The API maturity cycle within the enterprise is evolving at two or three times the speed of previous software oriented architecture (SOA) cycles, creating an urgent need for tools that ensure new business integrations built with APIs are managed with respect to governance and industry regulatory requirements. To keep up with this pace, SOA Software has today released the Lifecycle API. This new API is part of the company's Lifecycle Manager product that supports enterprises with flexible approaches to governing IT and business activities and processes.
The new Lifecycle API provides functions that “allow customers to configure forms for on-boarding and to set limits”, Brent Carlson, Senior Vice President of SOA Software told ProgrammableWeb on the eve of the launch.
“A lot of our customers are saying you have a great portal, a great gateway, how do we bring on business partners and how do we vet new enterprise apps, how do we know when to throw the switch?” Brent Carlson, Senior Vice President of SOA Software told ProgrammableWeb.
“The Lifecycle API supports capabilities like company on-boarding, and app registration on-boarding for enterprise apps,” Carlson said. “We are seeing the real API maturity cycle being at double or triple the speed of the SOA maturity cycle.” Carlson points to a much more rapid development cycle in which enterprises are at first creating products internally using APIs, but then seeking to exploit the opportunities generated by these products by enabling access to business partners.
The Accenture API Maturity Model
According to global consultancy Accenture, API maturity in the enterprise passes through five stages, from ad hoc development through to industrialization. The first two stages — ad hoc API development and organized APIs — are akin to the underside of the old API iceberg graph: they are traditionally internal, or private APIs, that enable business processes within the enterprise and are managed behind the firewall.
API management providers like SOA Software are seeing enterprises more quickly reach stages three to five in the Accenture model: where internal APIs are recognized as having a tactical advantage (stage three) that can be embedded in mission critical processes (stage four), and become open or semi-open and be used to manage business partnerships and expand a company’s ‘digital ecosystem footprint’ (i.e. industrial APIs: stage five).
ABOVE: Accenture API Maturity model, used with permission. From API Industrialization: Connecting the Digital Ecosystem, February 19, 2014
Accenture points to the example of Nike, which has used its’ Fuelband wearable technology and the Nike Plus API that comes with it to reorient the whole enterprise from being a sneaker manufacturer to being a data platform. Nike now uses data to connect with people’s daily health and recreation needs via a mature ecosystem with integrations to insurance companies and health care providers, and to individuals’ Facebook profiles, sports activities, and so on. Accenture credits Nike’s API maturity as being responsible for the company’s market capitalization growth from $17 billion in 2006 to $58 billion in 2013.
Matching the Pace of Maturity with Governance and Regulatory Requirements
But as enterprises seek to take advantage of this API maturity potential, they face the need for their API integrations to meet industry regulations and internal business governance oversight requirements.
“Out of the box, [API maturity] works great, but our enterprise customers are telling us they have to deal with business governance, legal issues and regulatory reporting issues, or health care requirements like storage of information in accordance with HIPAA,” says Carlson. [In the U.S., the Health Insurance Portability and Accountability Act sets regulatory requirements for storage and sharing of personal health data in accordance with strict privacy and confidentiality requirements.] “They need the ability to flexibly gather data that meet these regulatory regimes, without creating onerous processes, and without creating a one-off application that can break your user interface, or that lets an app app destroy your API architecture by making too many calls.”
The Lifecycle API enables the integration of business data collection and decision making into technical processes such as API access grants.
“In the initial implementation of the Lifecycle API, it allow customers to configure forms for on-boarding and to set limits,” Carlson said. “It is a fully integrated option. You define the form elements. You can set whether there is a document that you need to review, or if you have to read through a click-through agreement, or maybe you have to download a document and fill something out. Then that can be directly routed to the necessary stakeholders and then handed back to the [SOA Software] Community Manager, who then roles of access control, and can create partition environments. All those capabilities are there, all we are doing is creating flexible roles.”
“It is a big step forward in automating and provisioning internal and B2B partner APIs,” adds Sachin Agarwal, VP of Product Marketing at SOA Software.
Enterprises are taking to API technologies in increasing numbers, as was obvious at the recent Application Lifecycle Management conference in Seattle (see our coverage later this week). Meanwhile, those enterprise industries more advanced in the use of APIs — banking, finance, insurance and health care (with energy and utilities next in line) — are getting ready to ramp up substantially, and will be looking for functionality like the Lifecycle API to manage regulatory requirements without slowing down their pace of growth.
By Mark Boyd. Mark is a freelance writer focusing on how we use technology to connect and interact. He writes regularly about API business models, open data, smart cities, Quantified Self and e-commerce. He can be contacted via email, on Twitter, or on Google+.