Program Objective:

Molina Healthcare, a major healthcare provider and administrator in the US, has APIGEE as their API Management Platform. As part of their digital transformation effort, several APIs are to be onboarded onto APIGEE and thereby provide a centralized API ecosystem for their internal and external consumer (consuming applications). There are a variety of consumer applications which include, Web Portals, IVR, Mobile Apps etc.

The key objectives for this program are:


As part of this program, there are ~1700 APIs to be onboarded onto the APIGEE platform and there by implement policies which are identified as required at a use case level.

All APIs are classified at an application level, namely:

All the backend APIs are .NET based services which are hosted on Azure IaaS.

APIGEE has been 5 environments: Dev, QA, UAT, Staging and Production and all the APIs and related configurations will be promoted through these environments while maintaining environment specific configurations.

Program Execution

API Development Lifecycle is followed as part of executing this program under a waterfall (SDLC) methodology.


Requirements are collected from each API/App Owner. As the APIs on APIGEE layer were primarily a pass through with application of several policies, the requirements collected were more non-functional in nature covering the aspects of: Security, Logging, Performance, Traffic Monitoring, Caching and Monetization.


OpenAPI Specification based design was followed as part of this program. All proxies were designed using Swagger 2.0 and the OpenAPI specs were leveraged for development to remain consistent.


APIGEE Edge UI was used for initial development of the proxies. Additionally, Swagger Hub plugins for APIGEE development were leveraged to develop the proxies in a automated fashion directly from the OpenAPI specifications


Unit and System Integration testing were performed using POSTMAN. All aspects of security, logging. monitoring and exception handling were covered as part of these two test cycles.

Security Scans are done using Fortify On Demand (FOD).

Performance Testing is done using JMeter.


Integrated DevOps process was implemented to build and deploy the proxies through the value chain of APIGEE environments. APIGEETOOL was leveraged to implement DevOps process for both Continuous Integration and Continuous Deployment.

Program Key Deliverables

The following were the key deliverables addressed as part of this program