Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Share your experience with the FAS IT-Playbook by taking this brief survey

API Exchange

The Application Programming Interface (API) Exchange offers a platform for application teams to configure, expose, and operate an API for consumption by identified users. The API Exchange enables customers to access and use those APIs to develop their own software applications and products, increasing productivity and reducing the amount of duplicative API development.

API Solution Overview

Offers a platform for application teams to host and operate an API for consumption by identified users. The API Exchange enables customers to access and use those APIs to develop their own software applications and products.

API Solution Overview

Key Capabilities

API Options:

  • Supports SOAP and REST APIs; Message Mediation (supports JSON and XML Transformations).
  • Capability Details: API Exchange supports multiple types of APIs (and API components) to support a greater audience.

Maturity:

Fully Optimized

API Security:

  • Offers API key management, API authentication, API activity logging, and automation of security requirements.
  • Capability Details: API Exchange provides secure authentication and access options for their providers via our secure gateway. This support is currently being provided directly by the API Exchange team, but in FY24 there is a target to grant API Providers direct access to the UI allowing them to manage and configure their APIs as needed.

Maturity:

Early Adoption

API Analytics:

  • API Analytics allows access for API Providers to reports on API performance and usage.
  • Capability Details: Analytics is a dynamic reporting capability offered in WSO2 deployed for API Exchange Providers to access metrics about their APIs.

Maturity:

Common Service

Rate Limiting:

  • Protects API endpoints from harmful effects, such as denial of service, cascading failure, or overuse of resources.
  • Capability Details: Customers can request an increase in limits for short term performance testing, etc.  API Exchange monitors rate limiting as well and alerts Providers to excessive limits. 

API Publisher:

  • Allows the Provider to create and publish APIs within API Exchange.
  • Capability Details: Create API proxy. API Exchange has implemented a custom API lifecycle to facilitate the adherence to API standards and GSA security requirements. Upon approval, Providers can publish their APIs, making them available to consumers.

Maturity:

Common Service

Key Outcomes

Reduces IT costs

Using a pre-configured framework in a scaled, resilient, and secure environment eliminates redundancies, improves productivity, and minimizes the need for custom development and maintenance, ultimately leading to reduced IT costs.

Enables business agility

The API Exchange enables rapid integration, collaboration, and API innovation, empowering a flexible and agile foundation for business mission delivery.

Provides a secure environment

Leveraging robust security measures, the API Exchange ensures APIs and data are protected against unauthorized access, attacks, and vulnerabilities—enabling customers to maintain the integrity and availability of their systems.

Standardizes technology

A centralized reference point for APIs leads to a unified approach to API development, integration, and governance, helping to reduce licensing and labor costs and achieve consistency, interoperability, and reusability across systems.

Enables e-commerce

By providing seamless integration and scalability, customers are empowered to deliver enhanced e-commerce experiences while driving business growth.

API Profiles

API Provider

Throughout GSA, there are application teams hosting backend services. If an application team does what is necessary to utilze the API Exchange to proxy their backend service, that application team can now be described as an “API Provider '' within the API Exchange.

API Consumer

An API Consumer is an application team whose application utilizes an API through the API Exchange’s API gateway.

API Exchange Team

The API Exchange team supports a platform for Providers to expose and operate an API for consumption by Provider-approved consumers.

Become a API Provider

Any new Provider to API Exchange must go through a formal vetting process to determine needs, priority, and security fitness to host in FCS.

If interested, complete a New Feature Request in Jira Service Management and you will be contacted by the FCS team with next steps.

The Cloud Advisory Working Group (CAWG) will assess the requirements via the API Onboarding Questionnaire and then get back to you with a recommendation on the best solution and next steps. 

New Feature Request

Related Topics

A shortcut to related topics for FCS tenants!

Get Cloud Services

Learn how you can get onboard to FCS with a detailed user journey.

Tenant Onboarding Questionaire

Cloud Economics

Get a sense of the costs models you’ll encounter and value when moving to the cloud.

Cloud Plays

Cloud Plays are endorsed, referenceable, and consumable sources of guidance providing a path for implementing a specific solution.