APIs

Why Your API Performance Is Costing You Users (and How to Fix It)

APIs are the backbone of modern software, but speed, reliability, and efficiency do not happen by accident. This guide explains what API performance really means, which metrics matter, and how to optimize at every layer to meet the standards top platforms set.

a day ago   •   10 min read

By Rahul Khinchi
Table of contents

Organizations today run on APIs at a scale once unimaginable. 

In 2024, Cloudflare, which powers nearly one‑fifth of all Internet domains, found that API traffic makes up 57 percent of its dynamic HTTP traffic, with successful (200) responses ranging from 53.1 percent to 60.1 percent across regions. That same network processes an average of 50 million requests per second and blocks 170 billion cyber threats daily, illustrating API operations' volume and risks.

Against that backdrop, major API providers hold themselves to exacting standards. 

Stripe reports a 99.999 percent API success rate over 2024, including during Black Friday and Cyber Monday peaks, limiting downtime to 26 seconds per month

In March 2025, the TechEmpower Round 23 benchmarks revealed up to speed boosts in network‑bound scenarios after adding more powerful servers (Intel Xeon Gold CPUs and 40 Gbps Ethernet).

These figures show two things: 

  1. API performance is measurable at massive scales.
  2. Even top‑tier platforms see measurable gains by tuning infrastructure and code. 

Seeing these industry benchmarks made me curious about applying performance optimization techniques. After implementing various performance strategies across several projects, I've developed a practical understanding of what works.

Today, I will help you learn what "API performance" really means, which metrics to track, and how to apply targeted improvements so you can meet the same rigorous standards your users expect.

💡
Want instant visibility into your API’s real-world performance, errors, and slowdowns without complex setup? Treblle gives you actionable insights from over 100 data points per request, so you can fix issues before users notice.
Try Treblle

What is API Performance?

API performance is the measurable behavior of your API under different conditions, like how fast it responds, how consistent it is, how many errors occur, and how much load it can handle before breaking down.

Much of that behavior is shaped by your endpoint structure, so be sure to read this REST API Endpoint Design Guide to avoid patterns that limit scalability and speed from the start.

Performance doesn't mean only "fast". It means:

  • Predictable: Latency is stable across requests
  • Reliable: Low error rates
  • Resilient: Doesn't degrade under high load
  • Efficient: Doesn't eat up CPU, memory, or downstream service budgets

You'll miss the real picture if you only care about average response times. Averages hide spikes. If 95 percent of your calls complete in 100ms but 5 percent take 2s, that will frustrate users and break dashboards.

What are the Performance Metrics

You need to understand several key metrics that define performance:

  • Response Time: The duration between sending a request and receiving the complete response. Response time includes network latency, processing time on the server, and data transfer time.
  • Throughput: The number of requests your API can handle within a specific time frame, typically measured in requests per second (RPS) or transactions per minute (TPM).
  • Latency: The time it takes for data to travel from the client to the server and back. Latency includes network delays, geographic distance, and routing inefficiencies.
  • Error Rate: The percentage of requests that result in errors, timeouts, or failures within a given period.
  • Resource Utilization: How efficiently your API uses server resources like CPU, memory, and network bandwidth.

Real-world Example

During Prime Day 2024, AWS published that:

  • AWS Lambda handled over 1.3 trillion invocations across its global fleet in just 48 hours,
  • And Amazon CloudFront served 1.3 trillion HTTP requests, peaking at 500 million requests per minute.

What if your core API runs on Lambda?

If your function’s cold‑start jumps from 50 ms to 500 ms for just 1 billion invocations under heavy load, you’d add 500,000 seconds (over 6 days) of extra cold‑start overhead across that period, enough to grind your entire system to a halt. That scale highlights why you can’t treat performance as an afterthought.

How to Evaluate API Performance

Avoid relying on basic HTTP clients or simple command-line tools to evaluate performance properly. These tools are excellent for functional testing, but fail to capture the real-world performance characteristics that your users experience. 

Instead, consider using specialized API observability tools like Treblle that provide deeper insights into production traffic. If you’re unsure whether to simulate traffic or rely on actual user data, here’s how to compare Real User Monitoring vs Synthetic Monitoring.

Treblle can collect over 100+ data points per request, giving you a complete picture of your API's behavior in the wild rather than just in controlled test environments.

