountable. Although some vendors have public status pages, like status.stripe.com it's always better to double-check.
Service level agreements (SLAs) are an essential part of enterprise offerings for many software businesses. Outbidding a competitor with better availability can play a decisive role in the sales process.
Vendors can use uptime monitoring to arm themselves with data showing adherence to their SLAs. While their clients can do the same to get paid penalties when the SLAs are not adhered to.
By consistently running over a long period of time API monitoring gives a unique insight into apps performance - specifically availability and latency. This set of historical data allows to benchmark against competitors or older versions of the same apps or products.
API monitoring is an important part of the synthetic monitoring toolbox for anyone with a public API. When it comes to website monitoring, API checks are ideally accompanied by regular uptime monitoring as well as SSL certificate checks and domain expiration checks to prevent any security issues or loss of valuable business assets respectively.
Synthetic monitoring also offers monitoring options like checking specific ports, DNS or Transaction monitoring. Check 22 synthetic monitoring tools we have tested ourselves.
Better Uptime is an infrastructure monitoring tool
that offers API monitoring. Here is how to get notified whenever an API URL
doesn’t return response for GET
request including the word data
.
data
) in the Keyword to find in page inputFor more information, explore Better Uptime docs.
Are you a developer and love writing and sharing your knowledge with the world? Join our guest writing program and get paid for writing amazing technical guides. We'll get them to the right readers that will appreciate them.
Write for usWrite a script, app or project on top of Better Stack and share it with the world. Make a public repository and share it with us at our email.
community@betterstack.comor submit a pull request and help us build better products for everyone.
See the full list of amazing projects on github