APIs are taking the world by storm and, as they evolve, there are some important trends to pay attention to in 2022 and beyond.
Here are the top ten API trends:
NUMBER 10: API economy growth
The API economy is not just about selling access to your APIs and data, it is much more than this.
- Revolutionizing how enterprises are organizing their teams, resources, and budgets.
- The entire supply chain being powered by APIs
- Ordering dinner and having it delivered to your home
- Requesting an Uber and tracking it from beginning to end
- Streaming movies and shows to televisions, computers, and mobile phones around the world
- Ordering fresh groceries and having them delivered from the store to your door.
APIs on their own are not enough to drive this digital ecosystem; they are simply the enablers for, and the gateway to, the digital and physical products that you are creating or plan to create. APIs are what enable your business to engage with consumers in the digital world. APIs are how your products are going to be viewed, purchased, consumed, and judged in this digital economy.
In order to compete in this very competitive API market, companies are increasingly adopting “API-first” strategies. They are realizing that their APIs are a product, and not an add-on to their existing products. These decisions to put budget and resources behind their API teams will allow them to succeed and win in 2022.
NUMBER 9: API-led modernization
APIs are powering the modernization of businesses across all verticals. Mainframe and legacy systems can be a big dependency (and liability) for many organizations. We are seeing an increase in the number of companies using APIs and API platforms to replace and extend the capabilities of their legacy systems.
NUMBER 8: API and integration experience
Everyone wants the experience with their API products to be magical. From APIs, API documentation, API developer portals, and API artifacts, a lot can be said about the user and developer experience across the entire API landscape.
The reason API experience is on the Top 10 list is that, along with the huge growth of APIs in the past few years, there has been a corresponding growth in expectations that users and developers have when they go to consume or integrate with an API product.
API products and portfolios need to:
- Be intuitive (a must-have!)
- Be well-documented
- Have a self-service developer portal
- Offer a great onboarding experience (zero to API in 5 minutes)
- Have consistent and useful error messaging
- Be kept simple (it has one job)
- NOT be ugly (great UX and aesthetics)
- Provide great logging and analytics
- Include code samples and Postman scripts
- Offer a free-forever developer tier
A great developer and user experience for your APIs and integrations can give you an edge on your competition. It also makes a world of difference as to whether your digital and non-digital products are successful in this competitive market.
NUMBER 7: Open API standards
Open integration and API standards are increasingly being adopted. With the advancement of tools, technology, code, and no-code solutions, it’s not that difficult to build an API these days. However, building APIs that are extensible, scalable, use best practices, and properly implement open standards can be a much more difficult feat.
RESTful APIs and open standards such as SOAP, Swagger, OpenAPI, JSON Schema, AsyncAPI, and GraphQL have been around for a while. But today we are seeing a substantial growth in the community around the development of these standards and the participation from businesses and individuals in keeping these standards up to date with new features and improved documentation.
My recommendation would be to get involved with the groups that support these standards and participate in the process of growing the API community. If you are consuming and using these standards, (and I am sure you are), keep up to date with the changes to ensure you are producing and integrating with APIs in the best possible (and most secure) way.
Take a look below at some of the open standard communities that have been growing in the past year:
- OpenAPI Specification (v3.0.3)
- GraphQL Specification(October 2021 edition)
- JSON Schema Specification (2020-12)
- AsyncAPI Specification (v2.2.0)
NUMBER 6: API Best Practices
While there have always been best practices of some sort around the use of APIs, integrations, and microservices, it has been kind of hit-and-miss with what you could find and where you might find it. Often best practices might have conflicting messages or be so vague as to lead to branches of differing micro best practices.
Although RESTful APIs are solidifying their position as the current standard for APIs, we are also seeing an increase in use of GraphQL, gRPC and others. This has driven an increased need for formalized best practices around them – not only covering what technology and standards to use, but how to do it in the best possible way so as to reduce the amount of future rework involved.
Best practices include many API topics including (but not limited to):
- API design
- API security
- API integrations
- API transformations
- Logging and tracing
- Code and design linting
- Error handling
- Testing / audits
- Pagination / bulk data handling
- Eventing – webhooks / polling / web sockets
- And many more!
NUMBER 5: Industry-specific breakouts
There is an increase in the push for industry vertical-specific ecosystems around APIs and integrations. Take open banking as an easy example of this. If you are in the financial services industry (especially in you are in a geographical region that has government regulations around this), you have been aware of the changes both in standards and government regulations that have shaped how financial and banking APIs integrate with one another.
The healthcare industry is also seeing similar growth with the development and implementation of FHIR (Fast Healthcare Interoperability Resources) and other healthcare standards.
Expect to see continuation of growth in some of these existing verticals as well as spikes and new growth in other industries.