Here's a practical breakdown of what you should monitor:

1. Response Time (per endpoint and route)

Start with latency. But track:

  • Average latency (across the day)
  • 95th and 99th percentiles (to catch tail latencies)
  • Cold start vs warm path

If you're using async jobs, background work, or calling external APIs, break it down. If needed, log internal timings per step.

// Response time tracking
function trackResponseTime(req, res, next) {
  const start = Date.now();
  res.on('finish', () => {
    const duration = Date.now() - start;
    if (duration > 1000) console.warn(`Slow: ${req.path} - ${duration}ms`);
  });
  next();
}

2. Throughput and Concurrency

How many requests per second can your API handle before degrading? Use a load testing tool (e.g., k6 or Locust) to simulate realistic traffic. Don't just throw 1000 RPS at your API. Instead:

  • Mimic real patterns (e.g., login burst at 9 am, steady trickle at night)
  • Track CPU/memory/db connection saturation during load
// Rate limiting
const rateLimit = (maxRequests, windowMs) => (req, res, next) => {
  const clientRequests = getClientRequests(req.ip);
  const validRequests = filterValidRequests(clientRequests, windowMs);
  
  if (validRequests.length >= maxRequests) {
    return res.status(429).json({ error: 'Rate limit exceeded' });
  }
  
  recordRequest(req.ip);
  next();
};

3. Upstream Dependencies

Measure the latency and failure rates of every API your service depends on. If your response time is 400ms, determine how much time your API waits on other services.

Also, measure their variability. A 50ms service that spikes to 2s every 5 minutes can destroy your tail latency.

4. Error Rate and Retry Storm Impact

Track error rates not just in isolation, but during retry storms. If your clients retry on 5xx errors without exponential backoff, a failure can become an avalanche.

Use circuit breakers or request shedding to protect your service.

// Circuit breaker pattern
class CircuitBreaker {
  constructor(failureThreshold, resetTimeout) {
    this.state = 'CLOSED'; // CLOSED, OPEN, HALF_OPEN
    this.failureCount = 0;
  }
  
  async execute(serviceCall) {
    if (this.state === 'OPEN' && !this.shouldAttemptReset()) {
      throw new Error('Circuit breaker is OPEN');
    }
    
    try {
      const result = await serviceCall();
      this.onSuccess();
      return result;
    } catch (error) {
      this.onFailure();
      throw error;
    }
  }
}

Ways to Improve API Performance

Improving API performance requires addressing performance issues at multiple levels of your application stack. Depending on where constraints occur, you can implement several strategies.

Database Query Optimization

Database queries often become the primary source of API performance slowdowns. You should analyze slow queries, add appropriate indexes, and optimize database connections.

  • Index Optimization: Create indexes on frequently queried columns, especially those used in WHERE clauses, JOIN operations, and ORDER BY statements.
  • Query Optimization: Rewrite inefficient queries, avoid SELECT * statements, and use query execution plans to identify bottlenecks.
  • Connection Pooling: Maintain a pool of database connections to reduce the overhead of establishing new connections for each request.
// Bad: New connection + SELECT *
async function getUserPostsBad(userId) {
  const connection = await createConnection();
  const posts = await connection.query('SELECT * FROM posts WHERE user_id = ?', [userId]);
  await connection.end();
  return posts;
}

// Good: Connection pool + specific fields
async function getUserPosts(userId) {
  return await pool.execute(
    'SELECT id, title, created_at FROM posts WHERE user_id = ? ORDER BY created_at DESC LIMIT 20',
    [userId]
  );
}

DynamoDB case (2024)

Amazon DynamoDB now powers trillions of calls from Amazon properties, and tables regularly see peak traffic of over 500,000 requests per second while still delivering single‑digit millisecond latencies for simple GetItem and PutItem operations.

Large scans or complex queries can spike into the hundreds of milliseconds if you query without proper keys or indexes. Denormalizing hot‑path data and using DynamoDB Accelerator (DAX) for read‑heavy tables can cut median latency from ~10 ms to sub‑millisecond under high load.

Caching Strategies

Implementing effective caching reduces database load and improves response times for frequently requested data. You need to choose appropriate caching levels and invalidation strategies.

