The first API was launched in February 2000, meant to act as “internet as a service.” Since that time, and at an exponential rate, APIs have become the lifeblood of the information ecosystem. Although many companies have launched at least a few APIs, the majority of companies do not have a core strategy and vision for their APIs as an interconnected landscape. This is an opportunity cost that cannot be overstated; and a lack of strategic direction, vision, maturity, and governance for an API landscape can place companies at a severe disadvantage. Coupled with unforeseen pressures such as the recent global pandemic, the inability to drive API creation and management can prevent businesses from adapting and surviving. On the other hand, those businesses who proactively pursued a strategy for their API landscape—such as restaurants who were suddenly required to operate on a “remote order and deliver” business model—not only survived the multiple shutdowns but thrived and even grew in the midst of this unprecedented industry killer.
Businesses are waking up to the API revolution not as a technical feature but rather as an integral and critical part of their infrastructure. Clients of Google’s Apigee platform indicated that to develop their API business strategy best, they valued the performance analytics, security, and governance elements far above other important factors such as monetization and self-service capability.
Given the structure of an API, along with the natural evolution of many companies, the growth of API management and development is often organic, sprouting up in those areas that require the interfaces/implementations to complete tasks and access crucial data. Whether the APIs are designed for internal use, external access, or both, APIs often become another tool for IT organizations to implement to solve specific problems. Unfortunately, this organic growth is not only incredibly inefficient, resulting in silos of API development and a lack of best-in-class practices; it can also create significant risk to the company when the APIs are not adequately secured and protected against outside threats. Further still, the tactical inefficiencies pale in comparison to the potential of leading companies who prioritize API strategy, create dedicated landscapes, develop API maturity, and ensure balanced governance to guide API development for flexibility and consistency.
These leading companies are able to achieve a strong API strategy and maximize the potential of their API landscape because they were able to change the way they view their business model.
According to Google Cloud’s research, 56% of IT decision-makers view APIs as assets that help organizations build better digital experiences and products, 52% say APIs accelerate innovation by enabling partners to leverage digital assets at scale, 40% view APIs as systems integration enablers and 36% say they see APIs as strategic assets for creating business value.
Clearly, APIs aren’t about greater efficiency and cost savings only. These are welcome benefits, but the larger benefits come from API-first digital transformation:
- The supply and demand of your company’s digital assets are unlocked through APIs for your customers, suppliers, and partners
- Additional monetized products and services created by external developers
- Agility, allowing companies to pivot their business model extremely quickly
These benefits have to be measured using a shift in metrics. Cost reduction is important, but equally so is the speed to API release, growth of traffic, number of active developers, and the speed of onboarding apps. This fundamental shift in focus is what unlocks the full potential of an API landscape. This shift is what requires API maturity and governance to create a successful API landscape. APIs should not be viewed as tactical data links; instead, APIs should be viewed as products that customers desire, channels with value propositions, and ecosystems that bring customers, partners, and your data together.
So, what is API Maturity and Governance?
Given the results achieved by leading companies, it is important to understand exactly what is meant by API maturity and governance.
API maturity can be viewed in three phases:
Low maturity does not have a centralized program that manages the direction, development, and best practices of API deployment. Instead, the APIs are developed in isolation by various teams throughout the organization as needs arise.
Medium maturity may have a central organization that advises development or manages APIs through a Center of Excellence structure; there is at least a rudimentary API management platform in place, but APIs are still initiated and developed by various teams across the company, with no unifying strategy in place for creating an API landscape.
High maturity includes a robust, purpose-driven strategy for APIs development, with the support structure in place for leadership, funding, expertise, and governance needed with a clear roadmap available. APIs are value-added, quick to market, and built with a balance of standardization and flexibility needed to optimize for each situation and use case.
Two hard lessons are often learned by companies developing their API program. First, API maturity does not always take on a natural progression. Companies that are more naturally silo-heavy—or alternatively, excessively centralized—may grow an API program that molds itself to those structures and either can stunt or effectively destroy the potential of such a program. There is no guarantee that every company will naturally evolve its API landscape toward a high maturity level. Second, if performed with enough support and foresight, an organization does not have to begin its API program at a low maturity level. By partnering with Abacus, many customers have created strategic roadmaps that quickly develop into a high maturity API landscape through focused and purposeful design.
The governance of an API landscape can be difficult, and elements of control that may seem intuitive can destroy the value-added potential before it even gets off the ground. Governance is sometimes seen as a central role with strict guidelines that require adherence for the program as a whole to function. However, with API governance the balance between strong guidance and flexible direction is delicate. For a business to thrive in the world of APIs, speed to market (or business value) is a must. Standard project management techniques such as waterfall are too slow and do not provide the number of iterations necessary to improve through evolutionary growth. Instead, governance must allow for fast development and deployment while ensuring best practices. In terms of security processes and protocols, a strict hand is more necessary. But in terms of the many different contexts and decisions that must be made for each API need, proper governance should take a form similar to that of the long-standing web development guidance: that is, focusing on interaction standards to ensure different elements communicate accurately instead of prescribing in explicit detail the exact languages, syntax, and protocols needed for such interactions. Being too specific, for example dictating that a specific data store or library must be used, will certainly result in a system that does not age well. However, if guidance focuses on how systems should interact and communicate, the evolution of new languages and protocols can still work within that API governance framework over time. As this governance grows within an organization, an ideal to strive for is that of collecting the lessons learned and needs from across the organization instead of dictating standards to them. APIs handle a myriad of business needs, and that diversity should be viewed as a strength instead of a liability. Governance that sets itself up to prioritize gathering and understanding the diverse needs across the company (in regard to APIs) will ensure that best practices are captured and shared. It will also help encourage governance requirements to be only as restrictive as absolutely necessary.
In the next article, we will be deep diving into the tangible advantages of a purpose-driven API maturity and governance framework – Stay tuned!