Scaling API Management

Yappes Technologies Private Limited

Mar 2024 - Current

Figma

Whimsical

Notion

Overview

Yappes is an API lifecycle management platform designed for developers managing high-scale ecosystems. One of my key tasks was implementing the Transformation Policy feature. Established competitors like Kong and Apigee already supported this feature, making it a baseline expectation for enterprise API management platforms.

This capability was introduced as a configurable extension within the existing policy management system, enabling users to modify headers, query parameters, and body content at both request and response levels. The feature was seamlessly integrated into the legacy UI, maintaining design consistency. It was delivered in alignment with the product roadmap, ensuring minimal disruption to engineering velocity while enhancing policy flexibility.

My role in Yappes

Senior UI/UX Designer - Yappes Technologies Pvt Ltd

I led the end-to-end product design for Yappes’ API management system. Building a scalable design system, designing complex features like transformation and advance routing across multiple API protocols.

Ensuring a seamless developer experience through research, consistent cross-platform workflows, detailed prototyping, and rigorous validation via CURL, API tryouts & user flow testing.

Design Sprints Process

Considering timeline and product roadmap, adopted a design sprint structure. This allowed rapid discovery, validation, and iteration while keeping the design effort aligned with engineering sprints and delivery.

Understand

Feature research

Competitive analysis

Stakeholder interviews

Understand

Feature research

Competitive analysis

Stakeholder interviews

Understand

Feature research

Competitive analysis

Stakeholder interviews

Sketch

User flow

Review existing Ideas

Solution sketching

Sketch

User flow

Review existing Ideas

Solution sketching

Sketch

User flow

Review existing Ideas

Solution sketching

Decide

Critique & discussion

Wire framing

Finalise solution

Decide

Critique & discussion

Wire framing

Finalise solution

Decide

Critique & discussion

Wire framing

Finalise solution

Prototype

UI Iteration design

Prototype Flows

Prototype

UI Iteration design

Prototype Flows

Prototype

UI Iteration design

Prototype Flows

Test

User Testing

API Testing

Command-line API Testing

Test

User Testing

API Testing

Command-line API Testing

Test

User Testing

API Testing

Command-line API Testing

Problem statement

How can we adapt the API transformation feature and scale its configuration across APIs without disrupting the legacy UI or adding friction for developers?

As APIs scale, developers need clear, fine-grained control over request and response transformations. Yappes supports basic endpoint-level policies, but scaling this flexibly without adding complexity remains the core challenge.

Focus & Goals

Adding new feature into existing API level policy attachment workflows.
Adding new feature into existing API level policy attachment workflows.
Adding new feature into existing API level policy attachment workflows.
Map new transformation feature flows to reduce friction in policy configuration
Map new transformation feature flows to reduce friction in policy configuration
Map new transformation feature flows to reduce friction in policy configuration
Validate technical and design feasibility of integrating the feature without excessive dev effort.
Validate technical and design feasibility of integrating the feature without excessive dev effort.
Validate technical and design feasibility of integrating the feature without excessive dev effort.
Benchmark gaps between Yappes and competitors to inform scalable new workflows.
Benchmark gaps between Yappes and competitors to inform scalable new workflows.
Benchmark gaps between Yappes and competitors to inform scalable new workflows.

Desk Research

Understanding Transformation feature in API Management

APIs help in communication between two systems or applications. An API management system sits between the client and backend service, acting as a control layer that handles requests, enforces policies, and ensures secure and reliable interactions.

One of the critical capabilities in managing APIs is Transformation. This feature allows platform users to manipulate the data flowing through APIs, ensuring compatibility, security, and clarity between systems without changing the underlying service.

Transformation can be categorised into two types:

Request Transformation - Applied before the request reaches the backend from client.

Response Transformation - Applied after receiving the backend’s response but before it reaches the client.

End-to-End API Transformation Technical workflow

Why Transformation Matters?

Reduces backend dependency. It helps bridge gaps between frontend and backend by adapting data formats, field names, headers, URLs, query parameters, and even HTTP methods all without changing backend logic.

