API Topology
Topology gives you a complete view of your API landscape. Every API — produced or consumed, internal or external — is mapped, tracked, and connected.
What You See
Section titled “What You See”The topology view shows your entire API inventory:
| Dimension | What It Tracks |
|---|---|
| API catalogue | Every API in your tenant — name, version, owner, lifecycle stage |
| Dependencies | Which APIs call which other APIs (aggregator pattern) |
| Lifecycle stage | Prospect → Active → Deprecated → Retired |
| Exposure | Internal, Partner, Public — who can see and subscribe |
| Gateway | Which gateway instance serves each API |
| Business function | Which organisational capability each API serves |
Dependency Mapping
Section titled “Dependency Mapping”When a produced API depends on a consumed API, Apiway tracks the relationship:
- Blast radius — If API X changes, which downstream APIs are affected?
- Cost attribution — The consumed API’s cost rolls up to the produced API’s margin
- SLA alignment — If a dependency has a worse SLA than the produced API, it’s flagged
- Zero trust enforcement — Dependencies are verified at runtime via the gateway’s
DependencyCheckStage
Lifecycle Visibility
Section titled “Lifecycle Visibility”Every API moves through defined stages:
| Stage | Meaning |
|---|---|
| Prospect | Uploaded, undergoing review — not yet deployed |
| Active | Deployed and serving traffic |
| Deprecated | Still serving but scheduled for retirement |
| Retired | Deactivated, no longer available |
The topology view shows the distribution across stages — how many APIs are active, how many are ageing, and which are candidates for retirement.
Shadow API Detection
Section titled “Shadow API Detection”APIs that exist in code but aren’t registered in the topology are “shadow APIs” — they bypass governance, metering, and security. Apiway’s compliance service detects endpoints that don’t match any registered API specification and flags them for review.
Consumed APIs
Section titled “Consumed APIs”External APIs you consume are part of your topology too. When you onboard an external API through the consumer pipeline, it appears in the topology alongside your produced APIs — with its own metering, compliance, and budget controls.
This gives you a single view of your entire API landscape: what you build, what you consume, and how they connect.