Hi! I'm relatively new to Apigee, and I was wondering if the following design is a good idea or not (pardon the generic-looking names).

I created one API proxy with the following target URL:

https://someothersite.org/something/somethingspecific/somechar/.

Next, I configured the proxy to have a verify API key policy. This is followed by a spike arrest policy with a client_id identifier so that the policy has different counters for different apps. From there, I created multiple API Products using that one API proxy, each with different endpoints/resource paths that build off that base target URL in that particular API proxy:

• /Org1QueryTicket
• /Org1UpsertTicket
• /Org1/DriverInsert
• /MobileQuery
• /MobileSubmission

My initial idea is that each developer app would have to pick and choose between these API Products. Each app won't use all the endpoints (principle of least privilege); each app will have an API key that I manually approve (it's all internal APIs). That way, when I create custom reports, I can do the following:

• Query total traffic to our system by looking at that single proxy.
• Figure out which endpoint is being hit the most by looking at API Products.
• See which app is generating the most traffic to our system regardless of endpoint.
• Determine which app is making a bunch of requests to a particular endpoint.

Is this a best practice? Another approach that I've heard is to create one API proxy for each API product. Each proxy would correspond to the above endpoints.

Any advice would be greatly appreciated.