  • Response Caching: Cache complete API responses for requests that return the same data frequently.
  • Database Query Caching: Store results of expensive database queries in memory to avoid repeated execution.
  • Distributed Caching: Use Redis or Memcached to share cached data across multiple server instances.
  • CDN (Content Delivery Network): Caches static content and API responses geographically closer to users.
// Multi-level caching
class CacheService {
  async get(key) {

    // Level 1: Check memory cache
    if (memoryCache.has(key) && !isExpired(key)) {
      return memoryCache.get(key);
    }
    
    // Level 2: Check Redis cache
    const redisValue = await redis.get(key);
    if (redisValue) {
      memoryCache.set(key, redisValue, shortTTL);
      return redisValue;
    }
    
    return null;
  }
  
  async set(key, value, ttl) {
    await redis.setex(key, ttl, value);
    memoryCache.set(key, value, Math.min(ttl, maxMemoryTTL));
  }
}

Magento Example:

Magento, a popular e-commerce platform, employs a multi-layered caching strategy to enhance performance. Magento's caching system consists of three levels: Full Page Cache (FPC) stores complete rendered HTML pages, Block Caching preserves specific page components like navigation menus or product listings, and Object Caching retains individual data elements such as product information or customer details.

By implementing these specialized caching mechanisms, Magento significantly reduces server load and improves page load times, providing a smoother user experience for online shoppers.

API Design Optimization

Well-designed APIs perform better by reducing unnecessary data transfer and processing overhead. You should structure endpoints efficiently and implement features that allow clients to request only the data they need.

  • Pagination: Implement pagination for endpoints that return large datasets to reduce response size and processing time. For more on best practices, check out this detailed API Pagination Guide.
  • Field Selection: Clients can specify which fields they want in the response using query parameters like fields=id, name, and email.
  • Filtering and Searching: Implement server-side filtering to reduce the amount of data processed and transferred.
  • Compression: Enable gzip compression to reduce response payload sizes, especially for text-based data.
// Field selection and pagination
app.get('/api/users', async (req, res) => {
  const { fields = 'id,name,email', page = 1, limit = 20, search = '' } = req.query;
  
  // Validate fields against whitelist
  const selectedFields = validateFields(fields);
  
  // Build query with selected fields and pagination
  const query = buildQuery(selectedFields, search, limit, offset);
  const users = await db.query(query);
  
  res.json({
    data: users,
    pagination: { page, limit, hasMore: users.length === limit }
  });
});

// Batch operations
app.post('/api/posts/batch', async (req, res) => {
  const { postIds } = req.body;
  
  if (!Array.isArray(postIds) || postIds.length > 100) {
    return res.status(400).json({ error: 'Invalid batch size' });
  }
  
  const posts = await db.query('SELECT id, title FROM posts WHERE id IN (?)', [postIds]);
  res.json({ data: posts });
});

Schema validation & docs on the fly

Treblle's API documentation generator reads your SDK annotations and produces interactive docs with real request/response examples. 

By automatically documenting your API's request/response structure, developers can see which fields are available and only request what they need, reducing unnecessary data transfer and improving performance.

Shopify case (2024)

Shopify’s API platform now handles around 16,000 requests per second daily, serving over 275,000 merchants. In high‑traffic periods, unoptimized queries (e.g., full‑table scans or large joins) can spike from 5 ms to over 200 ms, impacting merchant storefronts. By strictly using field selection, pagination, and server‑side filtering, merchants report initial query latencies of under 10 ms on standard endpoints like product listings.

Server Infrastructure Optimization

Your server configuration and architecture significantly impact API performance. You should optimize both hardware resources and software configuration.

  • Horizontal Scaling: Add more server instances to distribute load across multiple machines rather than upgrading a powerful server.
  • Load Balancing: Distribute incoming requests across multiple servers using load balancers with appropriate algorithms.
  • Asynchronous Processing: Move time-consuming tasks to background workers, allowing your API to respond immediately with job status.
  • Resource Pool Management: Optimize thread pools, connection pools, and memory allocation to handle concurrent requests efficiently.
// Asynchronous job processing
app.post('/api/send-notification', async (req, res) => {
  const job = await queue.add('send-notification', req.body);
  res.json({ jobId: job.id, status: 'queued' });
});

// Background worker
queue.process('send-notification', async (job) => {
  await sendNotification(job.data);
});

// Job status endpoint
app.get('/api/job/:id', async (req, res) => {
  const job = await queue.getJob(req.params.id);
  res.json({ status: job.state, progress: job.progress() });
});

Uber Docstore case (Feb 2024)

Uber’s in‑house distributed “Docstore” database (built on MySQL + NVMe) now serves tens of millions of reads per second from its microservices fleet, even under multi‑PB storage footprints, while delivering sub‑10 ms median latencies.

