APIs are invaluable for data mobility in a complex systems environment, but they have to be approached with the right mindset. We look at four ways to set up for success with APIs.
Data silos are the enemy of efficiency in any large organization. When data can flow freely between systems, processes can be automated, decisions can be made faster, and information-sharing leads to better outcomes. APIs have long been hailed as the best way to get siloed data moving, but for every successful API, there’s one that never delivers on its initial promise.
Often, the difference between a successful API and a failed API isn’t (just) down to engineering—it’s down to mindset. In this blog I’ll look at four attributes of an API mindset, and why each of them is key to building APIs that deliver on their potential—not just today, but for years into the future.
1. Think interoperability, not integration
APIs are designed to integrate systems, but not in the traditional sense of integrating application A with application B. Rather, the API is designed to integrate application A with any other application that needs to use its data—now and in the future.
This requires a shift in mindset: from integration to interoperability. What will make it easy for any other application to interoperate with yours? This leads into a whole suite of decisions that may be unfamiliar territory for developers accustomed to point-to-point integration. Decisions around standards, around documentation, around security and governance, around updates and roadmaps, around innovation—all need to be made with a one-to-many models in mind.
Taking standards as an example, the key is to make the API easy for other developers to connect to it and consume your data. Using proprietary, unfamiliar or legacy technologies can cause engineering headaches that can ultimately outweigh the value of connecting to the API, creating barriers to efficiency and innovation. Building with a familiar tech stack—today that might include REST, HTTP, JSON/XML and oAuth, for example—is key to ensuring fast and easy adoption. Industry-specific data standards, such as FHIR in healthcare, are vital considerations too.
2. Keep your API consumers top of mind
System owners often approach an API project with a “build it and they will come” attitude. If the API is there, the thought goes, people will find it and connect to it. And that does occasionally happen. But much more often, the API fails to gain traction and the effort that went into building it isn’t repaid. That can lead to disillusionment with APIs, and a great interoperability opportunity is wasted.
But just like with any software product, adoption only happens if the API is designed to meet a real customer need. That means knowing who’s most likely to use it and what for, and building with those consumers and use cases in mind. In a world where APIs are designed to connect many systems, that consumer base may be quite varied and some may not even be known to you.
It’s worth bearing in mind too that many will need a solid business case for connecting to your API. Clearly showing how your API helps your consumers to achieve their business objectives as well as their technology objectives can greatly increase adoption.
3. Balance security and ease of use
Ease of use is key to API adoption, but it can never come at the expense of security, especially in highly regulated sectors like healthcare, public sector, financial services and telecommunications. The data being shared, and the application sharing it, have to be protected against malicious attacks and accidental breaches of compliance.
For API developers, this means finding the right balance between making it as easy as possible for third parties to connect to the API, and keeping data, people and systems safe. Often, developing APIs for use by an ecosystem requires a mindset shift from perimeter-based security to zero trust security, where every access attempt requires strong authentication.
But a zero trust approach can cause a lot of friction for API consumers if it’s not implemented with ease of connection in mind. To ensure the right balance, developers are increasingly using platforms like Google Apigee, Amazon API Gateway and Azure API Management to build and manage APIs, drawing on their best-in-class features for easy yet secure access.
The type of data being accessed is also a key consideration. If the consumer application only needs first names, for example, returning first names, surnames and date of birth can be a needless over-disclosure. This is an issue that GraphQL, a query language for APIs, aims to fix, demonstrating the value of keeping up to date with emerging technologies and standards around API security.
4. Cultivate an “Engineer Experience” mindset
You’ve heard of user experience (UX) and customer experience (CX), where services are designed entirely around the user’s or customer’s needs. API development requires a similar mindset—but aimed at the engineers looking to connect their systems to yours.
Cultivating an Engineer Experience (EnX) mindset means putting yourself in those engineers’ shoes to ensure they can connect to your API easily today and maintain that connection over the long term. It’s about making sure everything the engineer needs is to hand—from a searchable catalog of your APIs with descriptions of the use cases they support, to documentation that lets engineers get connected fast, and a roadmap that lets them know what you’ll be delivering in the future and when.
EX is critical to the long-term success and business value of your APIs. It’s a topic I explore in more depth in this blog, so head there for more tips on how to build a high-value API ecosystem.
Start cultivating an API mindset today
From healthcare to financial services, APIs are key to integrating systems without ripping and replacing legacy applications—but they must be approached in the right way. If you’d like to discuss any aspect of API development or management, please get in touch with me.
