API Gatekeeper
The problem
As the City of Philadelphia’s open data strategy matures, investing time in building out the infrastructure to support public facing APIs becomes essential. As an increasing number of departments create and release APIs to the public, access, security, and management needs grow. Ease and trust are essential to create an environment where departments can feel secure in their releases, and encouraged to publish more APIs. These are the components that will be used to develop maps, apps and services that take the city’s data and add value to users throughout Philadelphia.
Open-source approach
Gatekeeper was originally a response to an RFP from the City of Philadelphia on their Big Ideas PHL for low cost technology projects. As part of our proposal, Jarvus delivered an open source prototype, with the proposal of joint contribution to an open source project Jarvus had already started. Pursuing this component of API strategy with a local technology partner has enormous benefits for the City - it helps underscore the value of open data to local companies that are invested in our community and want to make our city better. The City embraced this strategy, and has since received requests from other cities to use it as part of their API infrastructure. Additionally, the City has moved forward with the release of new data sets and new APIs.
The solution
Gatekeeper is an API management solution that serves as the portal for the City of Philadelphia’s growing collection of open data APIs. Gatekeeper serves as the user-friendly middleman for centralized releasing and managing of APIs, rate limiting, caching, key management, banning, logging, and analytics. Currently in the 4th phase of development, Gatekeeper has been live for over 8 years and handles hundreds of thousands of transactions per day. The 2nd release exposed Gatekeeper to the public as a developer portal for users to search, browse, and explore APIs. Gatekeeper provides documentation and an internal console view documentation and test APIs. Gatekeeper enables users to easily make API calls, view results, copy parameters, and quickly get up and running with the City’s APIs.
The City of Philadelphia has consistently described Gatekeeper as one of their most stable and cost-effective pieces of infrastructure.
Open data & API strategy
Gatekeeper is built to enable municipalities to further their open data policies with robust infrastructure to:
- Provide a single place for a City to publish & present APIs cleanly
- Create a consistent namespace under one central domain, regardless of vendor or hosting system.
- Install a layer of sovereignty over vendors in presenting APIs to the public. Gatekeeper allows the City to make changes behind the scenes without affecting public.
- Provide alerts, uptime monitoring, metric tracking, and key authentication. Gatekeeper actively pings APIs to make sure they are online and available, alerts users when down, and notifies staff. Every user gets an API key for the City to send out alerts in case of changes. This helps the City know who is using what, and warn in case of changes.
- Rate limit to protect internal departments from abuse. Gatekeeper saves & reduces traffic by caching in the middle, which has saved 97% of internal server bandwidth on certain APIs. When an API call is proxied, the system doesn’t make database calls (all in memory), makes database calls after fills request for user. only adds 5 ms per request. sits in between / handle lots of traffic without slowing down.