VMware Tanzu


Transforming the enterprise developer experience

UX Research

Interface Design


Frontend Coding

Customers adopting a microservices architecture to improve their agility are not able to expose and manage APIs across multiple platforms efficiently.

API Hub provides them consistent and reliable approach for exposing APIs to consumers, allowing development teams to maintain the flexibility they need through self-service.


API Hub aggrergates APIs from multiple Spring Cloud Gateway instances across multiple platforms.


Initial Release

​To give API consumers a place to discover and securely access available APIs across their organizations.

​To give API producers a place to manage access to their APIs.

Research Methods

Contextual Inquiry

User Interviews

We interviewed enterprise developers from several top companies to gain a better understanding of their frustrations, as well as work arounds they developed. 

Innovation Games

To help us learn which API metrics we should expose, we facilitated an activity called Buy-a-feature with 5 users. We gave each a budget and had they work together to buy the metrics they valued most. 

Understanding the Tools

I learned to use the underlying technology called Spring Cloud Gateway to understand the end-to-end experience developers yet through to expose their APIs.

Support Team Interviews

In order to get a wider perspective of the market, we interviewed VMware field support engineers. Through these interviews we learned about our customer's organizational constraints and architectual roadmap.


What we learned

API Documentation

API documentation formatting is often inconsistent between products, making it difficult for consumers to understand.

API Keys

Because the process of obtaining an API keys is slow and painful, API consumers often share keys to avoid having to wait. This is not something they want to do, but feel it’s necessary in order to get things done quickly.

API Observability

Many customers have limited API metrics available and therefore cannot easily identify usage or performance issues. 



We conducted three rounds of prototype tests which revealed several key insights. 

  • API consumers expect quick access to API documentation in a format that feels familiar, like OpenAPI. Networking details, header filters, and request predicates are far less relevent. Therefore, we removed this information and generated API documentation within our app.
  • Regenerating an API key is much more secure than reactivating an inactive API key. Therefore, we removed active/inactive status.

APIs are categorized in a way that makes sense for the user. We discovered that users would expect to search by API teams responsible for a business function. 

We use the industry-leading OpenAPI specification to document all APIs. Using this format, users can quickly read about security configurations, response codes, and even test endpoints to understand how they work.

As an API manager, users can see who is accessing their APIs with this list of keys generated by consumers. API manager can also create their own keys to integrate with another team services or test their own.

API consumers can easily create keys using a wizard. Keys can only be used for one API group. This makes managing keys much easier and more secure.

Erick Arias


© 2023 Erick Arias