API Management Best Practices

In this Article


This article describes various sets of best practices for using SnapLogic API Manager. The content is broken up into two sections and intended for the following audiences:

Architectural Best Practices

As an IT administrator, you have many options for deploying SnapLogic API Management. In this article, we summarize the network preparation required for the components that comprise the SnapLogic API gateway and provide an overview of each deployment architecture. This section applies to both using the API Policy Manager for Projects in Manager as well as API Policies applied to APIs in API Manager. Most API Management operations happen in the Control Plane and Snaplex nodes. Both types of Snaplexes – Self-managed (Groundplexes) and SnapLogic-managed (Cloudplexes) – are supported.

At least one JCC node is required for your APIM Snaplex. FeedMaster nodes are optional.

Network Preparation

Connectivity to the Snaplogic Control Plane

Your Snaplex makes outbound HTTPS requests to the SnapLogic Control Plane. A Self-managed Snaplex must be configured to communicate with the Control Plane over the HTTPS port 443. You also need to add SnapLogic component IP addresses to your network outbound allow list. Learn more about https://docs-snaplogic.atlassian.net/wiki/spaces/SD/pages/2685698099/Groundplex+Network+Setup?src=search.

Network Setup around your self-managed Snaplexes

We recommend using a load balancer in front of your self-managed Snaplexes. Learn more about load balancer requirements for running Triggered and Ultra Tasks on self-managed Snaplexes.

For greater control over outbound communication with the SnapLogic Control Plane, you can also deploy https://docs-snaplogic.atlassian.net/wiki/spaces/SD/pages/337772842.

FeedMaster Node Configuration

If you plan to include Ultra Tasks in your APIs, you must have a FeedMaster node in that Snaplex. The SnapLogic-managed Snaplex includes FeedMaster nodes, but you have to configure the FeedMaster node for a Self-managed Snaplex. Learn more about deploying FeedMaster nodes and deployment architecture for Ultra Tasks.

Triggered and Ultra Tasks

Calling Triggered and Ultra Task URLs from outside the SnapLogic domain requires https://docs-snaplogic.atlassian.net/wiki/spaces/SD/pages/1438214.

Deployment Architectures

API Manager supports multiple deployment architectures.

One self-managed Snaplex with a load balancer

API Policies and APIs run on a Self-managed Snaplex (Groundplex). The load balancer manages requests to the Snaplex nodes. This deployment is the simplest but might be the most vulnerable to security threats.

A SnapLogic-managed Snaplex with a load balancer and a Self-managed Snaplex with a load balancer

In this deployment, API Policies run on the SnapLogic-managed Snaplex (Cloudplex). The first load balancer routes the request from the client to the SnapLogic-managed Snaplex. After the policies accept the request, the second load balancer forwards the API to the Self-managed Snaplex(Grounplex), where the API is processed. This architecture offers the best combination of security and performance.

Pipeline Execute on a SnapLogic-managed Snaplex triggers APIs on a self-managed Snaplex

A Pipeline Execute Task runs on a SnapLogic-managed Snaplex (Cloudplex) where API policies are run. The child pipelines run on a Self-managed Snaplex (Groundplex) that processes the API request. This deployment provides a similar layer of security as the second deployment architecture, but performance would be affected by the heavy latency caused by the routing of requests through the Control Plane.

Self-managed Snaplexes behind a firewall

This deployment architecture is customer-defined and avoids the Control Plane when routing requests. Access to Self-managed Snaplex (Groundplex) nodes can be made as restrictive as needed.

Self-managed Snaplexes in the Cloud in front of and behind a firewall.

This deployment would offer the flexibility of using Cloud services for your Self-managed Snaplex nodes and some of the performance optimization of the second deployment architecture. Load balancers would route traffic to the Snaplex nodes in front of the firewall to run API policies. The Snaplex nodes behind the firewall would process the API requests.

General API Best Practices

Naming Endpoints

  • Use nouns instead of verbs for URI endpoints.

  • Pluralize all resources.

  • Use a comma to punctuate lists.

  • Enable query parameters to sort or filter information.

  • No special characters

  • Use lowercase

  • No abridgments

  • Avoid jargon; use intuitive terms.

  • Do not add a trailing forward slash to your URI

  • Do not use file extensions