This is the second article of a three-part series on building a custom application with the Box Content API.
In the first article of this series, we covered two ways of using the Box Content API to deliver enterprise-grade security in your applications: (1) securely deliver content between customer-facing apps and employee-facing line of business SaaS apps, (2) securely deliver content between customer-facing apps and on-premise enterprise systems. These scenarios are depicted in the diagram below, which shows how Box can be interfaced through employee productivity apps, back-end systems, and custom apps.
Implicit in that article was the idea that you would use Box Content API to accelerate the development of these classes of application. We completely glossed over the novelty of designing your applications using services from a cloud vendor like Box, rather than building the content and collaboration functionality yourself.
Let’s be real - this is novel. Applications have not historically been designed to leverage third party cloud services. With the rise of cloud platforms like AWS, Azure, Bluemix, and others, has come new ways of managing and deploying applications in the cloud. The floodgates are open, and best of breed services are emerging to complement or supplement the capabilities of these cloud platforms. The Box Content API is one of many such emerging cloud services, and with this article we’ll deep dive into some of the other strategic cloud services you should be thinking of for your modern IT stack.
This ecosystem diagram is not meant to be exhaustive or exclusive, it is a point in time view of the world from our vantage point with our Box customer base. We are often asked by CIOs and CTOs at our customers what we see as the landscape that Box fits into, and this is an attempt to answer those questions:
Granted, this looks a bit like an eye chart. But let’s break it down:
At the base of the diagram is your Cloud Platform. It’s possible to have multiple, but typically we’re seeing customers standardize on one cloud platform. These platforms provide wide ranging functionality, from compute and storage through managed services in a variety of categories. In order to build and manage the running applications, you’re going to need SaaS apps for your IT and Development teams. We’ve highlighted the shortlist that should be on the CIO/CTO radar, but this is a deep category with many more services. At the core of your application are the services that solve specific functional needs. When building modern applications, business logic is offered up via services that are managed using an API Management layer with underlying Orchestration / Integration to wire them together as needed. With this plumbing in place, you can offer up to your applications services that are either developed in house (Custom Services), or from third party vendors in a broad range of functional categories. We’ve identified a few of the main categories: Identity, Content & Collaboration, Interaction, Business, and Machine Learning. This is by no means an exhaustive list, but the important point is that your applications come together by assembling reusable services developed by you or from best of breed providers. Note also that your Line of Business SaaS Applications all provide APIs that can be aggregated in exactly the same way. Your users interact with your business systems through these SaaS applications, or through Custom Applications developed on increasingly sophisticated application development platforms. And finally, in a heterogeneous environment, unifying BI & Analytics is more important than ever. You can’t run reports off a specific application database, because the full story can only be gleaned by bridging across the multiple apps in your environment.
IT SaaS Apps
We’ve grouped the suite of SaaS applications that your internal developers and IT staff use to develop and manage their work under “IT SaaS Apps”. This space has exploded in popularity recently, with massive VC investments going into platforms that help developers manage their applications. This is partly a response to the complexity of modern application development, which depends on aggregating services rather than the “simpler” task of managing the entire code base in-house. It’s also about changing work styles, where more and more companies are bolstering their engineering teams with external talent who need fast onboarding and easy access to tools and environments. But mostly it’s an evolution, like other application areas, where across the board our development tools are getting better at making our teams productive.
We call out Atlassian, ServiceNow, Zendesk, and Github specifically in this category. There are alternatives, but these tools are best-of-breed and integrate well with Box. Atlassian’s JIRA is a great tool for managing trouble tickets, and their Confluence product is for managing internal project documents. ServiceNow and Zendesk both started with a focus squarely on internal usecases, for managing infrastructure and trouble tickets respectively, but both now offer a broad suite of solutions to custom workflow in IT and beyond. Github needs no introduction, it has emerged as the defacto standard code repository and collaboration tool for distributed software teams.
We could have put these tools in the SaaS Applications category, since fundamentally they’re productivity apps for engineers and designers. However, they deserve a category of their own because of their important role tying in with DevOps tools; these apps have great APIs and can be scripted against to drive processes, such as deployment. There are many more tools in this category, but we’re focusing here on the products and brands that are strategic to the CIO or CTO. Your development teams will have their own preference for source code editors and utilities that help them get their jobs done.
We’re also calling out Docker. The container movement deserves its own post, and we’re heavily invested at Box in using containers for our internal architecture. There are a lot of services that we could have included here, application monitoring, continuous integration, logging, developer notifications, and many more. We’ve kept this list succinct, with Docker making the cut as a case study in the new reality of developer services, where rapid enterprise adoption has followed an almost cult following at the developer community level. At all categories in the stack, but especially in developer tools, the enlightened CIO/CTO should listen to their developer.
For companies deploying cloud-based applications, your development / deployment model is predicated on the delivery of modular cloud services. This architecture provides tremendous benefits in terms of reuse and agility, not to mention flexibility to use best of breed cloud services. But those disparate services need to be managed. The emerging class of software for API Management can help to wrangle the various services, providing monitoring and analytics, proxying, rate limiting, and even monetization.
We don’t include vendor logos in this category, because for the most part the API Management function is provided by your cloud platform or the underlying orchestration / integration layer. The one callout we will make is to Apigee, though even there they provide more than basic API Management.
Orchestration / Integration
This is quite a broad category, and different products handle this in different ways. There is a long list of niche products that offer adapters to back-end systems. At Box, we’ve invested in many of them ourselves, for example see our integrations with IBM products. In most large deployments, the integration needs are significant enough that a more structured solution is required. We call out SnapLogic and MuleSoft specifically as integration platforms. These solutions come with adapters to many backend systems, and the ability to define your own adapters and routing.