Application programming interfaces (APIs) are not the panacea for companies looking to grow their market presence, or create new products, revenue streams and engagement channels in their digital transformation efforts.
That is according to David Irecki, Boomi’s director of solutions consulting in Asia-Pacific and Japan, who noted that even with more organisations building APIs to expose data to partners and customers, they often overlook back-end systems and processes that need to be improved for those APIs to be useful.
“It’s like building the door to a house without putting up the walls, plumbing or electricity,” said Irecki, who called for companies that are looking to tap new opportunities through APIs to consider whether their data is correct, secure, in a form that can be exposed and synchronised across the business, before taking the plunge.
“And once you create an API, how do you secure and manage it – and that’s where the API management piece comes in to authorise the use of the API before taking these APIs to market and releasing new products.”
Irecki said firms with mature data governance practices, such as those in regulated industries such as healthcare and financial services, tend to do better in implementing APIs.
“Healthcare is a very good example of that – you’re dealing with medical records which have to be accurate and secure if you’re going to share them as part of a country-wide online medical healthcare system,” he said. “You need to really ensure that everything is locked down properly.”
But organisations are not just building APIs to share data with customers and partners – they are also deploying internal APIs to link different systems in order to facilitate business processes or solve a problem.
“APIs almost become another potential architectural pattern that the enterprise can explore,” said Irecki, adding that some organisations can take things to extremes, however.
Read more about API management
- HotelBeds has switched from its legacy suppler to a licensed service in an effort to reduce API management costs after traffic doubles.
- Banks are able to change their APIs with just two weeks’ notice in what challenger finance firms see as a weakness in the open banking standard.
- HSBC announced at Dreamforce 2019 in San Francisco that it’s building an API-driven platform with MuleSoft to forward open banking opportunities.
- Amadeus is opening its systems up to third parties through its APIs as part of a “distributed innovation” strategy that also includes partnering with or investing in startups.
Recounting his experience with a large manufacturer in Australia, Irecki said the company went all out with an API-based architecture to connect different systems, but saw its API investments grow tenfold in four to five years.
“They took that approach to the limit and used APIs for everything,” he said. “If you had a CRM [customer relationship management] system, you could create an API to get customer data out of that, but you’re almost duplicating the APIs that those systems already exposed.”
Instead, said Irecki, that company could have taken the integration approach to facilitate interactions between systems, thus avoiding having to build many APIs as well as orchestrating processes between systems.
“With an integration approach, it would take three very basic integrations,” he added. “So, it depends on the organisation’s use case, maturity and understanding of when and where they should or should not be using APIs.”
Those that deploy APIs often do so because of their reusability, which Irecki said is akin to Lego blocks that can be exposed, decommissioned, enhanced and pointed at different systems.
“But the problem is, as you build up those Lego blocks, you can lose control, and again it’s about understanding your use case and when it makes sense to create an API – or take an integration approach, but keep the data in a master data management system,” he said.
Irecki added that during the pandemic, when budgets are constrained, some enterprises are taking a phased approach, starting with master data management and integration before exposing their APIs eventually.