Something we've talked a LOT about is when an API returns a HTTP 200 ok code, but the API returns an error. This can be a challenge for a gateway's passive monitoring and backend services to spot because, technically, nothing went wrong. Take a look at one we had just this morning from the APIs for a major IoT provider.
HTTP/1.1 200 OK Date: Wed, 21 Mar 2018 09:10:52 GMT Server: Apache Vary: Accept-Encoding { "status": 2XXX, "body": {}, "error": "An unknown error occurred: Maintenance mode, please check http://status.fakename.com/" }
It's vital to have active monitoring that not only spots these problems, but lets you know – before your customers do. And in the world of Open Banking, where this is a regulatory compliance issue, you need to spot these before they trigger a regulator complaint – and you can't prove it didn't happen.