API Auto-discovery function is based on CDNetworks defined API recognition model, detecting the request features of the request side and response side in real time, aggregating APIs automatically and extracting the interface styles. At the same time, the intelligent model could statistically analyze the details of each API, such as request trends, response status codes, request methods, etc., and automatically identify parameter assets. Finally, a complete API parameter inventory will be generated from API list.
Function Start and Stop
Navigate to APIs > API Discovery sub page.
Start Discovery: Enable Start Discovery function. After enabling the function, start analyzing and detecting API feature data in traffic. If the function is kept enabled, the latest discovery results of API list will be updated regularly (every half hour).
Enabling API Discovery for the first time requires some time for learning. For interfaces with strong API features, inventory identification results can be observed after half an hour of activation. For suspected APIs, a 5-day historical traffic log is required to support learning.
Stop Discovery: Stop Stop Discovery function. After stopping the function, the API list discovered in history will be retained and can be viewed directly when the API Discovery function is reactivated.
API List
Query Criteria
Support queries based on hostname granularity and API base paths, where API Base Path supports multi keyword fuzzy search.
API List Information
Support viewing the Hostname, API Base Path, First Discovery Time, Last Discovered Time, and 24h Requests (24-hour call volume of automatically discovered API assets). At the same time, each API can further expand to view request call statistics and request parameter characteristics.
- API Base Path: Display the call path of API endpoints. For endpoint paths containing path parameters, the analysis engine will standardize and aggregate API paths, automatically extract path parameters, and display them according to the aggregated paths.
- First Discovery Time: The time when this path was first identified and determined as an API in the traffic data.
- Last Discovery Time: The latest active time of this API in traffic data.
- 24h Requests: The number of API requests made 24 hours before the current time.
- Status:
- Defined: An API that already exists in the API Definition.
- Pending: An API that does not exist in the API definition.
- Action:
- Create: Click to jump to the new API configuration page and automatically bring in basic information such as domain name and endpoint path to quickly add the discovered API to the API definition.
- Error Feedback: Non API assets can be reported, and the reported API will be removed from API Discovery.
API Details
Click the expand/collapse button in front of each API in the API list to view/collapse the statistical analysis data details of the API.
- Request Overview: Analyze and statistically analyze data such as request trends, response status codes, and callable request methods for each discovered API.
- Requests Distribution: Support viewing discovery and update times, as well as the call trend of the API within the past 30 days.
- Request Method: Support viewing the number and proportion of method calls requested by the API within the past 30 days.
- Status Code: Supports viewing the number and proportion of responses to the API’s status code within the past 30 days.
- Request Parameter Feature: Conduct in-depth analysis of the parameter inventory for each discovered API. The scope of parameter asset identification includes Query String parameters, Cookie parameters, HTTP Header parameters, and Request Body parameters. When the request body is in JSON format, it supports identifying the JSON template and nesting level corresponding to the parameter.