Security is “king” when it comes to API management.
We’ve known that for a long time. All of the feedback we receive from customers and from the analysts confirms that security continues to be the number one reason that companies bring API management into their organization. Ensuring that you have a secure foundation for how anyone can access your APIs is paramount to your business success. That will ALWAYS be the case.
But, there is another side to the story. It has to do with socialization — making sure that the developer network that you rely on can easily find, understand and use these APIs. If you haven’t yet started rolling out an API management program, then just think about how much more effective your teams can be if they had one place to go in order to find your curated set of reusable and authoritative services. This is a tremendous accelerator — both for internal development teams and business partner ecosystems that build around your business.
This then brings me to the point of this post. If socialization of APIs is a great value itself, then why is traditional API management so singularly focused on only RESTful interfaces that subscribe to the OpenAPI spec? Surely there are other interface types that would also benefit from socialization within the development community. Aren’t there?
You’ve probably already guessed the answer to that question — of course there are. If we go back in time, we will see clear evidence of this through the many API management technologies that support SOAP. However, that had often been positioned as necessary since “you had to bridge out of the old SOA world,” rather than suggest that any other interface type can be as strategic as OAI for your organization. Don’t get me wrong, OAI is WONDERFUL. It has been a tremendous accelerator and rallying point for the industry over the past 5+ years. But, to be honest, it’s not the only strategic game in town.
Multi-form API management
This brings me to multi-form API management, which is extending full-lifecycle API management software so that organizations can create, manage, secure and socialize a broad set of technology endpoints. You may now be asking: “Does my organization really need to be concerned about managing endpoints beyond just REST OAI interfaces?” For many organizations, the answer to that question is a resounding “yes.”
The landscape for how developers are interacting with your company’s data continues to change. One of the most obvious examples is GraphQL. GraphQL is a great accelerator for API consumers who need to get a diverse set of information quickly.
For instance, if I wanted to get a customer name and phone number in a traditional RESTful way of working, I likely would have needed to make two calls — one to the getCustomer and another to the getCustomerContact API. With GraphQL, I can instead make one call that issues a query and returns a combined result.
Many organizations that value the power of GraphQL are rolling it out alongside their existing API management programs. In these cases, would they put up a different developer portal than their existing one? Of course not. These endpoints should be managed and socialized in a way to accelerate customer adoption.
Is that all?
OK, so we have OAI and SOAP. Now we’ve added GraphQL. Surely that can’t be all, can it?
Over the past year we have been working with many customers who are adopting Apache Kafka. While they recognize teams can easily get content into it, what they find challenging is having other departments start to use it. The key reason for that is “lack of visibility.” Other developers simply don’t know what has become available and the value it may have to accelerate their new event-driven solutions. This is a problem that API management is very adept at solving via its developer portal capabilities.
Event endpoint management
That’s why we find it very exciting to bring the benefits of multi-form API management to the Kafka community this month. We are expanding our API management functionality in IBM Cloud Pak® for Integration to include event endpoint management so that organizations can easily register their Kafka topics along with their related schemas and make them easily discoverable to developers across their organization. As part of this new functionality, we are introducing support for AsyncAPI — a standard closely aligned to OpenAPI. Once delivered, developers can leverage the same functionality to find, understand and test these APIs just as they would any other. This will be a tremendous accelerator for all agile teams.
So, OAI, SOAP, GraphQL and now Kafka — are they all APIs? We think "yes" — and now multi-form API management is helping to prove that case.
If you think event endpoint management can help your organization, we'd love to hear more about it. Please reach out to me directly at email@example.com.