Mala Ramakrishnan is a Director of Product Marketing at Oracle where she manages outbound marketing functions across the SOA and BPM product lines. Mala has over 15 years experience in product development, management and marketing roles across a variety of software offerings ranging from middleware to network optimization to software security to mobile computing. She holds a Masters in Computer Science from Stanford University.
Unlock Your IT with API Management Published: December 19, 2013 • Service Technology Magazine Issue LXXIX PDF
Abstract: Application Programming Interface (API) management is a newly defined space that is shaping the multi-channel strategy of enterprises across organizational boundaries. In this byline, Oracle's Mala Ramakrishnan will look at a comprehensive API management solution that helps organizations develop well-designed infrastructure that securely exposes APIs all the way to managing the front-end for adoption. The article will also touch on how organizations can outsource application enhancement by empowering developers through API adoption, as well as add a mobile front to applications to capture new revenue opportunities. Finally, the piece will examine how organizations can streamline business and IT objectives by managing the lifecycle of their APIs.
We are at the beginning of an era during which a new wave of innovation is completely changing IT priorities. Mobility and globalization across organizational boundaries are driving this innovation. The definition, growth and quick adoption of Application Programming Interface (API) management is a direct result of the booming mobile frontier and globalization.
API management extends application development beyond organizational boundaries and drives innovation, extends applications and increases adoption across various channels and devices, driving new revenue streams. API management provides the potential to selectively expose applications through APIs and manage all aspects from realizing business value and security to fostering a developer community.
What are APIs?
While API management is a new space, APIs are a tried and tested concept in software. APIs are used to encapsulate complexity in applications and selectively expose functionality so developers can build new solutions that leverage APIs. For example, a Web crawling company could expose APIs to a maps database that gets updated in real time. Third parties can then build out location-based applications and focus on the services they provide while leveraging the content of the exposed APIs for location relevancy.
Exposing APIs has gained traction as organizations realize that leveraging content across boundaries creates more innovation that drives value to all stakeholders. It creates a win-win situation for the enterprises that expose the APIs, the consumers of the APIs, and the end users. Often the most innovative use of APIs comes from outside the organization from customers, partners and third parties.
Monetization of APIs
Identifying which parts of your application to expose as APIs is just one aspect. The bigger and more important issue is the development of a sound business strategy around your APIs. It is one thing to expose APIs, and another to actually generate revenue from the APIs, ensure widespread adoption and scale the application to match the needs of the APIs. Organizations are looking to API management to quickly expose their valuable IT assets and monetize them through multiple channels. API management begins with developing a strategy to identify what IT assets can be exposed externally to tap into new revenue streams and increase brand awareness. There are two approaches when developing this strategy – content and capability.
Content Based Monetization of APIs
Organizations may choose to share content that is specific and unique externally. This approach is appropriate when one of the following is true:
Capability Based Monetization of APIs
This method is usually chosen by organizations when they have a capability that can be delivered via a browser or a mobile application and actively drive new revenue opportunities. This could be to expose existing services via these new channels. For example, offering APIs which allow developers to create a mobile-device friendly retail store may bring in more purchases from shoppers on the go, who are not sitting in front of a computer with a Web browser. Another approach is making APIs available that can be leveraged by third parties to create innovative new offerings combining core capabilities with other Web-based content or capabilities. This can positively alter the consumer experience and result in increased revenue.
In general, the IT assets an organization chooses to expose can be a means to an end or it can be the end in itself, and some offerings may certainly be a combination of both content and capability. For example, a vendor may make it possible to look up images of objects and do a price lookup for free and then link to different vendors for purchase.
API Management for Mobile Enablement
There are two ways to develop an enterprise mobile strategy -- controlling the end-to-end integration experience from the enterprise to the handheld, or exposing enterprise assets through APIs for third parties to build out mobile solutions. Security, management, and runtime enablement are all key aspects that serve as the solution for mobile service enablement. API management controls APIs internally, but it involves a bit more to actually manage the APIs externally as assets that are available for consumption. It involves managing the external lifecycle of the APIs, ensuring adoption and fostering a developer community among third parties.
API management is an innovative approach to mobile enablement that has recently seen high adoption. With API management, organizations expose existing IT assets and services as APIs, which can be leveraged by third parties. This allows mobile application developers external to the organization to tap into innovation and capture new revenue opportunities. It allows for differentiated customer service as third parties may combine disparate APIs from different vendors to provide innovative solutions that would not be possible otherwise.
Requirements of API Management
API management is all about managing the exposure and adoption of APIs. Exposing the APIs externally requires the infrastructure to be well designed and service-oriented, hiding the underlying complexity from the end user and exposing exactly what is needed for consumption. Security, usability, throughput and availability of the APIs can determine the success of the API adoption. It requires that the protocols of communication be easy to leverage and universally accepted across devices. API management should provide the means to measurably analyze the business gains in increasing the bottom-line revenue. It should improve brand awareness and quantify developer adoption. Lastly, it needs to speak the language of the developers and foster community building by delivering on trust and collaboration. API management exposes and manages specific functionality in applications in a secure manner. It provides end-to-end lifecycle management of APIs. Through a centralized repository, policy enforcement and tracking of key performance indicators, the solution provides the foundation required to build business value.
