API Development in the Time of COVID-19
A Software Engineer from Sri Lanka. Part time writer. Amateur pianist.
Let’s face it.
Traditional business models that require physical human interaction is going to fail soon
COVID-19 pandemic is in full swing at the moment. The biggest damage it has been doing is not only the deaths, but the paralysis of economies worldwide. Many countries were forced to go into a lock-down mode, restricting people’s mobility by almost to 99 percent.
If the pandemic situation prevails it will lead traditional businesses like retailers, hotels,restaurants and airlines to go out of business very soon as they require physical presence of people. So they need to come up with new strategies to reach their customer base who will likely to stay at their homes for a long time.
Let’s see how technology can help organizations to be creative and make a come back at money making.
Businesses need to redefine their existing value delivery channels — Going digital is a must
The biggest challenge that businesses will face is to figure out a mechanism to deliver business values to their customers. Just imagine in a locked-down country, what would movie theater owners or restaurant owners do to reach their customers? How do you think the casino owners would survive?
With the limited mobility, people will definitely use web or mobile devices to access usual business services. Ordering groceries and food online, performing financial transactions online and attending lectures online are just few examples. These things didn’t come of the blue, they were there before the pandemic — just as an option.
But today, delivering business value over the Internet is not just an option; it’s the only choice. It is inevitable that businesses who are not adopting digital strategies will go extinct very soon.
What are the challenges when going digital
Even in today’s world, many businesses are not digitally enabled nor they see a value of going digital. For example, businesses like retail stores, fine dining restaurants and movie theaters always had people coming into them. They can continue their core business even if the Internet is down.
Then why fix it, if it ain’t broke?
But now, everyone is forced to go digital for their survival. Would that be an easy task? well, let’s see.
Let’s take a fine-dining restaurant as an example. For many years, customers came to them for dinning-in. Hence they didn’t take online food delivery as a serious thing. There are no customer facing IT applications except the website which simply displays the menu. Other systems like table reservation, kitchen and inventory management are strictly internal.
Now the only choice they have is to accept orders online and deliver them to people’s homes. Obviously the restaurant owner has to:
- Build a mobile app to display the menu and let customers place orders.
- Modify the website to accept orders online.
- Build a back-end application to process orders. This need to be integrated with existing in-house systems as well.
- Hire a delivery staff to the deliveries.
- Track deliveries and manage the fleet.
Now it appears that the restaurant has to invest in IT and delivery aspects of the business which they are not very familiar with. Surely this seems like a lot of work and many businesses will face similar problems when reaching their customers online. The most common problems would be lack of expertise in Digital Transformation, shortage of skilled staff, complexity and slow speed of going to market and most importantly the budget.
How business ecosystems could help
What if businesses can go digital while still doing what they are good at?
How about partnering with other businesses who offer the features that other businesses lack of?
Obviously, handling IT is not a core competency of a restaurant or a retailer of a small or medium scale. Also, they should not be undertaking the complexity of maintaining a fleet of vehicles and a staff to do doorstep deliveries. But handling IT and deliveries will be critical survival skills these days for any business.
How about the above restaurant could partner with an another business who’s core competency is IT? For example, it can be a mobile or web app that lists near by restaurants to users and allow them to browse the menu and place orders. Then the order will be forwarded to the restaurant.By this way, restaurant doesn’t need to worry about building web/mobile applications to reach their customers. But they’ll continue to receive orders.
On the other hand, the same restaurant can partner with a delivery service to deliver the cooked meals to their customers. That offloads the order fulfillment burden from the restaurant and allow to put more focus on the kitchen. Maybe they can even get rid waiters and recruit more chefs? Well, that’d be too much.
So the main point to take here is that businesses should not attempt to go digital individually unless they have the right capacity to do so. They should always build ecosystems to complement each other with skills they lack. Not only this will help businesses to survive the hard times ahead but also boosts the economy by opening new revenue streams as well.
As per the above example, the mobile app, restaurant and delivery service will continue to make money during the pandemic while doing what they are good at. Their key to success is the close-knit ecosystem they operate.
Let’s see how this ecosystem can be implemented with the technology.
Building Business Ecosystems with APIs
Businesses who are partnered together need to communicate frequently and effectively. That could be either B2C or B2B communications.
According to the above example, the mobile app should let the restaurant know about an order being placed. Also, restaurant should let the delivery service know about a package is ready to be delivered. The ideal way is to do this via APIs.
APIs and API Management — An Overview
APIs can be defined as a set of functions and procedures that help build applications to access the features or data of a particular system and API management involves a technology platform that allows one to expose and manage these APIs. In other words, API Management allows you to provide a facade or proxy for existing services and exposes these newly created APIs in a standard, compliant and consistent manner to consumers whilst providing additional capabilities such as security, rate limiting and other quality of service policies.
