Done right the Services oriented architecture (SOA) strategy will Reduce the artificial and unnecessary dependencies and enable flexible interactions. It also improves agility, functionality reuse, and reduce ongoing cost of development, operations, and operational risk.
Below diagram represents an API Services Lifecycle per SOA pattern.
Service Catalog: Hosts a mashup site describing all services (internal vs external, permissible vs non-permissible) and provide API Documentation for all Services. As part of services catalog we will also provide sample clients and examples for all Services.
Service Registry: All SOA (wsdl, xsd, xml and json files) artifacts to be stored as well as referenced through a centralized repository. The registry component will hold references to artifacts. The repository component holds the artifacts themselves. A registry helps in governance because the physical location of the artifact is no longer an issue.
Service Governance: API Certification QA will add a completed SOA check list to already existing functional testing. The details of checklist will include:
- Catalog: Provide documentation & examples to integrate and test,
- Registry: Provide information to discover the api,
- Registry: Provide all required artifacts,
- Registry: Provide Security Policies if different to current implementation and
- Registry: Provide Versioning information (including QA release info)
- Partner On boarding process will provide services access to consuming applications which will require “request to access” and “consumption volume” information to be collected.
- Capacity Planning & Modeling will be triggered based on consumption volume with either new service implementation or new partner/consuming application on boarding.
Service Monitor & Support: Automate production validation test suite and provide reporting both at a technical level (e.g., the number of messages flowing through a service) and at a business level (e.g., the number of customer enquiries for an operation). This also includes support for fraud detection, throttling, rate limiting etc