The term Web API was not on most people’s minds before social media embedded it there in the late 2000s.
Many people associate API, short for application programming interface, with Facebook or Twitter, as those are the most common and popular examples. But APIs are not new, nor are they linked specifically with social media. They are essentially a set of rules and guidelines for developers that allow applications to interact with one another.
“There have been a few high visibility Internet companies in the past three or four years, usually startups, that were really able to grow apps because they opened themselves up to partners,” said Dimitri Sirota, co-founder of Vancouver-based API management firm Layer 7 Technologies. “They allowed third-party developers to come in and build a new Twitter client if we’re talking about Twitter, or apps if we’re talking about Facebook.”
But the idea of opening up an enterprise to the outside world with open APIs has expanded far beyond the realm of social media. Layer 7 deals with many large enterprises looking to share applications or data with partners and third-party developers, as does Palo Alto, Calif.-based API management firm Apigee, and others.
“Enterprises are watching and learning what’s going on in the consumer arena, and I think what they’ve seen is that by opening up systems through programmatic interfaces, they’ll be able to get reach, revenue and better retention in their customer base,” Sirota said.
Sam Ramji, Apigee’s vice president of strategy, uses Netflix as an example of an enterprise that greatly expanded its business by using APIs. The relevancy algorithm that shows subscribers movies they might like based on what they have already viewed was created by a third-party application developer. Netflix encouraged third-party developers to solve that problem by offering a $1-million prize.
Netflix also expanded by allowing partners to integrate Netflix’s application with their device. Video can be streamed on hundreds of devices from dozens of manufacturers and Netflix used APIs to let others solve that problem.
“Is Netflix going to be the best at writing Samsung TV applications? Probably not,” Ramji said. “The underlying story there is how they used APIs to hook into every device that is capable of playing streaming media on a screen without bankrupting themselves.”
APIs: Then and Now
APIs are nothing new. Ramji notes that they have existed as long as computing.
“We’ve been building systems that do computing since the ‘60s, but the funny thing about a computer is that by itself it’s pretty much useless,” Ramji said. “APIs have always been the way that you write apps. If you wanted to write a calculator application on a mainframe, you had to use an API.”
Ramji said that the old Microsoft and Apple APIs that were used by developers to write applications for operating systems were dense, multi-thousand page documents. Later, they were stored on CDs and mailed out to developers.
“You had a small number of people that were able to write code because the APIs were very complex and you needed a lot of background knowledge,” Ramji said.
Today, Ramji says that writing an application is increasingly simple, with many down to just a few thousand lines of code. He says this is possible because APIs now do more to hide the intricacies of computing.
“Instead of an API dealing with all of the complexity of a computer that you’re running an app on, it’s masking much greater complexity – like all the computers that Facebook runs on,” Ramji said.
Given the power that APIs have, enterprises are concerned about how to use them and how to maintain security. That has led to the rise of OAuth, an open standard of authentication that gives users access to resources without needing a username or password. An access control system is put in place so whoever holds the information can determine how much a user is allowed to access and for how long.
“It lets you, as an API provider, have an ongoing relationship with the end user,” Ramji said. “Before this, you would just take the app and give it your username and password and then the app would have full access to everything.”
Ramji is predicting that 2012 will be the breakout year for OAuth.
How enterprises are using Web APIs
Apigee sponsored a research report to study how enterprises are using APIs and what goals they are trying to achieve.
The study, conducted by Needham, Mass.-based Hurwitz & Associates, found that of 24 businesses surveyed, more than 70% were using APIs to connect with partners and roughly 60% were using APIs to expand reach and compete more effectively.
The study also indicated that while many see APIs as a way to collaborate outside the enterprise, they are also used to collaborate inside the enterprise. More than 80% of respondents said they were using APIs for application integration, which includes internal and external integration.
“There was a theme around mobile devices and being able to connect many mobile devices,” said Fern Halper, who co-authored the report.
Hurwitz & Associates COO Marcia Kaufman added that, “The motivation to integrate applications ties into collaborating with partners as well.”
“I think it all boils down to that […] to grow the business […] supporting customers in a more diverse way,” Kaufman said. “It’s all about finding new applications and connecting with external partners.”