Mashape launched yesterday adding a new API player to the growing arena of API management sites and tools. As the Mashape Blog says "everyone and their dog's are building API's these days" and a number of companies have developed API management systems to cater to both public and private APIs.
API Growth (from ProgrammableWeb)
The ProgrammableWeb directory currently lists 6,697 APIs and has been growing exponentially - as shown in the diagram above by Phil Windley in his excellent Cloud OS paper.
The main players in this space are shown in the following table along with a high level indication of their product features.
API management features cover API publication, security, management and monetisation. Most of them cater for both public and private/enterprise APIs. The features which support these activities include:
- Directory - provides a searchable directory of APIs
- Collaboration - provides collaboration tools of the kind we're all familiar with from social media - likes, follows, comments, recommendations etc.
- Development tools - allowing potential consumers to "try" the API or seek support during development of their endpoint.
- Security - the ability for providers to manage consumer access and perform tasks like key management.
- Monitoring - the ability for providers to monitor the usage, activity, throughput, availability of their API.
- Management - the ability for providers to actively manage traffic on their APIs or to be able to scale according to traffic patterns.
- Analytics - analytic features beyond "on the spot" monitoring.
- Monetisation - the ability for providers to charge for access to their APIs and for consumers to pay for that access. The API magement platform acts as a financial intermediary in this respect.
- Cloud - provides a publicly available service (note that some of these may be hosted but provide access controls to make APIs essentially private).
- On-Premise - has an on-premise capability for enterprises who wish to manage their APIs privately and internally.
Some providers also support additional features such as mediation between REST and "legacy" SOAP APIs.
I'm very interested in the parallel evolution between these two ecosystems which ultimately have the same aim, but have executed in very different ways: the mostly enterprise SOAP web services ecosystem and the mostly public REST services ecosystem. In general, I see a convergence of approach and I think API management is a good example.
Web Service proxies flowered a few years ago but were rapidly snapped up by enterprise software companies for inclusion in their portfolios. Mostly they aimed at security and monitoring infrastructure with centralised policy management. Some enterprises use these, but I'm not sure the penetration has been very high. Web Service registeries for service discovery also had their brief taste of hype, but have died out rapidly - not for lack of need but in my opinion the heavy hand of UDDI was too much to bear and a poor match for the real requirements.
In the public API sphere we also have security, monitoring and management as strong concerns, but even more so is the ability to discover and use APIs in a growing and crowded marketplace. Hence the emphasis on directories and social media-type collaboration. Get developers engaged and enthused abut using your API. Here I think the public API ecosystem has something which could translate very well into the enterprise market which vendors like SOA Software and Apigee are addressing.
So, keep watching this space....APIs will be a significant driver for monetisation of the web and the ability to discover, use, secure, manage and charge for API usage is increasingly important not only outside the firewall, but inside as well.