Leveraging governance to boost your API adoption

The massive adoption of APIs

In today’s rapidly evolving digital landscape, the demand for seamless communication between diverse systems has never been more critical. As businesses and technologies continue to advance, Application Programming Interfaces (APIs) have become the de facto standard to achieve interoperability. APIs serve as the digital bridges, enabling different software and applications to work together. Industry giants such as Tesla, banks like BBVA, and retailers such as Walmart have massively adopted this approach and are reaping the rewards.

The staggering growth in API adoption underlines its significance. According to Kong [1], an API Manager solutions vendor, the economic impact of APIs is expected to increase from $10.9 trillion in 2023 to $14.2 trillion in 2027 (+30%). But adopting APIs at scale is a formidable challenge that needs the right alignment between business and IT. In this article, we’ll explore how organizations can transform themselves and derive maximum benefit from APIs.

The challenges for scaling up APIs usage

Companies that want to take their API adoption to the next level are facing three main challenges: defining and adopting the right API strategy to solve business challenges, ensuring compliance with state-of-the-art standards to speed up time to market, and choosing the right technologies to support API usage within the organization.

Challenge 1: API strategy to meet the company’s business needs

APIs must answer business needs. They act as strategic enablers that reduce time to market and broaden market reach, unlocking new growth opportunities. To avoid the pitfalls of constructing APIs solely as technical products, management plays a major role in steering the conversation toward aligning API strategies with core business challenges. Defining a clear API strategy can be challenging for several reasons: lack of alignment between technical and business objectives, insufficient understanding of the potential value and benefits of APIs by the business, and difficulty in identifying the right use cases and understanding customer and business needs.

Challenge 2: standards and governance for APIs

As a company starts delivering more and more APIs and design patterns, many details start diverging. If the right guardrails have not been put in place, the situation quickly spirals out of control. No two APIs follow the same design practices, reusability rates remain stubbornly low, duplication starts to creep in. These can turn rapidly easily your API landscape into an “API swamp”. Furthermore, organizations need to navigate through a myriad of compliance requirements, including GDPR, HIPAA, PCI DSS, and industry-specific regulations such as PSD2 or FIDA for banks. Swift action is required to define and enforce company-wide standards that ensure great integration experience.

Challenge 3: technologies to support transformation

With the popularization of APIs and the increase of market offering, selecting the appropriate technologies to support API usage has become a critical step. It can significantly impact the IS efficiency, security, and upgradability. IT teams must deal with multiple API managers, automation tools and API frameworks available on the market. For example, the choice of an API manager depends on multiple criteria such as cost and licensing, cloud usage, ease of integration with the company’s standard, existing features and roadmap, etc. making the decision a complex challenge.

Scaling APIs through strategic alignment and Design Authority

To address the three challenges mentioned above, the organization must act across three foundational pillars: strategy, governance and standards, and technology. Let’s take a deep dive into these three pillars to explore how organizations can tackle those new challenges.

The strategy pillar

In the realm of strategy, organizations must set specific API strategies that meet the business target while complying with regulatory frameworks. It’s essential to define a simple strategy that can be understood by all teams, whether business or technical. For example, we can think of Jeff Bezo’s API mandate strategy, so clear and simple that it is still respected 20 years later. Today, 2 main API strategies stand out from the market and are increasingly being adopted by companies: API First and API as a Product.

Reducing time to market and implementing business APIs are key objectives of an enterprise. By adopting an « API First » approach, interfaces are implemented first to support application development: it’s the API before the rest of the software. APIs become building blocks, promoting modularity, reusability and collaboration. According to the State of the API report [2], 78% of API First companies reduce their TTM and 87% integrate faster with partners.

Similarly, treating APIs as first-class citizens is the second key step to transforming them into valuable assets for the business. Adopting an « API as a Product » strategy means APIs are seen as offerings to be refined, marketed, and managed like any other product. Companies can thus enhance the quality, usability, and accessibility of their APIs, thereby boosting their value proposition and market reach.