Common use cases include:

  1. Customising payloads for frontend frameworks

  2. Masking or removing sensitive data for compliance

  3. Mapping partner data fields for easier integration

  4. Serving region-specific content based on request metadata

Stakeholder Insights

Understanding what the product needs

To understand the scope and expectations for implementing new feature, interviews were conducted with key stakeholders including the Engineering VP, Backend Engineer, Gateway Engineer and the Frontend Team. The following insights emerged:

Control over parameters to modify headers, query parameters, and body fields.
Control over parameters to modify headers, query parameters, and body fields.
Control over parameters to modify headers, query parameters, and body fields.
reducing developer effort by including reusable & custom transformation templates.
reducing developer effort by including reusable & custom transformation templates.
reducing developer effort by including reusable & custom transformation templates.
Clarity to execution order of policies was crucial to avoid conflicts.
Clarity to execution order of policies was crucial to avoid conflicts.
Clarity to execution order of policies was crucial to avoid conflicts.
Fit seamlessly into the existing policy management interface align with current architectural standards and UI patterns.
Fit seamlessly into the existing policy management interface align with current architectural standards and UI patterns.
Fit seamlessly into the existing policy management interface align with current architectural standards and UI patterns.
Attaching both request and response transformation policies at API endpoint level, Support for all standard CRUD actions on transformation rules, Policy reordering for controlling execution flow.
Attaching both request and response transformation policies at API endpoint level, Support for all standard CRUD actions on transformation rules, Policy reordering for controlling execution flow.
Attaching both request and response transformation policies at API endpoint level, Support for all standard CRUD actions on transformation rules, Policy reordering for controlling execution flow.

Competitive Benchmarking

Industry Approaches to Transformation Features

To contextualise Yappes’ implementation, I benchmarked leading platforms based on API transformation support:

Platform

Platform

Transformation Methods

Transformation Methods

Supported Transformations

Supported Transformations

Implementation Approach

Implementation Approach

Advanced Capabilities

Advanced Capabilities

Resource Link

Resource Link

Kong

Kong

Lua plugins, declarative YAML

Lua plugins, declarative YAML

Header/query/body mutation, method/URI rewrite, request/response transformation, redaction

Header/query/body mutation, method/URI rewrite, request/response transformation, redaction

Built-in plugins, custom Lua scripting, Admin API/YAML

Built-in plugins, custom Lua scripting, Admin API/YAML

Highly scriptable, granular control, custom plugins, support for sync/async flows

Highly scriptable, granular control, custom plugins, support for sync/async flows

https://developer.konghq.com/plugins/response-transformer/#order-of-execution

https://developer.konghq.com/plugins/response-transformer/#order-of-execution

Apigee

Apigee

XML policies, JavaScript, XSLT

XML policies, JavaScript, XSLT

XML to JSON, payload/parameter manipulation, format changes, complex message mapping

XML to JSON, payload/parameter manipulation, format changes, complex message mapping

Declarative XML policy chains, JS/XSLT for custom logic

Declarative XML policy chains, JS/XSLT for custom logic

Enterprise tooling, chained policies, fine-grained message shaping, built-in analytics

Enterprise tooling, chained policies, fine-grained message shaping, built-in analytics

https://docs.apigee.com/api-platform/reference/policies/xsl-transform-policy

https://docs.apigee.com/api-platform/reference/policies/xsl-transform-policy

AWS API Gateway

AWS API Gateway

VTL (Velocity Template Language) mapping

VTL (Velocity Template Language) mapping

Header/query/body mapping, REST/WebSocket conversions, data enrichment, context variables

Header/query/body mapping, REST/WebSocket conversions, data enrichment, context variables

VTL mapping templates attached to API resources

VTL mapping templates attached to API resources

Deep AWS integration, real-time variable injection, supports complex payloads

Deep AWS integration, real-time variable injection, supports complex payloads

https://docs.aws.amazon.com/apigateway/latest/developerguide/rest-api-data-transformations.html

https://docs.aws.amazon.com/apigateway/latest/developerguide/rest-api-data-transformations.html

Tyk

Tyk

Middleware, dashboard UI, plugins

Middleware, dashboard UI, plugins

Body/headers/URL transform, method rewrite, validation, async transformation

Body/headers/URL transform, method rewrite, validation, async transformation

Low-code dashboard, middleware scripting (JS/Go), config

Low-code dashboard, middleware scripting (JS/Go), config

Visual + programmable, OAS support, async flows, real-time analytics, endpoint-level

Visual + programmable, OAS support, async flows, real-time analytics, endpoint-level

https://tyk.io/docs/api-management/traffic-transformation/request-body

https://tyk.io/docs/api-management/traffic-transformation/request-body

This benchmarking reveals common trends in how transformation is handled.

  • Platforms support a mix of declarative and programmatic (script-based) approaches.

  • Most provide transformation at multiple levels API, route, service, or environment.

  • Common scopes include header, query param, and body manipulation.

  • These findings informed architectural strategies by strengths like plugin flexibility, declarative control, and interface clarity.

Insights & Challenges

Insights from understand phase

Key transformation areas include headers, query parameters, and body content at both request and response levels.

Key transformation areas include headers, query parameters, and body content at both request and response levels.

Script-based policies improve flexibility while reducing developer effort.

Script-based policies improve flexibility while reducing developer effort.

