Being at Oracle Open World you get a chance to learn about Oracle’s vision and strategy directly. In this blog I’ll summarize some of the things I learned about Oracle’s vision on API Management from Oracle Product Management.
API Management is becoming more and more important. Major drivers for this are the internet of things and the evolution of cloud solutions. API’s need to be accessible anytime, anywhere and from any application. Everything is connected. The number of API’s grows rapidly and also the systems using them. This provides some challenges.
The concept of API is often misunderstood. Some people think a service is another name for an API. This is not the case. An API is an interface to a service at an endpoint. An API forwards requests to a specific endpoint and provides features like security, monitoring and management. Thus an API is ‘in front’ of a service and provides access to it. An API allows you to abstract user interface from capabilities. This allows you to for example split development of an API and the service it provides access to. There are two types of API’s. Inherent API’s and derived API’s. An inherent API comes into existence when a service is being developed. A derived API is focused on a specific use.
Oracle’s vision regarding API Management as I’ve understood it is focused on 4 pillars.
Security is two-fold. For public API’s you need protection against threats such as brute force attacks and hacks. Also you need to know the right person is accessing the right API. This involves authentication and authorization.
An API is ‘in front’ of a service. It can provide content based routing to allow for example gold customers to get forwarded to services which are on more expensive hardware and bronze customers to services which run on commodity hardware.
An API can stop requests at the front door (doors are a great analogy to API’s). If you stop requests at the front door, you can prevent the service from actually being called. This allows the service platform to focus on the implementation. This implementation can go faster since the API platform takes care of certain things for the service platform.
The API is the door to the service. Since traffic goes through it, this is an ideal place to do monitoring on usage and provide analytics. Ideally an API solution should allow you to identify for example why certain requests fail (the link between policy and service). Also an API platform can help you identify your users. Who does what how often on your API’s and which API’s are available. API’s also have a life-cycle which should be supported by an API Management solution.
Oracle strives to be the first to provide a good offering to all these pillars and not just be good at one of them. Oracle’s API offering will help customers get the cost down of developing API’s. I’m looking forward to their product offering based on this vision!