API Management as a Trendsetter

API-based integration is becoming increasingly important. It is not surprising, therefore, that the number of APIs in companies is growing. It is crucial that companies know which APIs they have already implemented, make sure they are used more than once, and are able to monitor and control API data exchanges. In short, they need to leverage comprehensive API management, which is closely connected to API integration.

The following use case illustrates the importance of API management in the digitalization era. Logistics service providers are under immense pressure to deliver faster, better and more securely than ever before. This is only possible if the data necessary for controlling the flow of goods is available at the right place, at the right time and in the right format.

This data could include the precise calculation of delivery dates based on up-to-date traffic information, tracking data of suppliers, availability of stock in the service provider’s warehouse, prices of individual services and the customer’s preferred date for delivery or collection of goods. The necessary raw data is usually stored in different systems. However, users like customers, warehouse staff and drivers need the data in a consistent, clean and timely manner on their respective devices, whether they are using a portal website or an application for mobile devices.

This only becomes possible if all people involved in the logistics process are connected in real-time. This connection happens through suitable API interfaces (e.g. a tracking API, delivery API, availability API, price API) which users can access on their devices. Through API integration, the raw data from the different systems is converted into the data format the API interfaces uses. Companies have to ensure security, availability and transparency of APIs through comprehensive API management. If they don’t, their inaction could have serious consequences. For example, one user could access the personal data of another user through connected APIs. In the future, almost all logistics service providers will need to leverage such API-based services if they want to remain successful in the digital age and a fast-changing market.

Mobile and cloud solutions make API management a must

Through the widespread use of mobile and cloud solutions, API interfaces have become more important than ever. Modern web APIs are based on HTTP protocols and are therefore Internet compatible, meaning they can be implemented through firewalls to easily and quickly establish a loose connection that can be just as easily severed without disrupting any applications or processes if necessary. As data access from anywhere, anytime becomes more and more important in the age of digitalization, the openness and flexibility of APIs makes them indispensable.

SAP is also following a similar approach. Integration of applications and functionality in S/4 Hana now has to happen via APIs. The functional scope of these APIs is not yet comparable to typical integration interfaces like iDoc and BAPI, but SAP is adding new APIs with every release. The primary objective of APIs is to enable real-time access to data and some system functionality. Such a scenario means there are at least two parties involved: the one storing the data and making it available (provider) and the one accessing and consuming the data (consumer).

For real-time access, providers need to make their data available through API interfaces, and consumers have to be able to access API interfaces from their devices and process the available data—this is API integration. API integration is necessary because not all standard systems have this API compatibility built-in. For example, in the aforementioned example of a logistics service provider, warehouse management doesn’t possess an inherent API compatibility.

The BIS API integration solution becomes necessary. It is only reasonable that providing and consuming APIs has to be organized and controlled properly. This is true for both provider and consumer. Knowing which APIs are available, which of them are regularly accessed, when and how new consumers use a provider’s APIs, how access to APIs can be monitored and controlled—this is API management.

API and hybrid integration

What can companies do to ensure both comprehensive API integration and API management? Seeburger answers that question with its Business Integration Suite (BIS). With BIS, Seeburger is following analyst Gartner’s idea of a hybrid integration platform (HIP). Just as Gartner details in its approach, BIS is also capable of handling APIs and offers a complete solution for full lifecycle API management with its BIS API Integration and BIS API Management components.

BIS API Integration enables companies to open up data silos and make data available via APIs. Furthermore, BIS users can consume third-party APIs and integrate them into their own applications. BIS API Management provides transparency and control of API data transfers. Both API Integration and API Management can be used in combination or individually—if companies already leverage one or the other component from another provider.

With regards to comprehensiveness and innovation, Seeburger was recognized for its ability to execute, in the Gartner 2019 Magic Quadrant for Full Life Cycle API Management. This success is based on extensive integration experience in multiple use cases that Seeburger addresses such as B2B/EDI, MFT, IoT, e-invoicing, and ERP integration with SAP’s product portfolio.

This broad functional scope and the ability to combine modern API requirements with traditional integration methods are unique qualities of Seeburger’s hybrid integration platform (HIP). The BIS API Management solution consists of two main parts: BIS API Portal for managing APIs, and BIS API Gateway to monitor and control API data exchanges. BIS API Portal encompasses an API catalogue in which providers can document and consumers can access all relevant information about APIs. This information ranges from a short description and metadata, such as lifecycle status of APIs, to jointly leveraged resources like Swagger files (language-neutral and machine-readable description format for web interfaces).

API portal and API gateway

Consumers can use Swagger files to integrate APIs in their applications, and APIs listed in the catalogue can be tested as part of the functionality. Before an application can effectively leverage an API published in the catalogue, it has to be registered in the API Client Registry and receives a unique API key that makes it possible to attribute API access later on. When assigning API keys, workflow functions can be used, for example, to implement a dual control principle for key assignment.

Transparency and control

BIS API Gateway is like a security guard. The entire API data transfer passes through the API Gateway. It can exist multiple times, making it highly scalable and highly available. The API Gateway documents which API consumer requests which API, if access has been granted or denied, and how long the response took (API monitoring). Consequently, the API Gateway provides transparency about API use.

The API Gateway is also where rules, or API policies, are implemented and enforced (API policy enforcement). These rules include but are not limited to who has access to which API or how many API requests an API consumer can make (API traffic management).

This functionality helps the API Gateway to protect data for unauthorized access as well as keep applications from becoming overloaded. In the long term, no company will be able to just ignore API-based initiatives. This makes it even more important to prepare accordingly.

API management can help overcome obstacles and tackle the challenges that API use and digitalization can bring.

PDF in English