Should I care about API Management?
API management is used for exposing, governing, monitoring and sharing REST and possibly SOAP services. API management has gained interest since the beginning of 2013. It is different to traditional SOA governance solutions because it is focused on exposing services to external clients. This has become more important over the last couple of years as businesses have embraced SaaS and mobile. It will become more important in the future because of a trend to more complex interactions between businesses and applications.
API management tools have a design time and runtime components and provide some or all of the following functionality:
- Proxy, mediation and transformation services
- Lightweight governance of the API
- API utilisation and analytics
- A portal for developers
- A security access model and enforcement capability
There are many vendors in this space and Forrester and Gartner publish their Wave and Magic Quadrant respectively. Product capabilities change significantly between versions since this is still a relatively young market. There are a few basic architectural models that includes gateway, cloud-based proxy or plug-in. Each model has its advantages and disadvantages and should be considered by anyone implementing a solution.
The functionality API management provides allows customers to expose their organisation’s APIs in a consistent fashion. This ranges from a consistent look and feel for developers to a common security model. This provides the following outcomes for organisations depending on the functionality provided and architecture used:
- Better engagement with third party developers
- Easily scale the number of 3rd parties that use your API
- Have a gateway layer that protects your back-end services from direct access
- Have a better understanding on what services are being used by certain clients
- Perform transformation within the gateway, for example REST-to-SOAP
API management isn’t a silver bullet. It won’t fix a poorly designed API. It also requires back-end infrastructure that is fast and able to handle large spikes. The underlying issue of having to develop business relationships before being technical partners still exists. This could be especially tricky if there are significant contract negotiations required. These underlying issues and more need to be considered and solved.
In summary, API management has recently been gaining significant attention. This attention is due to an increased focus on exposing APIs to mobiles, SaaS applications and third party developers. API management is for exposing, governing, monitoring and sharing your organisation’s services. This functionality allows an organisation to securely expose these services and better engage external developers.
Love this article? Get them sent to your inbox every month. Click here to subscribe.
Paul Winters is a Director at Syntegrity Solutions, a specialist IT consultancy that focuses on digital innovation enablement. He has over 10 years experience in the IT industry and has consulted on APIs, integration and security to enterprises including top-tier banks and insurers.