본문으로 건너뛰기

Introduction

What is the APIM System?

The APIM (API Management) system is an integrated platform designed to manage the full lifecycle of APIs and Gateways across enterprise environments. It provides a centralized set of tools for creating, modifying, publishing, testing, securing, and monitoring APIs. Rather than being a generic API management solution, this APIM system is tailored to support complex organizational structures, multiple business domains, and a microservice-based architecture.

Key components and capabilities include:

  • API Resource Management: Create and manage API definitions, documentation, ownership, and lifecycle policies.
  • Multi-Gateway Support: Define and operate multiple gateways, with each project limited to a single gateway, enabling scalable and isolated API environments.
  • Project-Based Isolation: Each project serves as an independent unit with its own APIs, members, and permissions, while still governed under centralized control.
  • API Policy Management: Apply centralized policies related to network, security, and traffic mediation to all APIs.
  • Developer and Consumer Support: Provide self-service tools for internal and external developers to access, test, and request API usage through the Developer Portal.
  • Logging and Monitoring: Analyze API request/response logs, track system usage, and identify risks using built-in monitoring features.

The Purpose of APIM System

As enterprise systems transitioned to a Microservice-based architecture (MSA), the number of APIs rapidly increased and became decentralized across services. This resulted in several operational and governance issues:

  • Each microservice required individual setups for authentication and security, increasing operational overhead.
  • With more APIs being created, management became fragmented and difficult to scale.
  • Different departments used inconsistent tools and formats (e.g., Excel, PowerPoint) for documenting and sharing API information.
  • API keys and tokens were often distributed manually via email, posing security risks.
  • Service quality, policy enforcement, and security standards varied across teams, reducing overall API reliability.

These challenges highlighted the need for a unified platform that could support both centralized governance and decentralized development. The APIM system was designed to solve this problem by enabling structured, secure, and efficient management of all APIs and gateways in the enterprise.

Key Benefits

The APIM system improves both API quality and operational efficiency. Its key benefits include:

  • Unified Lifecycle Management: Offers end-to-end support for API creation, testing, publishing, documentation, versioning, deprecation, and monitoring—all within one system.
  • Multi-Gateway Control: Allows organizations to deploy separate gateways, with each project limited to a single gateway, supporting service isolation and role clarity (R&R separation).
  • Centralized Governance: Manages all API policies, access rights, and quality standards consistently across teams and services.
  • Secure Access Control: Enforces permission-based API key/token issuance and usage, reducing exposure to security vulnerabilities.
  • Efficient Documentation & Publishing: Standardizes API documentation based on Swagger 2.0, with built-in editing and publishing tools to reduce manual effort and errors.
  • Open API Support for Business Growth: Enables controlled exposure of public APIs to external partners, expanding service reach and accelerating innovation.
  • Adaptability to Business Needs: Can be deployed in various infrastructure environments (private/public), and configured to meet specific business requirements for internal and external API consumers.
  • Resolving Microservice Architecture Issues: This has the effect of preventing code duplication and enhancing quality consistency via a multi-gateway approach.

In short, the APIM system helps enterprises improve development agility, strengthen API security, and enforce consistent governance across the entire API ecosystem.