API SURVEY

We appreciate your time and effort in completing this survey about APIs at your organisation. Your feedback will be used to inform the work of CDDO in setting API guidance and standards for government, and will feed into the work of the Data Marketplace to ensure organisations can share data securely following well defined and standardised approaches

The Survey is a list of questions on API operations, management, strategy, platform usage, governance and security at your organisation.  Please review the questions and provide your responses, there are 36 questions in total, and the majority are multiple-choice so the survey should only take around 20 minutes to complete. 

Your insights and feedback are valuable, and we kindly invite you to share your thoughts and opinions as you complete the survey from your own perspective within your organisation. We optionally ask you to share your email address so that we can follow-up with you if you are able to take part in future research, but any responses you give will be kept anonymous and your email address will not be further shared. 

Many thanks for help

Sign in to Google to save your progress. Learn more
Introduction
Name (optional)
Organisation  *
Profession *

Role 

*
Required
 API PROCESSES

1) How easy is it for a new service to set-up a new API in your organisation?

*
2) Describe the process/or steps for setting up a new API in your organisation?
3) How easy is it for a developer to gain access to an existing API in your organisation?
*

4) From the following list of processes or steps check all that apply when a developer wants to gain access to an API in your organisation?

*
Required
API STRATEGY:
5) Which of the following best describes your organisation's API estate (check all that apply)?
*
Required
6) Which API management technology do you use?
*
7) Where do you plan / expect your API maturity to be in one year’s time?  Check all that apply
*
Required

8)  Which of these statements best describes your organisation’s API programme?

*
9) Is your organisation investing in API Management technology?
*
10) What are the timescales for this investment in API Management technology?
*
11) Give an estimate how long it typically takes to build a new API from conception to delivery on average in your organisation
*

12) Do you collect performance and usage metrics on the use of APIs in your Organisation?

*
13) Which of these API metrics do you typically collect (check all that apply)?
*
Required
14) Do your APIs enforce validation rules?
*
15) How many APIs (both internal and public) does your organisation provide?
*
16) How many public APIs does your organisation provide?
*
17) What is the rough split between internal and public APIs in your organisation?
*
18) Which of the following statements best describes the level of API development capability in your organisation?
*
19) Do you have an API development portal? If so, can you provide a link?
20) Do you have an API catalogue or documentation portal, if so can you provide a link?
21) What metadata do you collect about your APIs, for example: type (REST, RPC, SOAP, etc.), security (access controls, permissions), usage, deployment, scalability,
etc.   (check all that apply)
*
Required
22) Does your organisation enforce standards and patterns around how your APIs are delivered, for example, documentation, validation, etc.?
*
23) How frequently does your organisation carry out external security tests on your
API estate?
*
24) Do your APIs require authentication?
*
25a) Do any of your APIs use basic authentication?
*
25b) Do any of your APIs use API keys for authentication?
*
25c) Do any of your APIs use OAuth2 for authentication?
*
25d) If your APIs are not using Basic, API Keys or OAuth2 for authentication, what other authentication methods are you using? (e.g. SAML, JWT etc.)
25e) If you are using OAuth2, do you define scopes (permissions) for your APIs?
*
26) Do you collect user feedback about your APIs, for example, ease of use, documentation, etc. ?
*
API GOVERNANCE AND SECURITY:
27) What API Governance approaches is your organisation using? (check all that apply)
*
Required
28) How is API security managed in your organisation (check all that apply)? *
Required
API Systems and tooling:
29) How does the process for exposing APIs outside of your organisation differ for external users / developers versus internal users / developers? 
*
30) Do you have any APIs that are used to share data with other organisations and how are these mapped to the underlying data assets you hold?
*
31) Do you automate API testing and deployment? *
32) Which tools do you use for testing APIs? *
API's IN THE DATA MARKETPLACE:

33) Would you expect to search for APIs in the Data Marketplace?  If so, how would you expect them to be surfaced / displayed?

34)  Would you expect to see OAS (Swagger) specifications in the Data Marketplace?

*

35) Would you expect to be able to test out APIs you have found through the Data Marketplace?

*
Final Questions
36) Would you be interested in taking part in further research? (if yes please provide your email address above so we can contact you) *
Submit
Clear form
Never submit passwords through Google Forms.
This form was created inside of digital.cabinet-office.gov.uk. Report Abuse