By Mifan Careem
Senior Director - Solutions Architecture, WSO2
API management is the prevalent technology for most organizations looking to embrace digital transformation. More and more organizations see API management as an important step in becoming digital.
An API marketplace, however, goes above and beyond simple API management; a marketplace involves the technology, business, and human aspects of API management, ensuring the APIs achieve what they were intended for in the first place: the consumption and usage of APIs. Thus, the API marketplace enable the connection between producers and consumers of APIs and ensures this connection works.
As part of this white paper, we will look at what typical API management means, and how that relates to the concept of an enterprise marketplace. We will look at the advantages of building an enterprise API marketplace and the required steps to effectively launch one. To further illustrate this concept, we'll discuss a very relevant and interesting case study on a telco enterprise API marketplace from Dialog Axiata PLC.
APIs can be defined as a set of functions and procedures that help build applications to access the features or data of a particular system and API management involves a technology platform that allows one to expose and manage these APIs. In other words, API Management allows you to provide a facade or proxy for existing services and exposes these newly created APIs in a standard, compliant and consistent manner to consumers whilst providing additional capabilities such as security, rate limiting and other quality of service policies.
API management typically has multiple components and/or feature sets including an API Gateway as the actual API runtime and policy enforcement point, a Security component for API key management, an API Developer Portal acting as a catalog of APIs providing a centralized location for application developers to discover, subscribe to and test APIs, an API Publisher providing the ability to design APIs from backend services, API Analytics that provide an analytical snapshot of API usage, etc.
Figure 1: WSO2 API Manager Key Features
WSO2 API Manager is a 100% open source enterprise-class solution that supports API publishing, lifecycle management, application development, access control, rate limiting and analytics in one cleanly integrated system.
An important part of API management that's relevant to our discussion here is the Developer Portal - a one-stop portal for application developers to discover, test, read documentation, and subscribe to APIs. It's also the core of the API marketplace concept.
An API marketplace is a platform to effectively connect API producers and API consumers - and as with any marketplace this provides the tools and the means to do so. While some public API marketplaces exist today that provide a catalog of existing public APIs, this white paper focuses on building an Enterprise API Marketplace - a marketplace that is specific for an organization and exposed either internally or externally. However, the same principles can be used to build a public marketplace as well.
Figure 2: API Marketplace - Overview
A marketplace is much more than a simple API Developer Portal where potential consumers of the APIs and application developers come to discover and subscribe to APIs. As we mentioned above, a marketplace and its role in building an effective API strategy involves business and human aspects as well in addition to the technology aspect (Figure 2).
In a nutshell, an API marketplace go above and beyond what an API Developer Portal offers. A marketplace provides the means and mechanism for a diverse group of people to design and publish APIs and provides tools, documentation, and incentives, such as monetization and supporting activities like evangelism, to encourage the same. Similarly, the marketplace provides the tools, documentation, and evangelism to ensure application developers use or reuse these APIs. Hence, the marketplace is about ensuring the widespread and effective use and reuse of the API management platform to maximize value and benefits.
Figure 3: API Marketplace Components
Figure 3 illustrates the various components of an API marketplace. Producers publish APIs; these APIs are catalogued and displayed via an API Developer Portal. Consumers of the APIs come to the Developer Portal directly or indirectly (via system APIs for instance) to find, discover, and explore APIs. The Developer Portal displays different types of APIs, grouped by division, category, type etc. With specific APIs they can then test and subscribe to APIs. API management consists of many other components that are vital to the marketplace, including the API Gateway, API Security, API Analytics, etc. The organization also organizes activities and events and produces material to encourage producers to build APIs and consumers to consume APIs.
To put this into perspective, let's take a closer look at a case study on a successful API marketplace.
A good example of a successful API marketplace is IdeaBiz by Dialog Axiata PLC (Dialog) - a platform for developers and content providers to use the Dialog network-based features via shared APIs and monetize their efforts.
Dialog is the largest Telecommunications Provider in Sri Lanka and is a subsidiary of the Axiata Group Berhard, a leading telecommunications provider servicing the Asia Pacific region. At a time when most telecom companies were losing out to digital startups and disrupters including over-the-top (OTT) applications, such as Skype and Whatsapp, Dialog moved towards recognizing the digital products needed for the modern customer by providing a marketplace of its products and services.
Dialog launched IdeaMart - an ecosystem marketplace followed by IdeaBiz - an API marketplace. Dialog first focused on internal innovation and standardization by publishing and exposing around 500 internal services as internal APIs using the WSO2 API Manager. This immediately provides a multitude of benefits to internal consumers. Cross division developers can search, discover, and explore APIs from a centralized developer portal. They can test these APIs on the portal before subscribing and consuming them from apps. Metrics would then be available to view usage reports and calculate cross division monetization. Forums on the portal allow consumers to interact with publishers and thereby provide feedback, request features, etc. The centralized management of internal APIs ensure reuse of APIs and promote internal innovation whilst ensuring internal efficiency and faster time to market.
