Building an

Enterprise
API Program
Table of Contents

page 3
Introduction: APIs are Proliferating

page 5
What Types of APIs are Used in the Enterprise?

page 11
How to Create an API Strategy

page 12
The 5 Components for Building an API Strategy
Executive Support
Organization Structure
API Platforming (Enterprise Hub)
Peripheral Tooling
Education and Awareness

page 19
Getting Started

2
1
Introduction: APIs are Proliferating
Application Programming Interfaces (APIs) have emerged as a key component of enterprise
modernization efforts, particularly in industries such as banking and insurance where the
availability of API-based resources provides leading institutions with new channels for
reaching customers.

As the connective tissue linking systems and data, APIs play a crucial role in making enterprise
systems and services more responsive and adaptable, while enabling companies to monetize
their data, cultivate partnerships, and unlock innovation.

Thanks to increased demand, the API economy is projected to be a $2.2 trillion market1 in
the next few years. IT Research and Advisory Firm Ovum reports that “during the next two
to three years, the number of enterprises having an API program is expected to increase by
150 percent.”

Sources: Google Searches for “Rest API”, 2004-2019

Ovum, “Realizing the Business Value of APIs,” October 2014

1
IBM, “Building for the Open API Economy”, 2016 3
 The Need for a Strategy

APIs are They have ...But also We need an

challenges API Strategy

Has to encompass full cycle - from Private to Public APIs

Yet despite the potential, most enterprises have failed to deliver an effective API strategy.
In many cases, API programs are developed in a siloed-effort, which results in redundancies,
poor integration, and an implementation not underpinned by any real business strategy.
This has caused many organizations to make frequent changes to their API programs, causing
resource inefficiencies and distabalizing their reputation with developers and partners.

As your organization looks to take advantage of the API economy, you will need to know
how to create a sound API strategy, determine the types of APIs to account for when
building your strategy, and what process and structure should be in place to consume,
share, manage, and monetize the APIs in your organization.

4
2
What Types of APIs are Used in the Enterprise?
APIs in the enterprise appear in many shapes and forms - from internally-built tools that
are transparent to end users to strategic tools used to drive business relationships and
partnerships. APIs can be classified into four main categories: Private, Partner, Public, and
external Third-party APIs.

Private APIs Partner APIs 3rd Party APIs

• Internal services created • Powering integrations with • Used by developers to
by development team select partners and customers speed up development

• Used to build applications • Exposed on a per-need basis • May be integrated on an

and services ad-hoc basis by developers
• Requires direct business
• Not exposed externally agreement / relationship • Used for basic infrastructure
and functionality

Private APIs
Business software has traditionally been created as a large monolith application, a single code
base that takes care of all the app’s functionality. Many companies have found monolithic
applications to be big and cumbersome with impossible-to-maintain codebases. With a
monolith, a change made to a small part of the application requires the entire monolith
to be rebuilt and deployed. This complexity results in a big communication overhead and
development delays.

{
29% In Production
68%
Microservice Use
24% Investigating

15% In Development
2% - Other
32%
30%
Not using
Source: Ngnix Survey, 2015

5
These frustrations led to a new architectural style in software development where a
monolithic app is decoupled into microservices. A microservice is a smaller logical program
that functions with its own separate codebase and is independently deployable and scalable.
Each service provides a firm module boundary — even allowing for different services to
be written in different programming languages. Microservices use APIs to communicate
between themselves and form one master program.

How many APIs are in your Organization?

0 APIs

1-10 APIs

11-50 APIs

51-100 APIs

101-200 APIs

201-300 APIs

301-400 APIs

401-500 APIs

501-750 APIs

751-1000 APIs

1001+ APIs

Don't Know

0% 3% 6% 9% 12% 15%
Source: Imperva API Survey, 2018

Developers use private APIs to connect microservices and create applications and services.
They give developers an easy way to plug into back-end systems and application functions,
with the goal of accelerating the development process with fewer resources. 50 percent of
all organizations have more than 300 private APIs. Most companies see value in “consuming
their own APIs” as they are not exposed publicly.

6
Because each department is developing their own APIs, there are often data and development
silos, with the end result being that organizations do not achieve the productivity gains
possible with APIs.

