As businesses introduce an ever-growing, complex IT ecosystem of on-premises and SaaS applications, APIs, blockchain...
and other technologies, how can they possibly tie them together?
For many DevOps teams, the answer is API-based integration to enable communication between applications and platforms. Integration projects, however, pose challenges in security, runtime and management.
In this Q&A, Oracle's Vikas Anand explores industry trends that drive rapid adoption of API-based integrations. He also lays out the hybrid cloud connectivity integration challenges for DevOps teams and ways to bypass those issues.
Anand is vice president of product management for integration, process and API management cloud services at Oracle.
Which technologies and use cases drive use of API-based integration?
Vikas Anand: SaaS connectivity limitations are the No. 1 reason enterprises adopt and then expand API integration programs. When SaaS is not integrated, it quickly changes to silo as a service. Customers can only derive limited value if their SaaS system is not working well in a very heterogeneous enterprise IT environment.
APIs power new technologies that create better experiences for customers, such as chatbots and many mobile user experiences. APIs provide information from on-premises and cloud back-end systems, such as CRM [customer relationship management] or ERP.
Those new technologies have to be integrated into the existing IT environments and then extended to customers. For example, adoption is growing in API-driven B2B technologies, which provide a nimbler transaction option than traditional EDI [enterprise data integration] [Standard] X12-based transactions. Another example is growing use of smart contracts with blockchain to do transactions in a trusted way. API integration provides the pathways for these transactions.
What problems do DevOps teams encounter in API-based integration implementation and management?
Anand: The No. 1 challenge is how to secure their APIs. APIs are exposed on the edge, and they are available for everyone to use. A thought-through security model is important. My advice is to focus on using security standards, such as OAuth. Then, you'll be on the same security level as partners and customers.
A third challenge is optimizing API runtime, which relates to monitoring, testing and management. This calls for preproduction work in API interface testing and validating API functionality. In operations, ensure that APIs are not only secured and protected from anomalies, but also can be scaled up as more APIs are consumed by the partners in an ever-growing hybrid environment.
Consider that APIs run not just behind the customer firewall in a data center, but also across multiple clouds and devices. At runtime, you need your APIs to be close to the back-end applications to deliver the timely response, scale and experiences customers want.
Why isn't integration built into SaaS offerings?
Anand: SaaS only allows you to configure and customize. If you need to extend the applications, API-based integration is a lightweight alternative to legacy, on-premises ESB [enterprise service bus] integration suites.
For example, say you have a CRM application with a coding system, and you might need to have an extension of the business logic to support new discounting rules. Unfortunately, it may not be possible to configure or change the SaaS environment. The vendor will not allow you to do it, because the SaaS product would then be upgrade-unfriendly. So, in such cases, DevOps can use business process automation in alignment with API-based application integration to deliver those extensions.
In hybrid compute environments, how does the business value of APIs and API-based integration play out?
Vikas Anandvice president of integration, Oracle
Anand: API integration supports multichannel experiences that improve customer engagement. An example is how integration helps businesses partner with other service providers to offer new capabilities. An example is an API model that makes Uber services available on a United Airlines application.
APIs also spur revenue growth. For instance, a business's IP [intellectual property] that lies behind firewalls can be exposed as an API to create new revenue channels. Many new-age companies, such as Airbnb and Lyft, leverage the API model to deliver revenue. Traditional companies [in] manufacturing and other [industries] are really applying this to their domain.
API-first design provides modernized back-end interfaces that speed integrations. Doing back-end integrations? You can run the APIs within the data center to integrate SaaS and on-premises applications. A good API, a well-designed API can actually reduce the cost of integration by 50%.
Which best practices do you suggest for API-based integration project success?
Anand: Developers need to transform and route data and apply process automation capabilities. To do integration efficiently, enterprises have to automate data flow, business processes and whatever repeatable, error-prone tasks IT does. This calls for support from automation models, such as robotic process automation, to create single pane of glass for analytics.
Enterprise-level application integration projects used to take a year or two. Now that SaaS applications can be deployed in a matter of months, that won't do. Fortunately, APIs themselves are now designed so that the integrations can be done more effectively, more efficiently and with better time to market than ever before. For API integration, there are automated, prebuilt connections that can be applied. Also, automated API integrated features are available in some iPaaS offerings now and coming to others soon.