Managing API Management

Managing API Management

Posted in

An explosive evolution is occurring in API management. Influences driving these changes include legacy all-in-one solutions being challenged by the “unbundling” of API management, external-facing APIs rapidly increasing, a growing landscape of specialized tooling, and the incorporation of AI and gen AI into API programs. A well-formed API strategy is essential to surf this tsunami of change and survive the wave.

Technology leaders must make sure they have a good API strategy. This article proposes a framework for developing an API strategy that aligns with the peculiarities of the business and its market and delivers the digital demands of the business.

Technical strategies aim to support business strategies. Technical decisions related to architecture, tooling, and developer engagement for digital goods reflect the same significance as decisions about distribution, packaging, and marketing in the non-digital space. Technical leaders must formulate strategies that are prudent but innovative. Their strategies must show confidence while also being adaptable. The pressure is great. Without a comprehensive guide to direct how technology strategies are developed, enterprises risk creating strategies that lead to unwanted outcomes, including overspending, technology lock-in, fad chasing, and misalignment with the business.

Tracing API success from the bottom up, well-designed APIs work together to efficiently deliver business capabilities. API management provides API developers with great experiences, API consumers with discoverable APIs that are easy to engage, robust security, proactive monitoring and alerting, and the ability to oversee performance and operation. All this is facilitated by API management tools and processes. Lastly, the ultimate guidance for successful API programs comes from a well-formed API strategy.

But how is a good API strategy established? Are there pre-defined templates or examples?

This article proposes Architecture, Implementation, and Relevance (AIR) as a framework for creating an API strategy. It is broad enough to address all aspects of API management with an eye toward business objectives, business trends, and technology trends.

The AIR Framework for Managing API Management

Architecture

Core APIs should be collectively architected as the intermediary layer that serves up capabilities and data. Applications follow an architectural plan, and data adheres to a data architecture. This framework insists that an API architecture is just as critical and that planning out core APIs is worth the investment.

Traditionally, APIs were created as needed when applications demanded them. This framework directs an enterprise to proactively create a master architecture of APIs that provide access to core data entities and business functions. Data architecture is the planned arrangement of data, and application architecture is the planned coordination of how software will solve business problems and deliver business processes. API architecture is the planning of core APIs that will be the intermediary between applications and data.

While this sounds much like the API-first approach, it goes a step further. API-first means that the first attempt to solve a business problem should look to APIs. This framework asks for the premeditated architecture of APIs that represents primary business capabilities. It requires consideration of what differentiates the business, understanding business partners and customers, awareness of the internal business applications, and knowledge of the technology sub-architectures such as data.

An API architecture will identify the minimal set of APIs needed to conduct business and could present a roadmap for future APIs. This architecture also determines the organization’s preference for API granularity, which will inform application design and agility. Finally, this architecture clarifies which APIs receive product management and gives product management the authority needed in development processes.

Implementation

This is the organization’s implementation of the API architecture. It is how the API architecture will be delivered, protected, communicated, and prepared for scale. This AIR dimension considers the needed infrastructure, hosting, access management, protection, API design standards, and API documentation standards.

Relevance

Business and technology spaces are always changing. Just as business strategies have to adjust, API strategies must flex to enable their underlying API program to accommodate business and technology changes. The relevance dimension identifies the aspects of API technology that require close monitoring and continued adherence to contemporary practices. This helps an organization provide weight to technology trends and directs an organization towards API innovations that require investment and away from those that do not.

Establishing these dimensions, and answering the questions they prompt, will create a hierarchy that ultimately informs all decisions related to API management, such as:

  • Policies for API development tooling and practices.
  • Policies for API infrastructure.
  • Policies for engaging API trends.
  • Policies for API standards and governance.
  • Policies for API portals and marketplaces.
  • Policies of API protection and policies for internal and external developer experiences.
  • Policies for monetization, AI, gen AI, and more.

The AIR Framework Components

The AIR framework is a process for creating API strategies, navigating technical and business trends, and assisting with risk and cost analysis. Let’s dive deeper into some of the components within the AIR framework to offer recommendations on how to enact it.

Architecture

Business Capability Model

Create an API architecture that reflects and supports business capabilities. APIs are the intermediary layer enabling internal systems and partners to access the organization’s data and functions. In a significant way, APIs are the organization’s business capability model.

Granularity and Shared Services

Like any software, APIs can drift toward being monolithic or towards being overly fragmented. It’s critical to identify and enforce appropriate granularity as that, in turn, impacts usability, performance, and evolvability. Reuse is often a miscalculated concept. Its benefits are obvious, but its cost can be inconspicuous.

Product Management

For APIs that serve top-level applications and end-user experiences, product management is imperative. Top-down policies that specify the areas of the API architecture that must have product management will ensure its presence and give it the authority it needs.

Implementation

Ownership of Protection

There must be clarity of responsibility regarding initiating and adhering to API access management and protection. Protection policies also inform the strategy for sustainment and scale.

Design Standards/Guidelines

Standards govern API design, liberate API tooling, facilitate congruence with the business capability model, and produce the benefits of homogeneity. Design standards merge industry expectations with organizational preferences, require buy-in across the organization, and must have mechanisms for enforcement and evolvability.

Documentation/Publishing Policies

Only APIs with published documentation are discoverable, and only discoverable APIs are adopted as desired and give their return on investment. Policies for documentation and publishing to portals will ensure discoverable APIs.

Relevance

Inner and Inter Business Practices

APIs are communication channels. Staying contemporary with industry business practices attracts talent, retains compliance, and keeps the organization ready to engage with its market.

Domains and Portals

API portals and marketplaces enable API discovery and access. Thought must be applied to the appropriate delineation of domains, each with a portal and guidelines for those portals. Portals are the access point for developers. They allow both human and AI actors to engage with your API program.

Identify which type of business trends and API technology innovations impact the API program. Develop processes for monitoring and engaging these trends and innovations. These policies and processes inform API strategy decisions as well as business strategy decisions.

AIR framework for managing API management paul dumas

Figure A: The AIR framework. The figure outlines the scope and topics of each AIR dimension, and the API management components and policies for which it provides guidance.

Example: Ford Pro API Program

AIR is a proposed framework, so no existing case studies exist. However, there are examples of how its principles and approach have been successfully implemented. One example of this is the Ford Pro API program.

Vehicles delivered through Ford Pro are highly connected commercial vehicles and offer the opportunity to collect large amounts of data. Ford Pro, with the leadership of John Musser, created a SaaS product that provides data and analytics to help Ford Pro customers maximize vehicle performance and, ultimately, vehicle investment.

Architecture

Ford Pro took the approach of fully architecting the APIs needed to collect vehicle data and the APIs required to deliver autonomous analytics to customers.

Implementation

Ford has positioned itself as a software-defined vehicle (SDV) manufacturer. This API program implementation centered around the internet of things (IoT), software as a service (SaaS), and the latest offerings on the Google Cloud Platform (GCP).

Relevance

The Ford Pro API program needed to remain current with technologies in the commercial vehicle space, cloud technologies, and API best practices for creating great developer experiences and consumer experiences.

With these guiding elements, Ford Pro created an API strategy and, ultimately, an API program that accelerated Ford’s pivot into a software company.

Conclusion

The AIR framework is a guide for authoring a successful API strategy that will support and collaborate with your business, application, and data strategies. It also reminds the designer that API strategies must be created to navigate change quickly, appropriately, and cost effectively.