Modern Infrastructure

Collaboration moves beyond email

kentoh - Fotolia

An API strategy is no longer just for developers

Once narrowly viewed as a tool for developers and Silicon Valley giants, APIs are now a key driver for revenue and customer satisfaction in forward-thinking IT shops.

IT operations teams that consider an API strategy to be the "wonkish" purview of developers will be surprised to learn how far APIs have come in their overall strategic importance to a corporation.

Application program interfaces (API) are linkages that offer a set of tools and protocols to describe how one program should talk to another. But more recently, the definition has broadened to refer to not just the specifics of the API itself, but to networked collaborative services as well.

Amazon provided one of the earliest strategic uses of external APIs when it offered up its e-commerce engine to booksellers and other retailers wishing to sell on Amazon's site. "Amazon became not just a retailer, but a facilitator of an ecosystem in which they get a cut," said Randy Heffner, an analyst at Forrester Research, in Cambridge, Mass. "This was all due to API enablement."

Large public API programs, such as those offered by Amazon, Twitter and Google, were the first externally facing APIs. Now, many enterprises develop their own API strategy, using APIs to link their apps to partners, as well as APIs that link internal departments in creation of microservices. Developers and IT shops receive requests from within the organization to expose some aspects of their data to the outside world. In some cases, it may even create an opportunity to monetize that data.

"We've moved from a world where APIs were [a Silicon Valley thing] to where almost everyone in the general economy is doing something with them," said Steve Willmott, a former researcher and developer and current CEO at 3scale, an API management company he founded.

It's significant that APIs are much easier to create than they used to be. The predominant technologies used to create APIs in the 2000s, Simple Object Access Protocol and XML, have given way to REST (Representational State Transfer) APIs, which is an architectural style based on the HTTP protocol, and that uses JavaScript Object Notation as the preferred format.

These lightweight development techniques helped one utility company move from traditional XML data to API gateways. Essent, which is the largest energy company in the Netherlands, developed an API strategy that uses externally facing APIs to communicate with electric car charging stations and other third party vendors.

What are the attributes of a good API?

• Documentation should be public. Public docs get seen by more people for the maximum amount of review, and should be in good order to be consumed.

• Clients should be language- and OS-agnostic -- REST accomplishes this. An API must be accessible to Windows as well as Linux developers. C# and REST-based APIs accomplish this, as they are based on hyperlinks.

• An external API is in use by the team that created it. If there are deficiencies in your API, your developers will be the first to find them. 

• Example clients are publicly available. You need to provide APIs with samples on how to use it.

• The API must be secure. APIs should be protected by the same authorization and authentication as other interfaces (GUI, WUI, and/or command-line).

• New versions of an API should present minimal changes and they should be backwards compatible.

• The API should be scalable. An API should be able to withstand significant traffic.

- Bernard Sanders, CTO, CloudBolt

At Essent, customers can see which charging station is available via a Web app that receives real-time API data from an API gateway from French vendor Axway. Similarly, Essent has real-time data to tell if a car charging station is operational or not, according to Niels Wolf, senior architect at Essent, based in Amsterdam.

Essent started funneling data through APIs about four years ago to give more flexibility to customers and partners. This has made life easier for IT pros and developers -- the biggest benefits are having a central place to take on a potential security threat and to allow multiple different protocol types on the same information flow.

"It's why we use a specific gateway," Wolf said. "You can set rules for all [API] calls at the same time. If we get attacked, we have a good location to fend off and offer flexibility at the same time."

Editor's note: This article is part 1 of a two-part feature on API management. Click here to read the next part.

Article 7 of 11

Next Steps

Target the difficult user to elicit great API usability requirements

Leanr how to tame the API jumble

Dig Deeper on Cloud APIs and integration

Get More Modern Infrastructure

Access to all of our back issues View All