X

The Integration blog covers the latest in product updates, best practices, customer stories, and more.

  • May 21, 2017

Why Invest in API Management?

Krishnaprem Bhatia
Product Strategy Director

In this post I will highlight why APIs and API Management are essential to succeed in today’s business environment and why it is inevitable that businesses invest in a good API Management solution to accelerate innovation in today’s rapidly changing marketplace.

Digital Economy

We are living in a world of digital disruption. We have all used products and services that have been replaced by newer, innovative products and services. For example, Yelp has replaced old Yellow pages, smart phones have replaced cameras, Google Maps has replaced old paper maps, and streaming services such as Netflix are replacing cable television. And we all know about AirBnB and Uber which have disrupted entire industries such as hotel and transportation.

digital.png

Why are these disruptions taking place? And why is it so easy today for unexpected vendors to come up with services that are innovative and disruptive? It is because the barriers to entry are low. Everyone has access to the new “Digital Building Blocks” such as mobile, IOT, social technologies, cloud computing which allow for rapid innovation. Also, the new Microservices driven development approach is allowing for faster development, higher agility and faster time to market.

Developers building these new, innovative services have a variety of modern application development patterns to choose from. They are building light weight, polyglot apps based on Microservices, or Serverless architectures. They are building web apps, mobile apps and bots using newer visual, low code environments. They can choose from a variety of cloud infrastructures and data stores. They can choose from a number of app development infrastructures, DevOps tools and deployment options such as VMs or Docker containers. Legacy architectures, large monolithic applications are now transitioning into Microservices and distributed computing architectures.

dev-options.png

While developers have the liberty to choose from all of the development, infrastructure, tooling options, we need to ensure that all these apps and Microservices are able to work together. API-led integration is the glue to hold these building blocks together and allows them to communicate smoothly. APIs are at the heart of a modern IT architecture that allows businesses to survive and thrive in this new digital economy by accelerating their innovation and meeting customer demands faster.

APIs – the Doors to Digital Transformation

Now that we have an understanding about the type of environment we are living in, let us take a look at APIs and API-led modern architecture.

API stands for Application Programming Interface and is one of the most common ways of communicating digital information today. Most apps today use APIs in the backend even though it may be invisible to the end user. Whether it is commoditized apps such as Facebook or Twitter, or other apps provided by your banking or health institutions, they are all exchanging information with another using APIs.

APIs help businesses to address two main use cases. The first is where an enterprise wants to expose a set of services or data internally for all its employees to consume. They can encapsulate commonly used services as APIs, or expose data available in back end systems to promote re-use and governance within the enterprise. The second use case is where the enterprise would like to expose these APIs to the external world for branding, building developer mind share, marketing, customer engagement, or monetization. Some examples of APIs exposed to the external world include the Google Maps API, the Uber API, the Spotify API, or the Facebook or Twitter Login APIs. There are hundreds of other examples where developers are consuming publicly available APIs (some paid and some unpaid) to build new products and services. Is it any wonder then that APIs are called the Doors to Digital Transformation?

Broadly speaking, APIs provide four main benefits to businesses:

  • Customer Satisfaction & Engagement: businesses want to improve the service level interface with the customer as part of their key business goals
  • Revenue Growth: APIs make it possible to monetize existing data and service assets and create additional channels of revenue
  • Operational Efficiency: efficiency resulting from cost savings and overall process improvements due to enhanced customer experience
  • Partner Contribution & Ecosystem: distribution of content & assets through new channels and partners.  For example, Facebook messenger APIs allows hundreds of companies, partners and developers to build chatbots for their business needs.

The need for API Management

Having understood why APIs are important we must also try to understand why API Management is critical. API Management is the layer between the APIs and the end consumers (internal or external consumers). Having the APIs is not sufficient, organizations must be able to maximize the value out of the APIs. Businesses must make the APIs well documented and discoverable by consumers so they can maximize adoption. Organizations must also make sure to secure their digital assets with API-specific policies since exposing APIs brings significant risks to the IT infrastructure and this risk must be managed. They must also define service level agreements (SLAs) to specify constraints such as application rate limits, quotas and plans. Finally, organizations must also have visibility and metrics which provide information on who is using the APIs, successes and failures, request and response times, etc.  This insight helps them to understand how to use existing digital assets to meet their business goals. In short, companies must manage their APIs and an API Management solution allows them to do that and keep pace in digital economy.

