Why CIOs Must Care About New API Management Platforms. Hint, It's About Mobile Apps.

Thanks to the good work of my colleagues Eve Maler and Jeffrey Hammond, we have a new Forrester Wave on API Management Platforms, including evaluations of Layer 7, Mashery, WSO2, Intel, IBM, Vordel, and 3Scale. I won't spill the beans on the leaders, but I will share some of their analysis with my own interpretation to explain why you must care. First, let's define API management platforms as:

Middleware that developers use to publish and configure interfaces and that applications use at runtime to connect to the data services they need.

Here's why API management platforms matter:

  1. As you build mobile apps for customers, partners, and employees, you need apps that perform well over the last wireless mile. And that means you need a great, RESTful API that provides design-time and runtime access to data services hosted by your on-premises applications. Think of it as "cloud-connect" technology that lets the data inside your datacenter get out and back (securely) to the mobile app that needs it. As mobile apps get more and more transactional, the need for API management platforms will become even more critical.
  2. You are just getting going on the number, breadth, and complexity of the data service APIs you will need to build and operate. As mobile apps get interesting, with transactions, integrated applications, and more and better content and collaboration, you will need solutions that handle all those integration points. Think of it this way: RESTful interfaces give you the means, but now you need a system to handle the sheer number of APIs you are and will be building.
  3. You need to stay flexible with mobile platforms. You might be able to get away with supporting only Android and iOS today, but before you know it you may need to support more form factors or additional platforms like Windows RT or BlackBerry 10. And you may need to get data from sensors or smart devices. RESTful APIs give you a consistent, accessible interface with a low bar to entry. As long as a device connects to the web - you'll be good to go. And if you make your API public -- you might not even have to write that new mobile app on that new platform because another developer could do it for you.
  4. API management platforms give your IT teams the tools to manage and operate those mobile transactions and server hits. This matters a lot because one of mobile's unintended consequences is a 10x increase in transaction volume for things like status checks, content downloads, and collaboration. And that means an app that starts small can wind up swamping your network, your database, and your budget.

So which API management platform should you use? As usual, that depends on the situation. To pick the right platform or platforms (and this could be technology that you use for a very long time), CIOs will need to make sure that their infrastructure & operations teams and their application development teams have figured these things out:

  • What factors do we care most about? Security? Cost? The ability to scale out to consumer markets? All of the above? Remember that different factors may matter for different audiences or scenarios. Your priorities here will make the next question easier to answer.
  • What's the best architecture -- gateway, cloud-proxy, or "application-specific" -- for our mobile and smart product applications? Note that you may need a different architecture or solution for customer mobile apps than for employee mobile apps.
  • How does the API management platform work with the other systems and tools we have in place? For example, if you're an IBM shop building on Worklight, then IBM's solution is probably well aligned with that existing development approach and toolset. I believe that this combination of API management, app deployment and operations middleware, and a whole lot more stuff is going to consolidate into an "engagement platform" that will be a big budget line item for your mobile and digital applications. We'll have more to say about that soon, but please let me know if you'd like to discuss it.

With answers to these questions in hand, you can go then go ask, "What's the best supplier for our needs today and tomorrow?" This is where the new Forrester Wave and our analysts can help.

Hope this kind of technology discussion is helpful to you. Please let me know if you'd like to see more of this kind of post.



A point well made!

Hi Ted,

Appreciate you putting together this article. It comes in a time when the community had just started getting to the heat of managing "lot" of APIs required for each and every application.

Not sure if I understood it right, Pt.3, that makes a mention of serving to multiple platform, kind of got me confused on API management platform's role. In an ideal scenario, APIs get written in a way that they remain independent of platform.

Also, please note, RESTful API are need of the hour, not only because they help mobile apps communicate with servers, but ALSO because, we are at a point where systems sharing data with each other in a hyper-social environment is extremely necessary and we cant afford to have stand-alone guys anymore. That said, I also understand that this works little differently for enterprises. My two cents!

Again, a very informative article and well presented. Already hungry for more! :)

API management and client diversity

Hi Saurav:
I may be able to respond to your question. It's true that in an ideal world there should be one API serving a variety of clients. But in practice, it often makes sense to tune APIs to better serve a particular platform. The challenge of course is to manage bifurcation of APIs, but a good API management platform should help architects create new API "views" and make it easy for operators to maintain these over time.

I absolutely agree with your observation that APIs are just as relevant for sharing apps and data outside of the mobile arena. Many of our customers use Layer 7's API Management Solutions throughout their enterprise, integrating internal and external applications.

K. Scott Morrison
Layer 7 Technologies

(Edited) comment

[Ted here: I kept in the new content while stripping out the blatant pitch. Content welcome; pitches, not.]

Hi Ted, I agree mobile use cases are driving API platform interest, and you astutely mentioned a handful of important sub-themes.

In addition to mobile, many organizations are also interested in promoting service re-use and refreshing their SOA with API management tooling. I have posted a few online resources that describe the SOA vector powering API Management interest: