March 19, 2021 By Tony Curcio 3 min read

Security is “king” when it comes to API management.

We’ve known that for a long time. All of the feedback we receive from customers and from the analysts confirms that security continues to be the number one reason that companies bring API management into their organization. Ensuring that you have a secure foundation for how anyone can access your APIs is paramount to your business success. That will ALWAYS be the case.

API socialization

But, there is another side to the story. It has to do with socialization — making sure that the developer network that you rely on can easily find, understand and use these APIs. If you haven’t yet started rolling out an API management program, then just think about how much more effective your teams can be if they had one place to go in order to find your curated set of reusable and authoritative services. This is a tremendous accelerator — both for internal development teams and business partner ecosystems that build around your business.

This then brings me to the point of this post. If socialization of APIs is a great value itself, then why is traditional API management so singularly focused on only RESTful interfaces that subscribe to the OpenAPI spec? Surely there are other interface types that would also benefit from socialization within the development community. Aren’t there?

You’ve probably already guessed the answer to that question — of course there are. If we go back in time, we will see clear evidence of this through the many API management technologies that support SOAP. However, that had often been positioned as necessary since “you had to bridge out of the old SOA world,” rather than suggest that any other interface type can be as strategic as OAI for your organization. Don’t get me wrong, OAI is WONDERFUL. It has been a tremendous accelerator and rallying point for the industry over the past 5+ years. But, to be honest, it’s not the only strategic game in town. 

Multi-form API management

This brings me to multi-form API management, which is extending full-lifecycle API management software so that organizations can create, manage, secure and socialize a broad set of technology endpoints. You may now be asking: “Does my organization really need to be concerned about managing endpoints beyond just REST OAI interfaces?” For many organizations, the answer to that question is a resounding “yes.”

The landscape for how developers are interacting with your company’s data continues to change. One of the most obvious examples is GraphQL. GraphQL is a great accelerator for API consumers who need to get a diverse set of information quickly.

For instance, if I wanted to get a customer name and phone number in a traditional RESTful way of working, I likely would have needed to make two calls — one to the getCustomer and another to the getCustomerContact API. With GraphQL, I can instead make one call that issues a query and returns a combined result.

Many organizations that value the power of GraphQL are rolling it out alongside their existing API management programs. In these cases, would they put up a different developer portal than their existing one? Of course not. These endpoints should be managed and socialized in a way to accelerate customer adoption.

Is that all?

OK, so we have OAI and SOAP. Now we’ve added GraphQL. Surely that can’t be all, can it?

Over the past year we have been working with many customers who are adopting Apache Kafka. While they recognize teams can easily get content into it, what they find challenging is having other departments start to use it. The key reason for that is “lack of visibility.” Other developers simply don’t know what has become available and the value it may have to accelerate their new event-driven solutions. This is a problem that API management is very adept at solving via its developer portal capabilities.

Event endpoint management

That’s why we find it very exciting to bring the benefits of multi-form API management to the Kafka community this month. We are expanding our API management functionality in IBM Cloud Pak® for Integration to include event endpoint management so that organizations can easily register their Kafka topics along with their related schemas and make them easily discoverable to developers across their organization. As part of this new functionality, we are introducing support for AsyncAPI — a standard closely aligned to OpenAPI. Once delivered, developers can leverage the same functionality to find, understand and test these APIs just as they would any other. This will be a tremendous accelerator for all agile teams.

So, OAI, SOAP, GraphQL and now Kafka — are they all APIs? We think “yes” — and now multi-form API management is helping to prove that case.

If you think event endpoint management can help your organization, we’d love to hear more about it. Please reach out to me directly at

Was this article helpful?

More from Cloud

IBM Tech Now: April 8, 2024

< 1 min read - ​Welcome IBM Tech Now, our video web series featuring the latest and greatest news and announcements in the world of technology. Make sure you subscribe to our YouTube channel to be notified every time a new IBM Tech Now video is published. IBM Tech Now: Episode 96 On this episode, we're covering the following topics: IBM Cloud Logs A collaboration with IBM and Anaconda IBM offerings in the G2 Spring Reports Stay plugged in You can check out the…

The advantages and disadvantages of private cloud 

6 min read - The popularity of private cloud is growing, primarily driven by the need for greater data security. Across industries like education, retail and government, organizations are choosing private cloud settings to conduct business use cases involving workloads with sensitive information and to comply with data privacy and compliance needs. In a report from Technavio (link resides outside, the private cloud services market size is estimated to grow at a CAGR of 26.71% between 2023 and 2028, and it is forecast to increase by…

Optimize observability with IBM Cloud Logs to help improve infrastructure and app performance

5 min read - There is a dilemma facing infrastructure and app performance—as workloads generate an expanding amount of observability data, it puts increased pressure on collection tool abilities to process it all. The resulting data stress becomes expensive to manage and makes it harder to obtain actionable insights from the data itself, making it harder to have fast, effective, and cost-efficient performance management. A recent IDC study found that 57% of large enterprises are either collecting too much or too little observability data.…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters