Admin API Dashboard

[WillieCubed]

Purpose

From a maintainer/system administrator perspective, there needs to be a means of seeing certain metrics about the API to ensure a high level of service and easy means of modifying the static data served by the API.

Features

Off the top of my head, I think an admin for a Nebula API instance should be able to:

• See all users with API access granted to them
• Revoke API access to a user
• See the total volume of requests to the API
• See unexpected errors in requests
• Manually CRUD API data like course information

Seeing as this is a massive component of the project, I'll ask other @UTDNebula/api-platform maintainers: what should be in this API dashboard?

[CharlieMahana]

Everything that you have covered is a core part of an API admin dashboard. The four most important things that the dashboard needs to include are authentication/authorization management tools, graphical visualizations of net as well as per endpoint API usage metrics, detailed error logging and notifications, and the ability to manually insert, update, or delete data individually or en masse through file uploads.

Regarding authentication and authorization, which I would argue is the most important feature of the admin dashboard, an administrator should be able to view all tokens and corresponding users in a tabular format that is easy to sort and search. Additionally, an admin should be able to change API token access permissions or completely revoke a token in a few clicks.

Understanding how our API is being used throughout the day, week, and year will also prove helpful in optimizing requests through code optimization, database indexing, and the allocation of server instances. I would suggest that this data is viewable as a line graph for the total system as well as on a per endpoint basis.

Detailed error logging and notifications will not only help us catch errors in our code but also prevent vulnerabilities as being able to catch and notify ourselves of unexpected behavior can be the difference between offensively or proactively patching our systems and defensively or reactively patching our systems.

Finally, as we've learned through trying to obtain CourseBook data, the ability to easily insert data through file uploads as well as being able to adjust data individually will greatly our ability to maintain the database as will no longer have to connect to the database directly to make adjustments. Ideally, this sort of system would help obey the principle of least privilege by enabling us to impose far more restraints on when our databases can be accessed thereby improving security.