Mobile Team Web Team

FICO Score Loan Offer Analytics Loan Offer Users Analytics
API API API API API API

Loans Team User Data Team

FICO Score Loan Offer Mortgage Accounts Users Registration
API API Rate API API API API

Partner APIs
Partner APIs enable businesses to power deeper integrations by opening up key APIs to
channels, partners, and customers. With Partner APIs, you can collaborate with other
companies to create unique solutions by determining who has access to your APIs. This enables
companies to reduce development efforts while creating stickiness to their applications
and services. Companies like Salesforce and Expedia garner a significant portion of their
revenue by making their APIs available to partners.

The main differentiator between private and partner APIs is that while private APIs are
developed internally and used by one or more internal consumers (e.g. engineering teams
working in the same company), partner APIs are used by engineers in other organizations.

Percentage of Revenue Generated Through APIs

90%

60%

50%

Source: Harvard Business Review, The Strategic Value of APIs, 2015

7
Public APIs
Public APIs enable you to provide developers access to their software application or web
service and leverage them in the development of new features and services. Over the last
15 years, this trend has been on the rise with almost 30,000 public APIs being available for
developers to use when developing their applications.

With a public API strategy, companies can create a whole new monetization channel or
simply create stickiness to your product. The key is in understanding how external users
will engage and connect to your application and how that API should be made available.

Publicly Available APIs

30,000

20,000

15,000

10,000

5000

APIs
0
2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Source: Programmable Web, 2019

Third-party APIs
As companies transition to a microservices model, they have developed a microservice for
each “utility” function such as billing, email delivery, or file storage.

Public API companies emerged to provide APIs for the business software functionality
that many software developers want to utilize in their apps. Public APIs are microservices
that provide common functionality that many developers across business require.

8
For the $35B Stripe, this functionality was payment processing. For $13B Twilio, it was
sending SMS and for $3B SendGrid, it was email delivery. For this new wave of companies,
their business is fueled by their APIs.`

This strategy is appealing because it enables:

Faster Development: Ability to integrate existing functionality as

opposed to building it from scratch

Better Service: API providers have years of expertise to offer higher

quality services

Cost-effectiveness: API companies enjoy economies of scale, and thus

can offer services at a lower cost
$

New Possibilities: Access to technologies like AI, machine learning,

and image recognition

But integrating APIs can be hard for your developers as dealing with issues such as different
formats (REST vs. SOAP vs. GraphQL, etc.), data, authorization schemas, billing, provisioning,
etc. can erode productivity.

9
 Average Number of Days to Build Net New API Integrations

38%

19% 19%
16%

8%

<5 30 60 90 >120
Source: State if API Integration, 2018 Report

And third-party APIs can create risk. Every API is a runtime dependency of your
application, meaning:

If an API goes down­–your app is down

If an API is breached–your data is leaked

If an API becomes slow–your app is slow and unresponsive

If an API is not compliant–your app is not compliant

Third-party APIs accelerate software development and innovation but the risks created by
APIs necessitates that companies create a comprehensive API strategy that includes executive
support, the right structure, governance, and control.

10
3
How to Create an API Strategy
To take advantage of the benefits of the API economy and to avoid the pitfalls, it is impera-
tive that you first determine your business goals — is it accelerating development? Creating
product stickiness? Monetizing business assets and datasets? Unlocking innovation? How
can you achieve these goals — will it be using private, partner-facing, public, third-party
APIs or some combination?

API Strategy

Depending on the types of API, it is important to understand what you want to accomplish
for each type of API:

• For private APIs and microservices, you need to make it easier for developers to
collaborate, share and reuse APIs.

• For partner-facing APIs, you must expose services to partners while making integrations
seamless.

• For public APIs, how can you create a public API ecosystem that fuels innovation?

• For third-party APIs, how do you monitor and govern consumption?

Once you determine your organization’s goals, you need to put the right components in place.

11
4
The 5 Components for Building an API Strategy

#4
Peripheral
Tooling

#1 Executive Support
Developer adoption is critical but executive support is the catalyst. The leadership team
must buy into the strategy and dedicate resources to:

• Build a team with dedicated headcount and budget.