Keep a watchful eye on government, manufacturing, transportation/logistics, retail, insurance, supply chain, and telecom.
NUMBER 4: API and integration automation
I am a huge fan of automation and am excited to see an increase in API automation adoption. This goes beyond some of the automation that we have seen in previous years:
- Automated API integration tests
- Automated code unit tests
- Automated publishing
- Automated security checks.
GitHub has recently announced a new development tool called GitHub CoPilot. GitHub Copilot is an artificial intelligence tool developed by GitHub and OpenAI to assist users by auto-completing code. Now there has been a lot of feedback on this (both good and bad) but the point is things are changing. The goal of automation is not to replace workers but to allow workers to focus on more important tasks.
Keep an eye out for an increase in:
- Automation for API design with various no-code solutions
- Automation with API Integrations
- Automation in API creation
- Automation for API Management and Governance
- Advancements in automation for API Security
NUMBER 3: Adaptive API management
Managing the entire API lifecycle can be a challenging. Every organization is different and often the needs and requirements can be quite complex. You need to adapt quickly to changes in the market, changes in government regulations, changes in technology, and even changes in how (and where) people work.
New APIs are created every day and you need API management that can adapt as well. Whether you are adapting to new API policy requirements, new API security threats, new API integration requirements, or new API consumer or partner opportunities, the need for an adaptive API management system is growing every day.
Because of issues like these, 2022 will see the continued growth of adaptive API management systems like webMethods which provides a robust and holistic approach to API management. Some organizations need on-premises solutions. Others want to use cloud-based SaaS solutions. But a growing number will need something in-between with a mix of both.
NUMBER 2: Seamless integration solutions
An API without any integrations is like a car without fuel or power. It’s may look pretty but it is not very functional. Not only do APIs need to accept integrations and integrate with other APIs but there can also be complex requirements for chaining and transforming the incoming and outgoing data across these integrations.
APIs must be able to easily integrate with anything, anywhere. 2022 will see the need for seamless API integrations that grow and scale even further with solid and proven integration tools standing out from the crowd because of their smooth and seamless handing of integration processes, both on-premises and in the cloud. Because of this increased demand for secure integrations with other APIs and systems, organizations want and need products that can remove the friction from their integration experience.
NUMBER 1: API cybersecurity
As long as there have been APIs, there have been hackers who are searching for vulnerabilities in them. API security and cybersecurity is of critical importance for EVERY organization. Especially now. NOBODY wants to be in the headlines for all the wrong reasons.
Earlier, Gartner had predicted that by 2022, API abuses would move from infrequent to the most-frequent attack vector. The growth in not only the number of APIs but the exponential increase in API usage has made this prediction all the more impactful on businesses around the world.
According to a more recent Gartner CIO and Technical Executive survey, cyber and information security are at the top of the list for planned investments in 2022. This is not surprising as business leaders are feeling the pressure to put budget and resources behind cybersecurity to protect their APIs, data, customers, and the reputation of their companies.
You may have heard the phrase “shift left, shield right.”
“Shift left” is shifting your security focus to the beginning of the API lifecycle process and to integrate it into the design, development, and every other step of the API lifecycle all the way to the retirement of an API.
“Shield right” is the emphasis on continuing to protect your APIs at runtime and beyond. Doing this will allow you to provide a defense against unknown attacks.
Closely related to API cybersecurity is the topic of encryption and privacy. Because of the close relation to security, they are included in this topic. Organizations are increasing their understanding and proper implementation of encryption to protect their data.
Everything from storage and transmission of data requires a critical security eye when planning and implementing DevOps security. Privacy is also directly related to this as API cybersecurity is an essential key to securing the privacy of users and employees. Not only does data need to be secured but sometimes the best decision is not to store the data at all. There are a lot of government regulations surrounding privacy in certain parts of the world, but security and privacy requirements can also drive a strategy that reduces unnecessary data to protect both consumers and enterprises alike.
API cybersecurity as it is important for everyone to understand API cybersecurity, what is at risk, and how to protect and defend your APIs and other systems from attacks.
BONUS: Composable APIs
As a bonus item for you, keep a close watch on composable APIs. While composable architecture has been around for a while, the term is getting some extra attention lately and you will start to see more enterprises that may forego building part, or all of, an API and instead composing a new API together from existing APIs (both internal and external) that will integrate with other APIs – to add features instead of internally building new APIs or using existing SaaS services.
Composable APIs have the potential to give organizations the opportunity to reap the benefits from both the flexibility of a custom-built API and the seamlessness of a SaaS API subscription or service. Consumable APIs are heavily powered by the no-code SaaS and on-premises API integration solutions that exist today, such as Software AG’s webMethods.io.
Watch the video on the top ten here:
Software AG can help you innovate faster with APIs.