A Day in the Life of an API
An API is a valuable asset which, when put into the hands of partners and creative mobile application developers, has the potential to drive business value. API management allows organizations to realize the value of these assets by unlocking their potential. It flattens the world of IT operations and removes boundaries to include external participation, providing an opportunity for unprecedented collaboration across products and services. This harnesses previously unknown or under-developed customer opportunities and ultimately delivers new revenue streams. It can raise the bar for innovation and put a front end on an organization's enterprise across different mobile devices and channels. It has the power to transform an enterprise by scaling developers and consumers without traditional organizational limits.
However, API management entails a lot more than just solving the "last mile" access challenge to an asset. To truly leverage the value of these traditionally private assets across all of the modern channels and to ensure long-term sustainability and business value, it is imperative to consider the underlying issues that need to be addressed by API management. There are two lifecycles to consider when exposing a business asset for external consumption – internal and external.
Internal Lifecycle of an API
The first lifecycle is the way that business assets are built out and managed. For any application – especially when the audience is an unknown third party – high availability, throughput and reliability of the asset have to be guaranteed. In addition, the organization may choose to scale out and offer more APIs, in which case, reuse and the elimination of duplication becomes important. As the organization matures, the underlying infrastructure of the business asset needs to change while requiring zero down time from the API. Decommissioning an API is another aspect that needs to be considered, when the business decides to replace an existing API or expand functionality or decide to close it down. Exposing the APIs requires the internal infrastructure to be well designed and service-oriented, hiding the underlying complexity from the end user and exposing exactly what is needed for consumption. It requires tools that encourage collaboration and teamwork that is necessary to create the assets.
External Lifecycle of an API
To succeed with exposing an API externally, several factors need to be considered. Security of the business assets is the first concern, as the external consumers may be developers from any organization – customers, partners or third parties wishing to leverage an organization's APIs. The protocols of communication, though universally accepted across different channels, are still very new and not yet necessarily standardized. It can be frustrating for the consumers of the API, especially if the service does not match expectations in terms of how the API handles security or errors, and as a result, the adoption of the API may suffer. In addition, if the consumer of an API chooses to consume from more than one API source, this lack of standardization is compounded. As a result, APIs require meaningful documentation, best practices, samples, continuous support and communication among users. API management needs to deliver on all this and, in addition, a trust and collaboration-based developer community needs to be fostered so there can be an exchange of ideas, support and innovation. API management should allow cross-company collaboration and allow setting and management of access rights.
API management should provide the means to analyze business gains in increasing top-line revenue when required. API management should also assist in defining and analyzing key performance metrics and feedback into improving the APIs. It should justify improving brand awareness and quantify developer and consumer adoption.
API Management: a New Front for SOA
Service Oriented Architecture (SOA) or service integration has matured, delivering on the promise to streamline business processes, lower costs and improve efficiency by breaking down monolithic infrastructure into services for reuse. API management is fundamentally SOA with a difference in approach of extensive involvement of unknown third party users and a focus on channel strategy and in particular, mobile enablement. It would be an oversight not to leverage the value that a mature technology brings to bear and to re-invent the service integration wheel as API management. While a lot of API management vendors focus on just the external lifecycle management of the APIs, service integration typically encompasses the entire internal and external lifecycles of the API, ensuring guaranteed success for API adoption and channel strategy.
A quick look at a few core components of a typical service integration offering shows that they are necessary aspects of API management.
Mediation and Virtualization
Typically delivered by a service bus, mediation and virtualization guarantee that functionality under the covers of an API can change and grow independent of the definition of APIs. An analogy would be an electrical outlet – would it matter to a light bulb whether the source of electricity behind the scenes was switched from one power plant to another? Similarly for the consumers of an API, it should not matter what the underlying functionality is. The API should just meet the contract without having to reveal the underlying implementation, and should guarantee delivery.
Orchestration and Connectivity
Delivering an API involves orchestrating across functionality both internal and externally. This requires not just a good orchestration engine and tool, but also availability of an extensive set of adapters that can ensure connection across a myriad of applications that usually encompass any IT infrastructure. In addition, it requires that the API will deliver on guaranteed performance, high availability, reliability and scalability – all easy to achieve with a tried and tested service integration offering.
This is a key component typically layered on top of service integration that ensures delivery on key performance metrics and helps with API adoption and maintenance including aspects such as documentation, version control and delivery of business processes for the management of APIs, across different personas both within and external to the organization. It can help ensure iterative measurement of the success of APIs and delivers on continuous improvement. It is one thing to plan a business strategy for monetization around APIs and another to measurably track the monetization and adoption – something service integration has delivered on for decades.