They shard requests across hundreds of nodes to handle peak bursts and leverage automatic failover. When read volume jumped 3× during a product launch, Docstore’s combined horizontal scale and connection‑pool tuning kept 99th‑percentile latency under 20 ms without manual intervention.

Common Performance Problem Patterns and Solutions

Understanding recurring performance issues helps you proactively address them before they impact users. You should regularly audit your API for these typical trouble spots.

N+1 Query Problem: This occurs when your API executes one query to fetch a list of items, then executes additional queries for each item in the list.

// Bad: N+1 query problem
async function getUsersWithPostsBad() {
  const users = await db.query('SELECT * FROM users');
  for (let user of users) {
    user.posts = await db.query('SELECT * FROM posts WHERE user_id = ?', [user.id]);
  }
  return users;
}

// Good: Single query with join
async function getUsersWithPosts() {
  const result = await db.query(`
    SELECT u.id, u.name, p.id as post_id, p.title
    FROM users u LEFT JOIN posts p ON u.id = p.user_id
  `);
  
  return groupByUser(result); // Group posts by user
}

Inefficient JSON Serialization: Converting complex objects to JSON can consume CPU time and memory, especially with deeply nested data structures.

Synchronous External API Calls: Blocking API calls to external services can cause your API to wait unnecessarily, especially when external services are slow or unreliable.

Memory Leaks: Gradual memory consumption increases over time and can lead to performance degradation and eventual server crashes.

Monitoring and Alerting

Modern API intelligence platforms can automatically track these metrics in real-time without heavy instrumentation work. But not all tools are created equal; learn the difference between API Observability vs API Monitoring to choose the right level of insight.

For example, implementing a lightweight SDK that captures request/response data can provide immediate visibility into production performance while generating automated documentation that syncs with your actual implementation.

Response Time Monitoring: Track API response times at different percentiles (50th, 90th, 95th, 99th) to understand performance distribution.

Error Rate Tracking: Monitor error rates and classify errors by type to identify patterns and root causes.

Resource Monitoring: Track server CPU, memory, and network utilization to identify resource bottlenecks.

Custom Business Metrics: Define and monitor metrics specific to your application's business logic and user flows.

// Performance monitoring middleware
function performanceMonitoring(req, res, next) {
  const start = process.hrtime.bigint();
  const startMem = process.memoryUsage();
  
  res.on('finish', () => {
    const duration = Number(process.hrtime.bigint() - start) / 1_000_000;
    const memoryUsed = process.memoryUsage().rss - startMem.rss;
    
    logMetrics({
      method: req.method,
      path: req.path,
      duration: `${duration.toFixed(2)}ms`,
      memory: `${(memoryUsed / 1024 / 1024).toFixed(2)}MB`
    });
    
    if (duration > 1000) alertSlowRequest(req.path, duration);
    if (memoryUsed > MEMORY_THRESHOLD) alertHighMemory(memoryUsed);
  });
  
  next();
}

Alerting without Ops toil

Rather than wiring up Prometheus and Alertmanager yourself, Treblle can send automated alerts (Slack, email, webhooks) when your 95th‑percentile latency spikes or error rates cross your custom thresholds. 

Conclusion

API performance optimization is an ongoing process that requires systematic measurement, targeted improvements, and continuous monitoring. You have learned that performance encompasses multiple dimensions: response time, throughput, and resource utilization.

Your strategies should address your specific bottlenecks rather than applying generic solutions. Database optimization, caching strategy, API design improvements, and infrastructure scaling solve different performance problems.

If you want to implement these strategies without building custom solutions from scratch, consider exploring Treblle, which combines real-time monitoring, security checks, and performance analytics in a single integration. Treblle can dramatically reduce the time needed to detect and diagnose API performance issues while ensuring your APIs remain secure and compliant with standards like GDPR and PCI.

Measure. Optimize. Repeat.

💡
Ready to see how your API performs in the real world, under real traffic, real users, and real pressure? Treblle gives you the full picture, from performance metrics to compliance and security, all in one place.
Get Started with Treblle

Spread the word

Keep reading