# APIops (CI/CD) — Use case > Describe APIs, policies, and topology as manifests. Apply them through your pipeline. Get the same audit and three-tier permissions you get from the UI. *Developers · APIops · For developers* ## API as code. Same audit. Same permissions. Same gateway. APIops ships APIs, policies, and topology as manifests. Pipelines apply them idempotently with name-based references. The audit trail is identical to a UI change — nothing escapes governance. [Five-minute quickstart](https://apinizer.com/developers/quickstart) · [Open APIops docs](https://apinizer.com/developers/apiops) --- ## The problem *The problem* ### UI-only platforms force teams to choose between governance and Git. Engineers want changes in Git. Auditors want changes in the platform. Most gateways force a trade-off: either ship via a UI (and lose Git review) or hand-roll an API client (and lose audit). Apinizer's APIops manifests close the gap: changes ship from Git, apply idempotently, and the audit ledger records them the same way it records a UI change. --- ## Capabilities ### Manifests as data Describe APIs, policies, plans, identities, and topology as YAML manifests. Same shape across environments; environment variables for what differs. ### Idempotent apply Re-running an apply is safe. The platform compares current state to desired state and applies only the diff. ### Name-based references Manifests reference other resources by name, not by generated ID. Files survive environment promotion unchanged. ### Three-tier permissions enforced Pipelines apply with explicit credentials. Project and environment scopes apply the same way they do in the UI; bypass is rejected. ### Same audit ledger Every applied change writes to the audit ledger with the pipeline identity, the manifest version, and the diff that landed. ### Pipeline-native Apply from GitHub Actions, GitLab CI, Jenkins, Azure DevOps — anything that runs a shell. No magic; just a CLI and a manifest. --- ## Real-world examples ### Banking **Scenario:** Istanbul bank ships every API change through Git **Outcome:** Manifests reviewed in PRs; CI applies on merge. Audit shows the actor, the version, and the diff. UI access narrowed to read-only. ### Manufacturing **Scenario:** Munich OEM promotes between 4 environments with one apply **Outcome:** Same manifest, different environment variables. Promotion takes a CI job, not a meeting; rollback is git revert. ### Public sector **Scenario:** Stockholm agency runs a compliance lane on manifest PRs **Outcome:** PRs auto-checked against policy rules — required auth, required rate limit, required tagging. Compliance team reviews only exceptions. ### Telecom **Scenario:** Madrid carrier deploys 240 APIs per week through GitLab CI **Outcome:** After-hours apply pipelines retired. APIs land Monday morning; rollbacks land Monday afternoon if needed; audit captures every one. **Metric:** 240 / week ### Retail **Scenario:** Amsterdam marketplace runs a 'preview environment' per PR **Outcome:** Each PR provisions a sandbox project on the gateway. Tests run there; the project tears down on merge. No more 'works in staging'. ### Insurance **Scenario:** Milan insurer codifies plan, quota, and contract changes **Outcome:** Plans and quotas live in Git. Marketing campaigns ship by PR; the platform team only reviews policy, not paperwork. ### Energy **Scenario:** Prague utility separates 'platform' and 'project' repos **Outcome:** Platform-tier policies in one repo, project-tier definitions in another. CI authentication maps to the tier each repo owns. ### Government **Scenario:** Baku ministry promotes manifests across sovereign environments **Outcome:** Air-gapped sovereign cluster receives signed manifest bundles. Apply runs on the inside; audit reconciles weekly to the central trail. --- ## Recommended modules - [API Gateway](https://apinizer.com/products/api-gateway) — The runtime that applies manifests idempotently and writes audit on every apply. - [API Designer](https://apinizer.com/products/api-designer) — Design specs that ship as manifests; promote between environments unchanged. - [AI Gateway](https://apinizer.com/products/ai-gateway) — AI lane manifests — routing rules, prompt firewalls, MCP registry — ship the same way. - [Analytics Engine](https://apinizer.com/products/analytics-engine) — Confirm a deploy did what you expected — per-version traffic and quality. --- ## Resources - [APIops manifests](https://docs.apinizer.com/en) — Shapes, name-based references, idempotent semantics, audit behavior. - [APIops page](https://apinizer.com/developers/apiops) — The hub for Apinizer's API-as-code surface. - [Quickstart](https://apinizer.com/developers/quickstart) — Ship your first manifest in under five minutes. - [API Reference](https://apinizer.com/developers/api-reference) — Every Manager and APIops endpoint, generated. - [Analytics Engine](https://apinizer.com/products/analytics-engine) — Per-deploy telemetry — confirm a manifest applied does what you expected. - [Architecture overview](https://docs.apinizer.com/en/concepts/architecture) — Where APIops fits in the topology. --- ## Related use cases - [API lifecycle management](https://apinizer.com/solutions/api-lifecycle-management) — For platform teams - [Hot deploy & cache](https://apinizer.com/solutions/hot-deploy-cache) — For platform teams - [OpenAPI-first design](https://apinizer.com/solutions/openapi-first) — For developers - [Three-tier permissions](https://apinizer.com/solutions/three-tier-permissions) — For platform teams --- ## Next step *API as code, audit included* **Ship from Git. Govern from one platform.** A 30-minute walkthrough — manifests, pipelines, promotion, audit — on a Kubernetes of your choice. [Book a Demo](https://calendly.com/apinizer/15min) · [Read the docs](https://apinizer.com/developers/docs) --- ## Links - Products: https://apinizer.com/products - AI Gateway: https://apinizer.com/products/ai-gateway - Solutions: https://apinizer.com/solutions - Pricing: https://apinizer.com/pricing - Developers: https://apinizer.com/developers - Documentation: https://docs.apinizer.com/index-en - Blog: https://apinizer.com/blog - Contact: https://apinizer.com/company/contact © 2026 Apinizer. All rights reserved.