API management typically has multiple components and/or feature sets including an API Gateway as the actual API run time and policy enforcement point, a Security component for API key management, an API Developer Portal acting as a catalog of APIs providing a centralized location for application developers to discover, subscribe to and test APIs, an API Publisher providing the ability to design APIs from back-end services, API Analytics that provide an analytical snapshot of API usage, etc.
Connecting Businesses Together with APIs
The following diagram illustrates how APIs can help the businesses in our example to communicate effectively.
Let’s break this diagram and see what are the necessary steps to implement that.
1. Business level agreements (SLA) and API design
Firstly, the restaurant aggregation service, restaurant and the delivery service need to come to an agreement on what business interfaces they will be needing from each other for their operations. At this stage, businesses and technical stakeholders should collaborate together to produce an API contract that documents and governs what interfaces are exposed, what are the request and response formats expected and how each interface will be secured.
Output of this step would be an API design document prepared with Open API version 3, which is a well established standard for describing modern APIs. This file can be checked into some public place like a GitHub repo for the access of everyone.
2. API Implementation
At this stage each business has to implement interfaces (APIs) as per the agreement they have made in the above step. For that, an API Management system has to be installed in each business. There are multiple API Management vendors in the market that offer on-premise, cloud based or hybrid API Management capabilities. All the mega cloud vendors like AWS, Google and Azure has their own API Management solutions as well. Apart from that, there are commercial and few open source solutions available in the market.
Since the time-to-market is a critical factor here, businesses should go with any API Management solution that is cloud based (low cost, low overhead), managed (no need to hire staff to manage) and offers great support when starting from scratch.
API Management platform comes with an API Designer component that helps developers in each business to create APIs from an already existing Open API definition. Once the API has been created, it needs to be published to the Developer Portal component for outside consumption. Also, the API definition will be available in the API Gateway component and ready to receive API traffic.
3. Developer On-Boarding
Once APIs are created and hosted in API Management platforms, that means that each business is ready to accept traffic from the outside. Now each business has to discover available APIs, try them out and build the client applications to consume those APIs. Developer Portals of each API Management platform offers this capabilities.
Usually Developer Portal is hosted publicly to enable access for partner developers. They can self-register there and search for APIs that would suite their needs. Also, APIs can be tried out on a sandbox with embedded Swagger console that mimics the actual API behavior.
In our example, developers from each businesses will explore each other’s APIs and subscribe to get a client ID and a client secret according to OAuth 2 standard.
4. API Run time, Governance and Monitoring
At this stage, developers from each business should have subscribed to each other’s APIs and should bear credentials to access them. For instance, the restaurant aggregation service’s back-end should subscribe to restaurant’s Order API and must generate an OAuth2 access token prior invoking that.
When APIs are invoked, API Gateway components of each business will receive the traffic and route to the appropriate back-end service. While doing that, the Gateway can do certain value additions like:
- Authenticating the request for a valid tokens (if token is invalid, API request is dropped)
- Enforcing policies on requests (rate limiting, payload schema validation )
- Payload transformation (E.g JSON to XML transformation and vise-versa)
- Logging API requests
- Collecting API run time statistics and storing for future use
Above listed features are built into most API Management platforms these days, preventing developers to implement them from the scratch. In addition to that, they offer features like API versioning for creating new API versions to keep the backward compatibility and API life-cycle management to complete the bigger picture.
After following these steps, now each business is API enabled, collaborating together in a meaningful way to achieve their mutual business goals.
API Marketplaces and Monetization — Taking things to the next level
What we have considered above is the simplest example where businesses can collaborate digitally with APIs. But API Management offers much more benefits beyond that level. The biggest benefit is that APIs can generate revenues for businesses. This is made possible with API Marketplaces concept.
On an API marketplace, businesses who produce APIs can list their APIs for sale. Then developers who plan to consume them can subscribe to them and start using in their applications. Developers will be billed according to the API call volume they made to the API provider.
Considering our example, the restaurant should publish their APIs in a marketplace like this to draw more attention from varies business partners. There can be other mobile/web apps who do the aggregation of near by restaurants as well. Or maybe new channels like Amazon Echo, Alexa will start placing orders to restaurants soon. After listing in a marketplace, restaurant should enable API monetization to bill their consumers according to the call volume. That feature is also provided by major API Management platforms.
From a business point of view, this might be a good opportunity to recover the initial investment put for the API Management platform.
Conclusion — API Management to Survive and Thrive
In this post, I think I have summarized the major benefits of adopting an API Management platform for a business to be included in a business ecosystem. From business and technical standpoint, API Management platforms provide a lot of value to digitally expose existing business services to the outside. When properly planned, traditional businesses can sell their APIs in API marketplaces to make a revenue out of their APIs.
Previously published at https://medium.com/@dunithd/apis-in-the-time-of-covid-19-fea69038520a
Subscribe to get your daily round-up of top tech stories!