At ProgrammableWeb, the application programming interface is at the epicenter of our online lives. But what people might not realize is how much the API is at the center of the future and soon present technology of every connected person’s daily life. APIs will continue to play a central role in trends like chatbots and virtual assistants, the Internet of Things, microservices, pretty much all things mobile, and so much more. APIs are also being increasingly consumed as “shadow IT” by less-tech departments like marketing, sales, finance, and human resources.
While we recognize its infrastructural value, where is the actual API economy headed? Is it still stuck as an acronym unknown outside of IT circles or is headed toward notoriety and profitability? Mark O’Neill, research director at Gartner, presented some of the trends in the API industry at a recent APIDays conference. Below we delve into them and how they affect the future of the tech industry as a whole.
Where Does the API Hype Continue to Grow?
O’Neill validated that hype in three points:
- APIs are the center of modern application architecture.
- APIs enable decomposition of software monoliths.
- One of the hallmarks of a successful API program is that you get things that you don’t plan for and people build things you don’t expect.
But this doesn’t meant that all APIs are created equal. Last year’s infamous Gartner Hype Cycle for API-driven architecture attempts to map out the the direction the API economy is heading. On the curve, private APIs are deemed established as a model for business process improvement and innovation, which in turn affects the rest of the predictions and insights that Gartner makes. Following this, mediated APIs — that act as bridges between new and old applications — are on the rise, as they particularly provide adaptations and opportunities for innovation in businesses tied down with legacy infrastructure.
Gartner also puts the concepts of the API marketplace and the API economy on the up and up, with expectations of heading mainstream soon. It pegs public APIs as losing hype, which makes sense because, often, it’s harder to measure direct success with public APIs, but rather indirect success that can combine with other benefits like customer attrition.
“For public APIs, they put them out there with an ‘If we build it and put it out there, they will come’ model,” O’Neill said, referencing how, like in the Field of Dreams, there was a lot of assumption that a public API was the way to recruit app and SaaS customers, but, unlike everyone’s favorite baseball movie, all the customers didn’t come running. “Now they are rethinking how we can do it better.”
Finally, Gartner has the full API lifecycle management — which follows an API from start to finish, through strategy, design, deployment, advanced support and security to versioning and eventual retirement — as peaking in popularity in 2016. This also fits in along with the mainstreaming of private APIs, which have businesses taking more control over their entire API lifecycles, as a part of their entire IT infrastructure evolutions.
How the API Management Market Is Changing
As we mentioned in the introduction, there’s no doubt that APIs are doing a lot more now than connecting two apps or a front-end with a backend. The API economy is based on the management of the whole API lifecycle. APIs are driving both infrastructural and cultural changes like DevOps and layered microservices. API-first design is also driving the way infrastructure isn't just being adapted but evolved. APIs aren’t just changing the way technological infrastructure is organized, but the way much of the human side of business is organized too.
API management tools are allowing API developers to offer more options and to enable companies to custom-build their infrastructure to their needs. O’Neill mentioned that this has led to an increase in adoption of open-source solutions.
It has also led to a consolidation of the market, as shown by some big acquisitions over the last year. API management and API gateways are becoming a part of larger solutions like cloud-based platforms, application delivery controllers, and integrated solutions like iPaaS (integration delivered as a service.)
It isn’t just about what APIs are facilitating and which vendors are betting on them. With growing awareness of the risk of threats, API security is more important than ever, and it’s something API management vendors are increasingly responsible for.
As you can see in the image below, as O’Neill put it, “API security issues are making headlines because the security is complex.”
What he calls the “building blocks of API security” leave a lot of balls in the air just ready to be dropped.
As the API marketplace becomes more sophisticated and widespread, the risks become more apparent. And as it becomes more popular, when API security fails, it makes more headlines. As alluded to earlier, APIs have made technology more accessible than ever, which means the IT department is no longer the gatekeeper for technical decision-making, which empowers everyone in a company to innovate, but it can lead to less security vetting.
APIs are being consumed by this so-called “Shadow IT” everywhere. The financial departments aren’t only accessing data via banking APIs, but they’re also utilizing API-based services like Stripe, Braintree and ADP. Logistics departments are made more efficient by the FedEx and UPS APIs. Even lower-tech marketers like this author use Google Analytics, Mailchimp and AdWords regularly. And then all the departments of a business are connecting, communicating and sharing data, often for the first time, via API-first tools like Twilio and storage apps like Box, Dropbox, and Amazon Simple Storage.
This has all led to a dramatic increase in multi-platform sales, whether two-sided like Uber and eBay — going between buyers and sellers — or three-sided like Amazon — among advertisers, buyers and sellers. The Chinese eCommerce Platform Alibaba is x-sided, leveraging APIs for its entire supply chain.
With all this API management evolution and expansion, “It’s very easy to create an API security policy that is not secure,” O’Neill said.
While this world of Shadow IT accelerates business processes, there’s still a lack of transparency between departments and of insight into the bigger company-wide picture of how it all connects — and how one small piece could bring it all down. This means API management tools matter more than ever.
With these changes in mind, O’Neill continued that we should “Think about tailoring APIs, think about API management and API design from the outside in. Start from the app not the backend. Don’t work inside-out with domain model dumping.”
The only way API management will be successful in guaranteeing API security — and really the only way it’ll be successful at driving business in general — is by taking a step back and looking at the broader view of how all these pieces interconnect.
Only when we have this more global view of the possibility of the API supply chain will we be able to spot new areas of API monetization. This will range from the less profitable number of calls, revenue per download or in-app purchases up to the maybe limitless profit possibilities of revenue sharing, platforms as a channel, and whole new product development.
O’Neill said it’s “no longer a chain of calls and single points of failure. Now we see the comeback of event-driven apps like conversational interfaces with context and Facebook.”
Soon API management will cease to just be about the API, but more about the things it’s driving and hopefully securing, like the Internet of Things, chatbots, microservices, and forward-thinking, digital businesses as a whole.
Where do you see the API economy heading this year? Make your predictions in the comments below!