Words of caution: APIs are an emerging spaghetti patchwork

Words of caution: APIs are an emerging spaghetti patchwork

Summary: A call for service oriented architecture principles: 'Managed APIs are SOA done correctly.'


The 'A' in SOA stands for 'API': I wish I would have thought of something that clever, but the full credit goes to Chris Haddad, former Gartner analyst now with WSO2.

Wires photo by Joe McKendrick
Photo: Joe McKendrick

There's been plenty of discussion lately about how APIs -- which deliver a wide variety of on-demand services -- form the backbone of enterprise connectivity and innovation. APIs, both public and private, expose critical services and make them easily accessible via REST calls. But the risk is similar to that seen in the early Web services days -- that having multiple departments, systems and individuals all making their own API calls, or delivering their own APIs, resulting in duplication, wasted resources, and a spaghetti architecture of services criss-crossing each other.

Time for architecture to help plan and combine resources. But what kind of architecture?

In a recent post, Haddad lays out an architectural scenario that brings APIs into a service oriented architecture. It isn't even a case of worlds colliding or anything like that -- they are both part of the same world. SOA, based on work that has taken place over the past decade, provides the answers for effectively and intelligently sharing and deploying APIs. They bring different sets of advantages to enterprises, he explains. SOA brings re-usable and evolvable implementations. APIs bring extended reach and decoupled interfaces, he says.

Ultimately, managed APIs are ‘SOA done correctly,' Haddad says. "Managed APIs are actively advertised and subscribe-able; available with an associated, published service-level agreement (SLA); secured, authenticated, authorized and protected; and monitored and monetized with analytics."

A successful merger of the two concepts requires that SOA governance principles be synchronized with API governance principles, Haddad advocates. This merger, if done correctly, can improve "architectural coherence," he says. The result is a focus enabling IT and business agility through services, rather than exercises in "simply swapping out IT toolsets, message formats, and protocols."

SOA governance includes guidance for the entire service lifecycle, including creation, testing, provisioning, utilization, management, and versioning. API governance addresses analytics such as service tier subscription information, collects usage statistics, present productivity metrics, and integrate with billing and payment systems.

At the core of the merged SOA and API operation is policy frameworks, as well as metadata, or the design and development time information used to describe a service or API, Haddad adds.

Topics: Enterprise Software, Data Centers, Software Development, Web development

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • In the early days of SOA

    Microsoft put a big emphasis on directories and discovery services.

    The beauty of the new RESTful age is that developers are supplying human readable documentation - it isn't autogenerated build docs or part of a parts directory. Developers actively write up and promote what they've done.
    • DLL Hell

      Microsoft cured this (mostly) years ago. Lately in several Apps I have been seeing a resurgence of the same problems with API's. The problem is mostly in the data returned with subtle shifts in formats. I do not care what the standard is for the cure. If it does not happen soon we are all in for new trips to the nether world.
  • REXX

    Wasn't ReXX (and Arexx for Amiga) designed to expose APIs (entry points) in a consistent manner? I wonder if this type of idea could be reimagined for SOApi.
    Roger Ramjet
  • Still trying to figure out

    ... what the hell the author thinks API means.

    Because from all his articles about it, it is more than obvious that he has no clue about what Application Programing Interfaces (API ... or headers/methods/classes) actually are.
    • He may know more than you

      given that the typical binary programming paradigm (libraries and classes) is now only one of many. REST services use paths as methods as arguments, JSON structures pushed via HTTP POST commands as rich structures, and returned JSON as the equivalent of rich objects.... with nary a class, header file, or method in sight.

      The author appears to understand that.
      • Which makes it kinda confusing . . .

        "given that the typical binary programming paradigm (libraries and classes) is now only one of many."

        Which makes it kinda confusing, as we're calling more than one thing an "API" now, and bloggers aren't very careful about distinguishing the new web-based APIs from the APIs used in application development.
    • the authors response on API terminology

      Hi @wackoae, Yes, the API term is extremely overloaded. APIs (application programming interfaces) can be called over the network using web standard protocols (HTTP, XML/JSON). In the olden days, we called networked APIs 'web services' to distinguish the term from native language APIs.

      As an industry analyst, hands-on practitioner, and yes, a blogger to get the message out, I have carefully explained the nuanced differences between RESTful APIs and SOA services [and stay away from hype and FUID] You can read more at http://blog.cobia.net/cobiacomm/2014/06/23/soa-api-strategy-tactics-and-convergence/
  • API is the future of the web

    Digital devices are increasing day by day, and Application needs to be supproted to each and every devices. IOT(Internet of Things) is the future. so support all the devices, Application needs to have services that could be RESTFull or SOAP data and should support JSON or XML.
    To Analyse JSON you can visit http://codebeautify.org/jsonviewer
    To Analyse XML you can visit http://codebeautify.org/xmlviewer

    Web Application , MObile Application, Tablet Application for different OS (Android , IOS, Windows) and to Support all Client application . Web API is must.