The API Lifecycle

The API Lifecycle consists of different stages as shown below:

api-lifecycle.png

Design – this stage is about designing the API. The design stage should promote API-First development which means that APIs should be designed before they are implemented. Often times we have already implemented back end services which we expose as APIs. Although these may be fine for some cases, an API-First approach ensures that the consumers of the APIs participate during the design of the APIs before they are implemented. Consumers can collaborate with API Designers to ensure that APIs are being designed the way they want it. This will maximize the API adoption.

Personas in this stage:  API Designer / API Product Manager

  • Gathers the requirements of the consumer
  • Applies best-practices for API design
  • Documents the API to make it easy to learn how to use
  • Gains agreement with the consumer on the design of the API

Implement – this is the stage where the API is implemented by the API service developer. This stage also includes implementing the API in the API Management layer. Creating the API backend implementation is different from creating the API in the management layer. The latter creates the API, connects it to the backend API implementation and allows API Managers to add security policies, documentation and publish it in the consumer portal where consumers can consume it.

Personas in this stage:  API Manager/Implementer

  • Creates the API, applying policies to support the design and to ensure security
  • Tests the API
  • Deploys the API
  • Monitors and manages the API

Deploy – this is the stage where the API is deployed to a “gateway” where it is ready to service runtime requests. The gateway manager will deploy the APIs which will be approved by Gateway managers. In some organizations the same person will play the role of both API manager and Gateway manager. In other organizations, the Gateway manager will be an operations role.

Personas in this stage:  API Manager/Gateway Manager

  • Deploys and configures gateway nodes
  • Reviews and approves API deployment requests where necessary
  • Monitors and manages the gateway(s)

Manage – this is the stage where you may need to manage the API. Perhaps you want to add more security policies, or add rate limiting SLAs, or undeploy or redeploy an API to a different gateway.

Personas in this stage:  API Manager/Gateway Manager

  • Monitors and manages the API
  • Adds or removes security policies, SLAs, etc.
  • Deploys / Undeploys / Redeploys API

Discover – in this stage the consumers discover APIs that are available for consumption. Typically the API manager will publish APIs that are ready for consumption into a consumer portal. The consumers (typically developers) will come to a Developer Portal and browse APIs available. They will read the documentation and test the API to ensure that it meets their needs and register to use these APIs.

Personas in this stage:  API Consumer

  • Searches the API catalog to identify existing APIs
  • Registers desired APIs with application(s)
  • May collaborate with an API Product Manager/API Manager to design the API and capture the requirements

Monitor – this stage is where the API is monitored by the API Developer, API Manager and the API Consumer to gain visibility and metrics. The API Developer and Manager will be monitoring to see who is invoking the APIs, which APIs are most popular, what are the common security violations, what are the average request and response times, etc. The API Consumer will also monitor the API to monitor how many requests have been successful, how many invocations have been made, average request and response times, etc. Metrics are particularly important for business to make sure that they are using their digital assets in the most efficient way possible. Accurate analytics is also important to measure metrics related to performance, SLAs, monetization, rate plans, quotas, etc. Monitoring an API may reveal information that may require APIs to be re-designed, or new APIs to be designed and deployed and thus the API lifecycle continues.

Personas in this stage:  API Consumer / API Manager / API Developer

  • Monitors the API
  • Makes sure that performance, SLAs, security policies are met as needed

Oracle API Platform Cloud Service

Now that we understand the need for an API management solution, we will talk about the brand new API Management offering from Oracle, the Oracle API Platform Cloud Service.

Oracle API Platform Cloud Service provides a foundation for Digital Transformation through the first API Management offering that comprises the full API Lifecycle. Encompassing the complete API continuum from API Design & Standardization via Apiary’s trusted API Design & Documentation Platform through to API Security, Discovery & Consumption, Monetization, and Analysis, the API Platform Cloud Service provides a completely new, simplified API management user experience on top of a proven API gateway. 

