The blueprint for integration has always been the API, or Application Programming Interface. The API has recently moved from its roots as a venerable (but complicated) application integration reference document to become the bread and butter of a new API ecosystem. Driven by Web programming techniques, startups such as Google, Amazon, Facebook and Twitter have simplified their APIS and opened them up to the public. Integrating with partners is now a whole new ball game.
The expansion of Web services, mobile, cloud and SaaS platforms has altered the realm of APIs. With increased focus on becoming more flexible, lighter and faster, enterprises across industries are looking to
A growing number of companies are weighing the costs, risks and benefits of opening up their systems and creating public APIs. Michael Ogrinz, SearchSOA.com’s enterprise application mashup expert, opines that technical concerns are only one part of the decision process.
“There have been a lot of articles written about the technical issues involved in hosting external APIs, but not much material on the ‘how’ or ‘why’ a company chooses to develop one,” he says. The same justification questions apply to any organization considering a public API, whether a startup or Fortune 500 company. Ogrinz points to APIs: A Strategy Guide for comprehensive answers to what motivates companies to build public APIs, how they make money with the approach and how businesses of all sizes can get on board.
Expert insight into Web services design, APIs
Over the years, different techniques have been tried for application development and integration based on services. Web services APIs have vastly expanded to include a host of REST-based API styles for enterprise architects and developers to choose from. Enter Service Design Patterns by Robert Daigneau, a concise catalogue of Web services common practices and methodologies.
The task of designing Web services has become more challenging as mobile, cloud and SaaS platforms continue to spread. In a recent podcast interview with SearchSOA.com’s Jack Vaughan, Rob Daigneau offers solutions to the most common service design challenges.
While many people associate APIs with social media giants Facebook and Twitter, enterprises across industries are embracing open APIs. “Enterprises are watching and learning what’s going on in the consumer arena,” says Dimitri Sirota, co-founder of Vancouver-based API management firm Layer 7 Technologies. “What they’ve seen is that by opening up systems through programmatic interfaces, they’ll be able to get reach, revenue and better retention in their customer base.”
Though APIs are far from new—they have been around since the dawn of computing—they now do more to hide the intricacies of computing. As a result, enterprises wanting to connect with end users, collaborate with partners and compete more effectively are increasingly turning to APIs.
Application integration today requires more flexibility and tolerance to sudden changes. As a result, APIs increasingly support REpresentational State Transfer (REST) interfaces, which call for a more general approach to design and enable workability across the board.
Gartner Vice President and Analyst Daniel Sholler, a recent speaker at the Gartner AADI conference in Las Vegas, notes that REST architecture is popular among programmers and has had major success with third-party cloud and mobile applications. SearchSOA.com’s enterprise application mashup expert, Michael Ogrinz, explains that REST APIs also often play an important role in making application mashups work.
Applying REST principles to the design of Web services—what Sholler calls Web-oriented architecture, or WOA—follows the idea that the design should be “absolutely application neutral” and “as general as possible,” according to Sholler. Achieving that neutrality and flexibility in application integration design is gaining importance.
OAuth promises security, speedy app development
An open authentication standard called OAuth is becoming increasingly widespread. The most popular examples of OAuth are Facebook and Twitter, which were early adopters of the protocol that enables users to move between sites and connect to software services without an additional login.
The apparent move toward OAuth may mean better security for many enterprises that support a mix of Web application types. It also means speedy app development, as OAuth enables developers to integrate multiple apps together using APIs.
As SOA approaches mainstream, practitioners look to use it to support cloud and mobile apps. For smoother transitions in an era of rapid application integration, a growing number of enterprise architects are looking to REST integration patterns to integrate apps within a SOA framework.
Part of the appeal of the RESTful approach is that it is simpler and lighter than other approaches. Indeed, RESTful interfaces thrive in Web and mobile applications. But despite its many benefits, REST is not always the answer. “With REST, because it’s lightweight, it doesn’t do as much for you…so if you want certain transactions, you can have them but you are responsible for managing their boundaries,” says Mike Gilpin, vice president, Global Council and research director at Forrester. Deciding whether and where it is appropriate to use REST is the key to avoiding the pitfalls.
This was first published in March 2012