This guest post comes from Mark O’Neill, CTO of Vordel, which sells products to manage cloud computing, including a cloud service broker.
Web APIs represent one of the biggest technology trends of recent years, by leveraging the simple technologies of the Web (REST, JSON, HTTP) for application integration. Although Web APIs are quite simple, organizations have realized that if they expose data in this easy way, they enable an array of mobile apps to be written to consume them. Examples of APIs include simple ways to query company stock information from brokerages, to retrieve flight information from airlines, and to retrieve shipping information from freight companies. In each case, it is simply Web technologies which are used. This is a great use of the language of the Web to address an older problem: data integration.
APIs represent such an important technology trend, that new business models can develop on top of them, sometimes called “The API economy”. The API economy encompasses API developers, the businesses providing the APIs, the businesses hosting APIs, and app developers. This growing API economy has resulted in a philosophical switch in the mindset of many organizations that are now making access to internal data available, enabling partners and customers to develop value-added applications on top of this data. As such, many organizations no longer hold information close, but actually are seeking to make it readily available for external developers to write apps. While many organizations are concerned about the risks of freely sharing data and deriving long-term revenues from new API-led business models, the good news is that these concerns are being addressed. In fact, if organizations are not prepared to play in the API economy, they run the greater risk of being left behind.
Sample screenshot from API Management product showing list of potential security policies
APIs thrive on data. Examples include shipping information APIs (shipping data), financial quote APIs (financial data), and geographic APIs (location data). The popular maxim around the API economy notes that if an organization is willing to free its data, the applications will follow. However, at this point, the word “free” does require some clarification. Free should not necessarily be construed as meaning cost free, nor should it mean data is exposed freely, without any controlling parameters relating to usage thresholds or security levels. Whenever an organization makes the leap to expose its data via APIs, it is always advisable to use quotas and alerts that flag instances of over usage or unwarranted data mining. Additionally, it is important to consider the long term implications for pricing strategies. For example, there are various billing models such as the “freemium” approach that up to certain point offers free data usage of APIs, with a cutoff point where users have to pay. Strong governance is also essential as it enables organizations to monitor any suspicious usage of APIs. These measures mean that APIs can be safely deployed, without compromising data.
Screenshot of interface monitoring multiple gateways managing APIs ensuring compliance with SLAs and protection of the APIs
Let’s take a look at the drivers influencing the growth of the API economy. The initial driver is, of course, the Web. In the past, an “Application Programming Interface” meant developing in C++ or Visual Basic. Now, by leveraging HTTP, APIs have opened up application development to a whole new generation of developers who won’t necessarily have had prior experience of more complex “enterprise” programming languages such as C++. In an API world, developers are provided with simple feeds of data, on top of which they can quite simply write a value-added web application. As a result, there are legions of new developers that an organization can leverage to extend the reach of its offerings, and reduce its reliance on an internal team of employed developers.
This new paradigm shift driven by APIs has also impacted at board room level. CEOs now expect their CIOs and CTOs to be able to showcase iPhone and Android app versions of their latest service offerings. However rather than asking “why are we not building iPhone applications,” the CEO should be asking, “why aren’t we allowing others to write iPhone applications on top of our data?” In other words, the goal of the organization should be to become a transparent platform for serving up data to third parties who can develop mobile apps on top of this platform. This means that the business effectively becomes a platform. For example, if a Financial Services company provides APIs enabling any developer to write the application, then it becomes a platform itself.
An API Gateway provides a Governance layer to manage APIs
APIs leverage newer lightweight technologies such as REST, JSON and AJAX, in contrast to the more heavyweight standards characteristic of enterprise software applications. Many of the younger generation of developers simply don’t have the skills to use enterprise technologies such as message queues and ERP. However, these older technologies still exist and are in use. In such circumstances a broker product is used to connect from the API interface back into enterprise systems. A purely Cloud based API is just solving a surface problem as the client connects to an API in the Cloud, but the bigger question is how to connect back to the enterprise and what method do you use?