Key Features:

Some of the key features of the Oracle API Platform Cloud Service include:

  • Apiary Mock Server: Allows users to quickly model an API on Apiary’s hosted server to make sure that everyone (API Developers / API Consumers) is on-board 
  • Apiary Interactive Documentation: Gives API consumers the information they need to succeed. The Apiary Documentation Console takes the API Description and allows you to not only read and write, but also to interact with your API—even before you’ve built it 
  • API Implementation: Allows API Designers and API Consumers to build new APIs using Apiary UI 
  • API Deployment: Enables Gateway Managers to Deploy, Activate, Deprecate, and Remove APIs 
  • API Inventory & Catalog: Allows API Consumers to discover which APIs are available for use 
  • Application Registration & Management: Allows API Consumers to manage the applications using your APIs to ensure proper usage 
  • Operational Analytics: Allows API Consumers and API Managers to gain visibility using more than 10 pre-built charts to see, for example, who is using the APIs, how, and if they are encountering issues 
  • Policies: Top security, quality of service, and routing policies 
  • User Roles & Grants: Comprehensive grants model to control access to your APIs with API-level entitlements 

Architecture

Oracle API Platform is built using a modern Microservices driven architecture. Each component is built as a small micro service accessible through a REST API. For example, creating metadata, or deploying an API, or collecting analytics can all be done using REST APIs. The following diagram shows the product architecture at a high level.

api-arch.png

Management Portal: The management portal runs in the Oracle Public Cloud and is the heart of the Oracle API Platform Cloud Service. The management portal, along with Apiary (also running in the cloud) enables API First design and development of APIs. The gateway managers can create, manage, secure and publish APIs using the management portal. The APIs are deployed on to runtime gateways which enforce policies at runtime.

Gateways: API Gateways are the runtime components that enforce all policies specified through the management portal. Gateways also help in collecting data for analytics. The gateways can be deployed anywhere – on premise, on Oracle Cloud or to any third party cloud providers. This allows the gateways to be closest to your backend services. Some organizations may not want to expose their data at runtime through the cloud, so it is possible for them to deploy the gateway on premise. Their data is never published back to the cloud. For analytics also, only the aggregated information is passed back periodically to the management service running on the cloud.

Developer Portal: After an API is published, API Consumers (application developers typically) use the Developer Portal to discover, register, and consume APIs. The Developer Portal can be completely customized to an enterprise’ needs so that they can publish it as their own portal to their customers. Developer Portal can also run either on the Oracle Cloud or directly in the customer environment on premises.

Why Oracle API Platform Cloud Service?

The API Platform Cloud Service provides complete support for API Lifecycle from API Design & Standardization to API  Security,  Discovery  &  Consumption,  Monetization,  and  Analysis  on  top  of  a  proven API gateway. 

Some of the key differentiators include:

  • Deployment Flexibility - The API Platform Cloud Service is a hybrid solution where management is in the Cloud but gateways can be deployed anywhere - on premises, Oracle Cloud or third party cloud providers. This allows organizations to deploy the gateways closest to their backend services with the assurance that their data is never going to the cloud
  • Low Operational Cost – The management portal of the API Platform cloud service is run in the Oracle Public Cloud and is completely managed by Oracle. As a customer you need to only run the gateway, the operational cost of which is very low
  • Comprehensive Functional and Operational Analytics - The platform provides robust fine-grained analytics and out-of-the-box support for custom security policies. It also provides a complete audit history of all APIs
  • Customizable Developer Portal - The Developer Portal allows complete customization of the CSS and the addition of languages through a REST API.  The portal can also be hosted by the customer through provided JQuery source code. This allows customers to host the Developer Portal as their own portal to their customers
  • Proven Technology - The platform’s gateway is based on proven technology that has been tested in rigorous production environments at telecommunications companies around the world for several years

Summary

Today’s fast changing business environment makes it mandatory for companies to invest in a comprehensive API Management solution to keep pace with rapid innovation in our digital economy. Companies that do not do this will stumble and fall behind.  Oracle API Platform Cloud Service provides complete support for API Lifecycle from API Design to Discovery & Consumption, Monetization, and Analysis. Using Oracle API Platform Cloud Service, companies can take advantage of their existing digital assets, be agile and accelerate innovation, consequently increasing customer satisfaction and engagement, lowering cost and increasing revenue.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.