Developers want simple configuration, live previews, and reusable templates to streamline major transformations.

Developers want simple configuration, live previews, and reusable templates to streamline major transformations.

Platforms like Kong, Apigee, AWS, Tyk, and Postman handle this differently using plugins, XML flows, templates, and scripting.

Platforms like Kong, Apigee, AWS, Tyk, and Postman handle this differently using plugins, XML flows, templates, and scripting.

Engineers prioritise clear policy sequencing, inline validation, and field-level control.

Engineers prioritise clear policy sequencing, inline validation, and field-level control.

Product focus on scaling within the current UI while maintaining high development velocity.

Product focus on scaling within the current UI while maintaining high development velocity.

Key Challenges

  • API developers

  • consumers

  • platform admins

  • owners

  • community managers each with distinct expectations around visibility, control, and responsibility

  • API developers

  • consumers

  • platform admins

  • owners

  • community managers each with distinct expectations around visibility, control, and responsibility

Controlling execution order and avoiding transformation errors through safeguards and validations.

Controlling execution order and avoiding transformation errors through safeguards and validations.

Making policy attachment workflows consistent across API types (REST, SOAP, GraphQL, WebSocket) and scopes (API-level, subscription-level).

Making policy attachment workflows consistent across API types (REST, SOAP, GraphQL, WebSocket) and scopes (API-level, subscription-level).

Adapting existing gateway policy logic within constraints of a legacy design system.

Adapting existing gateway policy logic within constraints of a legacy design system.

Maintaining high development velocity despite limited engineering bandwidth by maximising design system reuse.

Maintaining high development velocity despite limited engineering bandwidth by maximising design system reuse.

Leaders focused on scaling within current UI and keeping dev velocity high.

Policy management system

Current gateway policy management system

  1. The API Gateway manages policies at both the API and subscription levels.

  2. When a request is made, the gateway checks for any attached policies like routing, load balancing, mocking, or caching before forwarding the request to the backend.

Each feature is configured using policy settings. These reusable configurations are applied to APIs to ensure consistent, automated handling of requests and responses.

Solution Sketching

Flow for Transformation Policy Attachment

This flow outlines how users navigate from selecting an API to configuring request or response transformations within existing policy workflows.

Wireframes

Detailed IA & wireframe flows

Finalise Solution

Final Design

The solution was refined through multiple product and engineering reviews to validate ideas, flows, and wireframes.

Creating and attaching multiple transformation policies per endpoint

Reordering policies to control execution flow

Supporting header, query, and body transformations for both requests and responses

Preventing errors through validations and smart configuration controls

Enabling advanced use cases with script-based body transformations

This approach balanced flexibility with usability while maintaining development velocity and UI consistency.

Testing Phase & Validation

Testing transformation feature

The transformation feature was validated through a two-step testing process.

  • First, UI-level testing was conducted to verify configuration flows, edge cases, and error handling.

  • Next, API-level testing was performed using API try-out tools and curl to ensure the transformations really occurred at gateway level.

Both UI and API test results were reviewed collaboratively with engineers to confirm correctness, performance, and alignment with backend behaviour. This validation ensured that transformations configured and executed correctly at the gateway level.

Key Learning

This project deepened my understanding of designing complex, system-level features within an enterprise API management platform.

Introduced new capabilities without disrupting existing workflows, UI patterns, or developer mental models.

Introduced new capabilities without disrupting existing workflows, UI patterns, or developer mental models.

Introduced new capabilities without disrupting existing workflows, UI patterns, or developer mental models.
Balanced script-based flexibility with approachable configuration for advanced use cases.

Balanced script-based flexibility with approachable configuration for advanced use cases.

Balanced script-based flexibility with approachable configuration for advanced use cases.
Designed clear policy sequencing and inline validation to prevent transformation errors.

Designed clear policy sequencing and inline validation to prevent transformation errors.

Designed clear policy sequencing and inline validation to prevent transformation errors.
Built consistent workflows across API types, scopes, and protocols while maintaining development velocity.

Built consistent workflows across API types, scopes, and protocols while maintaining development velocity.

Built consistent workflows across API types, scopes, and protocols while maintaining development velocity.

Note

Designing API management features showed the importance of combining technical understanding with clear, scalable UX, turning backend logic into intuitive workflows.

At Yappes, I’ve delivered and tested over 16 platform features in the last two years, gaining hands-on knowledge of API behaviour, gateway operations, and real-world usage patterns.

Let's connect and build something great.

Contact me

Thank you for scrolling!

Let's connect and build something great.

Contact me

Thanks you for scrolling!

Let's connect and build something great.

Contact me

Thank you for scrolling!

Home

Projects

Contact

Projects