API Management: Why Combs are Passe?

Pratima H

MUMBAI, INDIA: One thing that hangs in the air long after Batman and Superman have finished all the hulking fist fights, earth-shaking thuds and high-definition wrestling is this: How on the earth (yes, on Krypton such things may be palatable) Superman’s crop of hair stays slick, untouched and without any tiny strand out of place!

It’s eerie, almost like you are an enterprise stripping off dull legacy suits for digital capes, facing those blistering digital winds of today, exposing your APIs (Application Programming Interfaces) to fierce forces of nature and mankind, flying high on trajectory of applications, whirling furiously in a new storm of developers and partners, and even saving some monetization-damsels in distress; but after all those superthons, your well-coiffed APIs stay glossy, safe, friendly, smooth and hey, dandruff-free!

Embracing APIs is akin to getting a hair-cut, in case you are already shrugging the analogy. It either makes the enterprise in question look completely sassy, have heads turning and wondering ‘why-did-I-never-try-this-before’ as it passes them by. Or, makes it shudder under the big fear – this turned into an utter catastrophe.

Digital wardrobes make it almost mandatory though to break those garden-walls and share APIs in a more open manner with developers who can spin new applications for your digital customers to engage with your business better. Or with partners who can bake revenues out of well-timed apps, or enable other stakeholders, specially customers, to seamlessly enjoy the digital dance of our new-era lives.

Old bonnets are being thrown out in such a hurry that US companies alone could be spending some $3 billion on API management over the next five years, with annual spends quadrupling by the end of the decade, from $140 million in 2014 to $660 million in 2020. Forrester’s report some time back studied sizes and projects annual spending on API management solutions and gleaned that international sales could very well take the global market over the billion dollar mark.

The market is rife with all kinds of hair accessories to keep the new cut looking as suave and well-conditioned as it does on the first day. From pure-play vendors like Apigee to enterprise incumbents like Oracle, HP, and IBM and SOA and PaaS-oriented vendors to lifecycle and governance players like CA Technologies; everyone is in the fray for making these APIs stay and work as intended.

The frenzy is understandable. APIs have come up as the building blocks which developers can use to make different slices or buckets of applications or software to communicate with each other, enabled by access protocols, automated interconnectivity, user applications and cross-referencing. Their relevance was accelerated by digital coming into centre-stage and catapulted with isolated software of the legacy-enterprise variety going out of the picture.

SOA soon gave way to something less anachronistic in these app-dominated markets and consumer lands where DevOps and Microservices have changed the game- a digital glue that could weld together developer ease, integration, visibility, API security well through a solid but fluid API management answer.

The glue could go to a next level beyond its call of duty too if it could throw up analytics on cross-sectional view of the digital elements and maximize revenue or insight opportunities.

Sounds simple and about time? But what about worries of managing and bolting-in-for-emergencies all these APIs once you have opened them for better interaction between different pieces of app-economy and software?

New ecosystems definitely gain from the new-found agility, those savings on time and resources that open APIs bring about, but don’t they also usher in complexity, safety leaks and other problems? Rapid production of software could also simultaneously mean a bigger surface area for wrong eyes looking for enterprise data and assets, now suddenly up for grabs through backend systems via APIs.

What about managing API quotas, usage, tracking ebbs and flows, controlling back-end side traffic without sidelining developer experience or truncating digital layers of the new economy?

Recently, a global study commissioned by CA Technologies reminded that despite widespread use of APIs for success in the application economy, not all organizations have the important capabilities in place to help them achieve comprehensive API success.

Enterprises seem to be clearly cognizant of the API wave. From customer experience (85 per cent), faster delivery of new apps (84 per cent) to extending digital reach (84 per cent), many appear to having a good grip on current and future drivers for using APIs as the study ‘APIs and the Digital Enterprise: From Operational Efficiency to Digital Disruption,’ divulged.

Although one can see the widespread use and key business drivers for APIs, one also notices that few respondents felt they had overcome some top API challenges, ranging from getting the right infrastructure in place and finding the right suppliers, to simply setting strategy and objectives.

So how do some tonsorial questions work on digital scalps? When Christopher Tillie, Director – solution sales, API Management, APJ, CA Technologies was in India recently, he helped in combing through many ifs and buts about the API-world. Kryptonites notwithstanding, here’s how the hair gel works better.

The API rush is not a fad right?

No, API management is exploding. You have to be able enough to finally provide an experience for today’s customers in a tailored way and without any risks. Our study affirms that APIs are being used to build mobile and web applications (76 per cent and 78 per cent respectively), integrate back-office systems (79 per cent), enable third-party developers and incorporate third-party services (74 per cent each).

Shouldn’t it be scary to open the garden-walled enterprise assets to a sprawling playground now?

It’s easy to open up anything but what to expose and what not to expose is a bit of science and art with many levels involved. You need to look at sensitive data and other categories like this to decide whether and how much information should be available for services. Like our legal expert Mr. Pavan Duggal said here, there is nothing like absolute security. Garden-wall approaches won’t work when collaboration is key and this is where management technologies are vital.

Does the Oracle vs. Google case set a strong precedent here when it comes to how much copyrighting APIs can affect innovation?

You create an API for a certain purpose. The intent is to make the information available in a secure way. With an extended ecosystem one should be able to bring in information and experience for a richer user-powered world. While API ecosystem is about sharing of information and collaboration at a quintessential level, there are many factors at play. API solutions help developers to easily share and collaborate for better user experiences. Collaboration is deeply embedded in the success here and real innovation happens when collaboration and security are blended well.

Any thought on Web APIs vs. Mobile APIs?

As long as someone has followed open standards it is easy to manage both the worlds. Mostly good API management bolsters the balance between these two spaces. For a user, whether it is a phone, a wristband or a desktop, security and experience should be available on all devices. For a developer, it should boil down to uniform protocols and systems to secure all kinds of devices.

From what your study distills, who are the ones who are doing the API game right and otherwise?

I usually refer to API Capability Index, a segmentation created based on feedback from 920 IT respondents who participated in this study. The survey participants were asked if they had 10 API-enabling capabilities in place, which were grouped into four categories: Lifecycle Support, Core Security, Run-time Environment and Operational Management. The responses were broken into three groups based on how well they were prepared to support APIs – Advanced, Basic and Limited. The global responses were evenly split with 34 percent Advanced and 33 percent Basic and Limited. If you observe, when it comes to API business drivers, the study showed 65 per cent of Advanced API users were able to give an improved customer experience versus only 25 per cent of Limited users.

Also, 61 per cent of Advanced users have experienced faster delivery of revenue-enhancing apps versus 23 per cent of Limited users. Extending digital reach is critical in the app economy, and this is where three times as many Advanced users as Basic users (61 per cent vs. 21 per cent) have seen this benefit. CA works on empowering customers to maximize the use of APIs by providing them with a secure, developer-friendly environment that can address today’s large scale mobile and IoT initiatives.

The Advanced ones have a better strategy then? Where does the revenue-making piece come in?

Their go-to-market strategy aligns with API strategy and business outcomes. One also should take into account that overlap between different industries is possible with APIs. The overall recipe has to work in sync with app economy and digital imperatives. An app is essentially made extremely effective with an API. So web apps stuck over mobile apps won’t work. More and more people are using apps instead of desktops. The idea should be to deliver a great user experience as per the device. The best experience in a user’s hands matters a lot and corresponds with what the user wants.