With its internal API management platform in place, Dialog was perfectly poised to explore newer business opportunities and unique digital products. Dialog launched IdeaBiz, an external API marketplace built on WSO2 API Manager to selectively publish APIs to external stakeholders and long tail developers. Numbering 65 external APIs today, IdeaBiz provides potential applications developers with APIs, documentation, and SDKs to build innovative applications that utilize telco APIs and telco services. One could write an enterprise app that used the telco location-based services and send out group SMSs using the telco SMSC.
Dialog took its successful marketplace concept to the next level by organizing a number of events, hackathons, workshops, conference talks and various kinds of evangelism, ranging from events at schools in Sri Lanka to telecom professionals at TAD in Istanbul. These events focused on building applications using APIs and building newer APIs on top of existing ones. Through its ecosystem management platform, Dialog allowed users to rapidly create applications using pre-defined templates. Incentives played an important role as well in the marketplace - application developers could select various revenue share business models with the telco, thereby encouraging increased apps and APIs. Workshops and hackathons resulted in prizes for the top applications. Dialog also had a funding scheme for applications using its APIs. All of the above resulted in a number of individual and enterprise applications being spawned that utilized internal telco APIs.
Dialog's APIs range from APIs to send SMS to Location Based Services APIs to Identity APIs - the latter implementing GSMA's Mobile Connect specification allowing subscribers to login to applications using their mobile device and telco as authentication sources. The API management platform and marketplace is now implemented across multiple subsidiaries of the Axiata group, providing a federated API management infrastructure across the group.
Dialog's API marketplace initiative was a step in the right direction for Dialog's digital innovation journey. For more information see: https://wso2telco.com/customers/api-management-driving-product-innovation
So why build an API marketplace? The above case study gives a very good indication. The section below will discuss some key benefits:
We've spoken about conventionally managed APIs. Our case study was around telco APIs. However, the API store can be home to all kinds of APIs that are exposed via the API gateway. Different vendors categorize these APIs in different ways, but at the end of the day, they are all APIs exposed via the API gateway and cataloged via the API Developer Portal (Figure 4).
Figure 4: An API Store
Some categorizations of APIs are
Among these, event APIs are interesting as they enable new types of use cases. For example, let's assume that Joe has found a new way to predict the long-term weather patterns in an area and he can publish an event API that provides weather alerts. This can be useful to many other use cases such as traffic, health advisories, stock market, etc. If his predictions are accurate, farmers might find it useful to subscribe to those events. It is an API market, where the only difference is now the API provider will push the events to the consumer.
Now that we've built the foundation, let's see how an API marketplace can be implemented.
An API marketplace consists of technology and business components and ancillary activities that ensure the success of such marketplaces. This section will explore the various components and activities and how each can be effectively used to build an enterprise API marketplace.
The sections above highlighted that a full API management platform is a key requirement (and the most important for that matter) for an API marketplace. Within API management, a developer portal is a mandatory component and provides several key advantages toward achieving a full marketplace potential.
API management might span more than just the management and exposure of APIs. Complex transformation might require an integration platform; most customers seem to bring their own ID systems (BYOID) - in which case the API Manager needs to allow consumers to authenticate against the existing system by federating them. This is where the power of a platform vendor comes into play.
Where and how you deploy is an important part of your technology strategy. A platform that can be deployed on the cloud, or on-premise or hybrid of both is ideal to cater to your changing requirements. An on-premise deployment again can be containerized and fully automated; it can be deployed as a single horizontally scaled out deployment or a large scale distributed deployment.
Is the organization looking at creating a pure internal community for its APIs? Is the goal to increase discovery and reuse of internal APIs? As an organization, are you looking towards internal innovation? Then internal API management is a vital step. Application developers streamline the API consumption process by consuming a set of standard APIs. Not only is API reuse and discovery vastly improved, but it is also now possible to track usage of highly performing APIs and applications.
WSO2 API Manager Deployment Patterns
WSO2 API Manager can be deployed to match your business and technical requirements and to cater to your forecasted load. The API Manager can scale from a brand new API management platform handling around 1000 API calls per day to a geographically distributed horizontally scaled out deployment catering to a 100 million API calls an hour or more.
The simplest and most typical deployment of the API Manager would be an 'all-in-one' deployment consisting of the API Developer Portal, API Gateway, API Security, API Publisher, and management components in a single node that can handle up to around 40 million API calls a day. Couple this with a dedicated API Analytics node and your simplest deployment is up and running in minutes. Replicate this to achieve a highly available deployment in an active-active setting or an active-passive (hot-warm or hot-cold) setting as required. For details refer to this article or documentation.