Implementing a new API strategy is a real challenge, requiring considerable efforts to gain acceptance and adoption. Management must provide the impulse for the change through strong leadership and engagement, clear communication of the target strategy at all levels, integration of operational feedback, and the establishment of accelerators and shared assets.

The governance pillar

The governance pillar is an essential structure for the widespread adoption of APIs within the organization. We call it the API Design Authority (API DA). Beyond turning your strategy into actions, the Design Authority API carries out three primary missions: proving a high-level view of the company’s APIs to top management and maintaining a network of digital referents from each business domain, establishing the framework of standards shared by everyone in the company, and ensuring new APIs comply with the framework and help teams in their API design and development.

As the API Design Authority is responsible for the steering of the API transformation, it must assume the responsibility of overseeing the organization’s APIs to ensure coherence with the organizational objectives. This task requires specific KPIs to link the company’s business objectives with the API’s metrics. The API DA is also responsible for nurturing a network of digital referents who will champion the API benefits across different business domains. Their aim is to bring business teams into the core of API-related matters. When business teams understand the potential of APIs as a tool that aligns with their objectives, it serves as a clear indicator that the transformation process is securely underway.

The API DA is also entrusted with setting the normative framework for APIs within the organization. It is composed of several standards that provide a structured approach to API development to improve reusability and maintainability. Those frameworks should leverage existing market standards and comply with specific industry or location regulations. As an illustration, this framework might encompass design (OpenAPI, etc.), data (data models, ownership guidelines, etc.), architecture standards (architecture patterns, etc.) and security standards (OAuth2, OpenID Connect, etc.).

It is crucial for the API Design Authority to enforce compliance with those frameworks. Thus, establishing a centralized control body and defining project instruction procedures are essential. This compliance instance operates across three key phases: architectural design to ensure utilization of correct API patterns, contract design to verify compliance with design standards, and production deployment to guarantee overall compliance with the standards.

It is crucial that projects understand the value of this control process. Thus, the API DA must actively market its value proposition to projects, emphasizing the benefits they bring to ensure alignment with the framework. Later, when projects are mature enough, the process can transition to a decentralized model, delegating control responsibilities to individual domains or projects.

The technological pillar

The third pillar to consider is technology. In an ever-diversifying market landscape, companies must navigate through multiple choices in assets and technologies. Take API technologies: the choice between REST, GraphQL, or gRPC is a real challenge for most projects. Another critical choice is the API Manager and the increasing number of considerations: cloud and on-premise, pricing model (open source vs proprietary), support for different API technologies, scalability and performance, ease of integration with the existing system, presence of APIs in the cloud, etc. And more and more tools are emerging to automate work processes. Spectral from Spotlight Editor, for instance, enables OpenAPI contract verification (called linting), while Optic leverages AI to ensure interface compliance with established standards.

The selection process among these diverse technologies is a complex task requiring collaboration among different stakeholders. It is the duty of the Design Authority to bring all the stakeholders together to align their vision and find the right technology to support the API transformation.

The journey for a successful API scale-up

Throughout this article, we have explored the challenges faced by enterprises when scaling APIs and have outlined solutions to achieve scalability objectives. To accomplish this, it is crucial for the company to:

  • Secure sponsorship from top management to take decisions that have a strong impact and carry change throughout the organization
  • Define an API strategy aligned with business strategy and transparently communicate about it
  • Establish governance, processes and standards and make sure that everybody can understand and apply them
  • Leverage expertise from technical teams for the asset selection that will support the scaling journey
  • Rapidly test the proposed model and be able to rollback or modify it if necessary
  • Facilitate the cultural assimilation of API in each team by establishing a strong network of mentors
  • Provide a Design Authority dedicated to all of these subjects

By focusing on these key areas, companies can navigate the complexities of scaling APIs and set themselves on a path toward success.

 

[1] Kong API impact report 2023: https://konghq.com/resources/reports/economic-impact-of-apis

[2] 2023 State of the API report by Postman: https://www.postman.com/state-of-api/api-first-strategies/

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *