Collaborating with others can help companies create new business opportunities, gain competitive advantage and foster innovation. Coupled with the increasing business demand to build new and improved customer and partner experiences, your API Business Strategy is strategic business consideration.
To take advantage of these capabilities, companies must understand the forces driving API usage, as well as the potential business models and monetization strategies APIs can help create. Successful organizations will see APIs not just as technical tools, but as sources of strategic value in today’s digital economy.
APIs (or software services) are in such demand today for a few key reasons. The demand to build and deploy software has grown exponentially in recent years, with customers demanding applications and web sites to transact business with almost every company. The complexity of this software has been growing too, as customers expectations of features and availability of services online have increased. More than ever, the ability to work with partners and leverage service providers in the cloud is vital.
Exposing these APIs to the ‘outside world’ – whether these end-users of your APIs are internal teams hosting software in the cloud, partners you know and trust, new partners you have little relationship with, or even your end clients – is a critical part of enabling your business today, and will only increase in importance in the next decade. Doing this securely and making the experience a good one for your end-users of any type is also important and should be a critical component of your API Strategy.
Having a central place to audit and perhaps even charge for some of these services is vital. API Gateways and APIM ecosystems help with this entire endeavour!
An API strategy is much more than ‘hide the complexity of my old systems behind a REST interface’.
An API strategy includes critical deliverables ensuring that:
- High-value business capabilities are exposed digitally
- APIs provide a delightful (read: easy to use and integrate with) developer experience
- APIs are true to the business need versus existing technology or organizational structure
Consuming Cloud Services such as Amazon, Microsoft and GCP, or IBM Cloud, largely comes down to the ability to integrate software platforms via services – from the cloud into the enterprise, and back out to manage the cloud platforms themselves.
The Internet of Things (IoT) is about hardware using internet software protocols to communicate with information services. Whether the device is informing you of an event, finding out information to perform its operations, activating other devices, or even purchasing your products and services, all these things happen via APIs. Smart devices from phones and personal assistants, like Alexa and Google Home, through smart cars and trucks, to fridges and washing machines, all require the ability to integrate securely to APIs and services that are offered by your business. In many cases in today’s world, the APIs themselves that power this ecosystem are in themselves chargeable products. Partners and vendors using these services can be charged directly for their value.
An API Gateway in simple technical terms is an API proxy enabling you to share your APIs with multiple applications in a secure and audited fashion. While the technical and operational benefits of an API gateway are well known, such as centralized authentication and authorization, request and response validation, enrichment, and transformation, a single audited view of both access and performance, and a single place to shut down problematic traffic and monitor security; with the ever-increasing demand for APIs and the realization that the future of business is through software integrations, the importance of seeing your APIM gateway in the right light, and enabling the right selection and management of it is greater than ever.
The best way to think of your API gateway is a bit like your ‘company.com’ website – but for your APIs rather than your regular products and services. Your main ‘company.com’ branded website is where end consumers arrive to find out about your company, purchase your products and services, and manage and pay for them afterwards. This cohesive, branded experience is critical to business and we all understand why it’s vital, and why self-service for customers saves time and money in customer management. Customers and clients arriving at your site typically have a simple centralized identity to authenticate themselves so they can manage their products services with you, so you know who they are, and what they can and can’t do on your site. In the same way, the teams, partners, clients, and customers – even the software itself – that will be or is consuming your APIs to transact business, needs a centralized place to connect and manage that experience.
The gateway itself performs this function for your ‘software customers’ that consume your APIs. It’s a central place where software connects, is authorized, authenticated, and a record of transactions occur. In an API we can identify specific software making requests, and relate that software identity to a real partner or client for charging, throttling, or charging/settlement purposes. We can identify misbehaving software, block bad requests, spot patterns of misuse, and ensure that, from a security perspective, your organization stays away from being front-page news for data breaches.
But more than that, the management side of the API Gateway becomes a critical feature. A nicely branded API/service catalogue and application lifecycle management portal is where the user (an actual person like the software developer at your partners, for example) will find out what your company can offer them, request access to the APIs, setup secure credentials for their software client, rotate those credentials, see how they’re using your system (and let your operations and administration teams do the same), and find the documentation and information they’re going to need to make these APIs you’re offering work. In the same way that your ‘company.com’ site and the service tools it offers needs to be usable, branded, and presentable, these APIM tools need to do the same for APIs. Having a central spot to find and manage API interactions and self-service critical operations, makes everyone’s life easier, and saves your teams time and money.
- So how do we select an API gateway?
- What additional processes & components comprise APIM?
- Should we have more than one?
- What if we already have one?
- What patterns and features do we need and should we adapt to?
We will be talking about these things and more in upcoming posts.