Saas API Manifesto

I have been thinking a long time about what makes a product offering Enterprise. I think when it comes to a SaaS offering that you plan to bundle with SaaS services these are the key items:

Full API

All the features for creating, editing and managing data that are exposed in the web app should also be accessible via the API.

Support Nested Objects, Don't Expose Tables

Many times objects require nested objects to be create, as is the case for most orders. In these cases the API provider should support object creation via nested objects and not require the developer to make a batch of calls. For example, if you were creating an API for placing an order. Don't require the API user to make 5 distinct calls to create a user, address, attach a product and attach a payment method. This could be handled with a workflow call that works a lot like your web app would work. It takes the whole order object in and creates any nested objects.

Multi-user

The product must support multi-users and depending on the application you should allow different roles. The role of account owner should be transferable. People come and go from companies and account owners change. Additionally there should be a login for the accounting team to be able to update the payment info and review past invoices.

Multi-environment

If you are building a system that is transactional or will integrate with other systems giving users the ability to create multiple environments is critical. While offerings like stripe that have a test and live environment are super-helpful, being able to spin up new environments for special projects is very helpful.

Environment Replication

Hand in hand with the multi-environment requirement is the ability to sync data between environments is an important developer tool. This allows business users or developers to setup a complicated data set and move it from a staging or production environment to a development or test environment for testing.

Logging

All API calls to the API should be logged with full request and response headers and bodies. These logs can be truncated to save space, but the truncation should be rolling.

Documentation

All API endpoints should be documented with clear example calls and responses. Additionally if a user is logged in show them the docs with their API keys automatically interspersed. Curl examples are the lingua franca of APIs. Be sure to include any required headers in your curl examples.