Articles

The 5-Point Approach to API Management

- Panchalee Thakur

It has been 24 years since eBay released its first set of Application Programming Interfaces (API) at the end of 2000. Their pioneering entry into the API space was accidental and driven by the need to manage the challenges of unlicensed third parties accessing their ecosystem. Access to the Simple Object Access Protocol (SOAP) based APIs was granted only to a limited number of partners and developers globally. In 2019, eBay’s Buy API, which allows websites to tap into merchandise inventory, surpassed $1 billion in gross merchandise bought revenue.

APIs have gone beyond technical development opportunities and are now bringing strategic value to businesses. They are opening new revenue lines. Whether it is the Printicular app from MEA labs that leveraged Walgreens’ photo printing and pharmacies through an API or APIs provided by Salesforce.com, Expedia, Zapier, and Google, revenues have skyrocketed.

According to Fortune Business Insights, the global API management market is projected to grow from $5.42 billion in 2024 to $34.17 billion by 2032, at a CAGR of 25.9% during the forecast period.

The API Challenges

The API landscape presents exciting possibilities, from opening new revenue opportunities to bridging legacy and new systems to aid digital transformation. However, to reap the benefits, organizations need to manage and implement APIs well.

APIs are to be considered business-critical products and treated accordingly. Every API must be linked to a business case and an organization’s market strategy. If no control is exercised over the creation of APIs, it can create havoc in the marketplace. Think of developers creating ad-hoc APIs and making them available for others to use. In an article on API documentation , the author estimates that less than 10% of organizations create extensive documentation for APIs.

This can lead to security lapses. T-Mobile revealed that a hacker exploited one of its APIs in 2022 to steal personal details of 37 million customer accounts. In other cases, the cost of API downtime can be significant for huge businesses. In 2017, Amazon’s S3 cloud storage service went down for four hours, resulting in an AWS outage that cost businesses $150 million.

Assume that an API portal is provided for developers to host APIs for others to access. Once the APIs are hosted, there could still be issues around lack of standardization, absence of cataloging, and no accountability for managing them in the future.

Think of a cupboard stuffed haphazardly with items that people either do not need, do not know how to use, or cannot find what they are looking for. Poor experience can lead to low API adoption and, in turn, to API duplication by frustrated developers who are unable to find the appropriate API for their needs.

The consequences stemming from a lack of API strategy can negatively impact user satisfaction, brand reputation, customer trust, SLAs, and revenues. This effectively means that organizations not only end up spending money on developing APIs that they are unable to monetize for the business but also lose money through badly designed API portals and reverses to the business.

If CIOs strategize appropriately, APIs can be the wormholes that cost-effectively transport businesses into new markets and ecosystems, universes that may never have been considered before.

The 5-Point Approach to API Management

It has now been established that developing APIs requires a structured and strategic approach at the highest enterprise levels. We recommend five focus areas for API management by a CIO.

1. Single API Platform

An API platform is central to an API management solution. While gateways and portals are key, a platform must fulfill other critical functions, such as securely exposing APIs via micro gateways, integrating easily with financials, incorporating extended documentation features into the gateway, and monitoring usage with reporting, prediction, and analytics. Such platforms can be set up using tools such as Apigee, WSO2, Mulesoft, Kong, and IBM API Connect.

2. API DevOps

t is essential that APIs stay current. Since continuous change must be achieved without impacting the business, a DevOps framework with Continuous Integration and Continuous Delivery or Deployment (CI/CD) will align teams around common designs and architectures. Designing delivery automation while keeping team structures and organizational culture in mind is key to successful delivery. A well-designed API DevOps approach can become a foundation for an API Factory model that will work seamlessly across the globe, especially in the current climate where most initiatives are run remotely.

3. Open API Ecosystem

To ensure that developers do not create APIs that others cannot understand, an OpenAPI ecosystem based on the OpenAPI Specification (OAS) is used as a standard for describing HTTP APIs. As a result, OpenAPI systems are language-agnostic, support the entire API lifecycle, provide interoperability within and outside the organization, and have access to tools such as Swagger that support OpenAPI. For example, the banking industry uses OpenAPI ecosystems that enable customers to access their financial information from multiple providers through a single platform. Since this is compliant with regulatory requirements, data sharing is secure with prebuilt consent and authentication mechanisms.

4. API Marketplaces

At the highest levels, start with a go-to-market business strategy for revenue generation through APIs. The marketplace is where the APIs are made available to customers through an attractive storefront. Different monetization models are designed for customers, and the APIs are provided standalone or bundled with partners with compelling purchase options. A well-designed marketplace can achieve better top-line and bottom-line outcomes.

5. API Governance and Security

Governance can play a critical role in preventing many of the challenges related to ad-hoc API development. It is recommended that a centralized governance body be constituted to manage implementation with the following key actions.

  • Define clear guidelines and policies for API design, development, and usage
  • Ensure adherence to established API guidelines and policies
  • Promote reusability to avoid redundancy and improve efficiency
  • Emphasize security strategies to protect APIs and data
  • Monitor and measure API performance and usage
  • Promote collaboration between teams for API business effectiveness
  • Provide training and support for developers to follow guidelines and policies

An API Management Strategy is Key

Focusing on the above five areas can help address the challenges of developing and monetizing APIs. Torry Harris has leveraged deep experience in API management to develop collaborative strategies and deliver business value to global organizations. Vodafone saved millions of dollars and achieved faster time-to-market by adopting an API integration strategy developed by Torry Harris. A centralized API factory model developed by Torry Harris helped British Telecom achieve 95% faster partner onboarding.

In Q2 2019, Torry Harris was named a 'Leader' in The Forrester Wave™: Specialist API Strategy and Delivery Service Providers, Q2 2019. Torry Harris Business Solutions has a long heritage of specializing in integration, service-oriented architecture (SOA), and API, of note is Torry Harris Marketplace (TH-M)— a digital marketplace offering that embodies much of the firm’s thought leadership on API-based platform business models, including a built-in API management solution.

Contact us for more information on how we can transform your business through our API Management strategy and approach.

Request a consultation
About the author

Panchalee Thakur

Independent Consultant