External API management is useful if the organization is ready to take the leap and expose certain APIs externally to be consumed by external partners. An even more open approach is to expose APIs to the long tail, i.e. third-party developers building applications around APIs.
The developer portal is a vital component in both the above scenarios, especially in external API management. The portal in this occasion, while providing a catalog of APIs to developers, also provides self registration, registration of applications and provisioning of keys, an API console for testing, etc.
Most organizations make the mistake of stopping short with the technology aspects. As with any good marketplace and regardless of whether you sell APIs or fresh fish, the consumer is key. The success of the API marketplace depends on the amount of applications and users consuming APIs, which in turn means that as an organization you need to encourage customers to use the platform.
The goal here is twofold: ensure API developers publish their APIs with enough documentation through the API platform (while ensuring they aren't recreating an existing API) and ensuring application developers use the published APIs; in some scenarios the role might be performed by the same person, but regardless this approach promotes reuse.
Evangelism can be anything ranging from frequent company updates on the various APIs available to articles and How Tos on using those APIs. Hackathons are a very productive way of promoting actual practical usage. A typical hackathon maybe a two-day dedicated event bringing together API developers, application developers, and business users and getting them to build newer applications using the APIs or build out newer APIs themselves. A hackathon-in-a-box is an ideal model in this scenario.
Have You Tried Our Hackathon-in-a-box?
WSO2 Hackathon-in-a-box will help to design a hackathon based on your API platform with our expertise in organizing and executing technical events large and small. Inspire new ideas and concepts and find creative ways to identify problems, craft solutions, and build practical plans to execute these ideas!
Incentives or the so called "Gimmification" is a vital part of any marketplace if success needs to be sustained. A traditional marketplace has an inherent financial incentive; while it is tough to match this in virtual, technology marketplaces, there are more subtle ways of handing out incentives. A leaderboard on top of API publishers and application developers, recognizing APIs that have the most subscribers and thus the most reuse and displaying them in dashboards within the company and on the API Developer Portal are a few examples of incentives. Analytics and key performance indicators provide key metrics to facilitate incentives.
APIs themselves are fast becoming the product that is sold (literally or figuratively) to application developers. In an internal API management environment this means cross business revenue as well where a business unit consumes APIs published by a different business unit. Regardless of actual currency exchanges, API monetization plays a key role in enabling this. For internal API management there can be cross busines consumption that's reported every quarter to quantify the contribution from a particular division.
It would be obvious by now that most of the features above highlight analytics and governance in some way or the other. In order to display a leaderboard, a report on the top API publishers are required in the first place. To enable monetization, an accurate usage report must exist. In order to control who can publish what and where, an overarching governance model needs to be in place. A centralized analytics view that features real-time notifications, alerts, streaming analytics, and batch reports is a key part of any marketplace.
API governance is key to ensuring the right APIs are published following the right standards. It is an important part of ensuring certain APIs are visible and accessible to certain groups only. API lifecycle needs to be managed across environments by a diverse group of participants - all of these governance requirements need to be part and parcel of an API marketplace solution. However, governance shouldn't be too stringent so it stifles creativity. Hence, rather than a top-down governance approach an effective API marketplace governance strategy would be more of a bottom-up approach. The convergence of analytics in this domain means analytics can be used for governance leading to an environment where creativity can be allowed, while ensuring a certain level of governance.
WSO2 API Analytics
WSO2 API Analytics is part of the WSO2 API Manager and provides a range of real time and batch analytics, categorized into analytics for APIs, analytics for Applications and Subscription related analytics. This also provides alerts for real time notifications. A list of sample analytics dashboards available are
We've looked at the benefits of API marketplaces and how to build an API strategy using an API marketplace. The concept of a marketplace can go above and beyond an API marketplace; when applications start to grow beyond reasonable numbers, i.e., the API marketplace was mega successful, it means you need to start looking at providing an ecosystem for applications as well. This can be referred to as an Application Marketplace or Ecosystem Marketplace. In this instance, everything we mentioned about API marketplaces can be migrated over to applications where we connect application providers to application consumers, an application store to discover and host applications, an application publisher to publish application metadata, application governance, and analytics, etc.
However, our recommendation is that one walks before they run. Start with API management, move on to an API marketplace, and then consider an application marketplace when a critical mass of applications exist.
There are many API management initiatives around today; however, to truly reap the benefits of an API program, an organization needs to look towards an API marketplace from day one. As in any business, success comes from the contribution and participation from all stakeholders. A working API marketplace is participatory business at its best.
This paper focused on API marketplaces as an extension to typical API management. We looked at the types of APIs that benefit from being available in an API Developer Portal and looked at the business advantages of API marketplaces. We then looked at the various steps and concepts required to build an effective API marketplace. We finally looked at going beyond API marketplaces to ecosystem management.
For more details about our solutions or to discuss a specific requirement