Financial Services

A leading banking company

API First program

Context

As part of the implementation of its API First program, Astrakhan was asked by a leading international banking company to strengthen its team of API architects and select an API design tool at scale.

Our achievements

  • Set up an API repository, golden source of all known APIs or those under development
  • Made an inventory of legacy APIs and build a remediation roadmap
  • Supported the implementation of an integration architecture with the API Management solution
  • Defined, developed and ensured compliance with API design best practices and security
    • API evangelization with business and technical teams
    • Execute and improve the API Governance process
    • Ensure compliance with security standards within the API perimeter
    • Introduction of new API security audit practices and tools (e.g. Dynamic Application Security Testing)
  • Managed API design development teams with heterogeneous profiles
  • Benchmarked API design tools at scale
    • Facilitated design adapted to different designer profiles
    • Accelerate the creation of APIs in accordance with established best practices
    • Structured and scalable collaborative development environment
    • Automated handling of data model definition
    • Acceleration of the technical and functional validation process of the API design
    • Support of market standards (Open API 3.X, AsyncAPI, GraphQL, gRPC…)
    • Integration in a DevOps tool chain
  • Deployed the chosen solution
  • Helped the teams learn how to use and adopt the chosen API design tools

Client Benefits

Our work is part of an approach to support our client in its API First development strategy, including:

  • Improvement of the API Provider/Consumer journey during the onboarding phase on the API Management solution
    • Time saving on the design phase thanks to reusable assets
    • Introduction of graphical design to facilitate design for business teams
  • Development and business teams better aware of the challenges of APIs and the importance of respecting governance rules
  • Production of APIs that comply with security standards validated by the Group’s Security Expertise unit
  • Improved API security by strengthening the vulnerability detection system

Our added value

  • Astrakhan has certified architects with experience in API design and security
  • Use of acceleration tools such as our benchmarking approach and the DAST Framework
  • Astrakhan has contributed with its experience in DevOps on the integration of API design tools to a CI/CD chain