• Choose the right tooling that will enable the team to standardize and drive unity.

• Allow time for engineering teams to make the transition and commitment.

• Create incentives that motivate teams to share APIs and contribute.

• Establish a culture that enables you to break down silos and operate as a unified company.

Creating a culture and an organization oriented around APIs is not a simple task, and
requires many organizational changes and most importantly — budget and patience. But
when done properly, it can pay off well and prove transformative for the organization.

12
 “
“Right now we are API-ing every layer,

”
celebrating any use anywhere and knowing
we’ll have more opportunities in the future.”

“
”
Amazon Inc., 2002

#2 Organization Structure
It is imperative that you determine the type of organization structure needed for overseeing
your API strategy. Your company can either go for a single team owning the strategy, a
more horizontal structure or a hybrid of both. When setting up the model, it is important
to address the following:

• Who approves APIs to be used?

• Who approves APIs to be published?

• Who defines the standards that APIs conform to?

• Who decides & buys APIs tools?

13
To determine whether to go with Teams Model or Cross-organization model:

Team Ownership Cross-organization

Optimization - allow teams to define Interoperability - make it easire for teams

their own tools, cadence and stack to collaborate and use other services by
based on: making them familiar

• Product / tech needs Support - align the tech stack to have ex-
pertise built throughout the organization
• Team knowledge
Economics - benefit from economies of
• Available resources scale when buying tools in bulk

Experimentation - allow for more Optimization - allow to hone and perfect

experimentation in the stack a single stack across the company

Culture - create a feeling of

ownership by different teams

Ideally, your organization should opt to integrate components of both types of models,
enabling engineering teams to own their own tooling while taking advantage of a centralized
support model for ensuring collaboration and support across the organization.

#3 API Platforming
Whether you choose a teams-based approach or a centralized API strategy, your organi-
zation will need a centralized place to discover and connect to APIs. Although there are a
variety of API runtime technologies and Gateways for the data center, cloud and Kuber-
netes-based infrastructures, a single consolidations layer is needed to find, connect, and
manage the hundreds of APIs your organization is using currently.

14
 Developers

Data Center Cloud Kubernetes

APIgee Akana Ngnix Tyk AWS API Gateway Envoy

API API API APIA PI API APIA PI API APIA PI

An API Hub provides a centralized catalog for helping developers, product managers, IT,
and API creators to find, manage, and connect to all APIs — using a single key and SDK. An
API Hub enables your organization to create new efficiencies, accelerating the software
development process. And an API Hub provides management capabilities that enables you
to govern and manage API consumption with enhanced visibility and control.

API Hub Governance

Team
aka API Catalog /
API Store /
API Marketplace

API
Hub
API • Discover Available APIs API
Creators • View API Documentation Consumers
• Provision Access
• Test API Requests

Publicly
Used APIS

15
RapidAPI Enterprise Hub
RapidAPI is the world’s largest API Marketplace, When choosing an API Hub, it is important
enabling more than 1 million developers to to look for key capabilities:
access more than 10,000 APIs using one SDK,
API key, and dashboard. RapidAPI’s Enterprise
API Hub is a private API Marketplace used by
developers, analysts, and product managers to
discover and connect to internal APIs, as well as API Support for all standards
API subscriptions. (OAS, GraphQL, etc.)
Publishing
RapidAPI’s Enterprise API Hub:

• Is branded with your company’s identity.

• Can connect to your internal systems. Be able to search through

all available APIs Discovery
• Is deployed seamlessly on premises or the cloud.

Testing / View documentation

Evaluation andtest APIs easily

Provision API access Provisioning

Once set up, engineering teams can publish their

APIs into the hub. RapidAPI supports all your
APIs, regardless of what API gateways or
Analytics Obtain information about
management solutions they use.
& Metrics API users and their usage

Your IT team can use a dedicated dashboard to

manage who accesses the API and how the APIs
get consumed. With the dashboard, they can access
detailed analytics and monitoring information Get support for APIs and Discussions
to ensure: discuss enhancements / Support
• Data security

• Compliance
• Adherence to SLAs

Additionally, companies also use RapidAPI’s

Enterprise Hub as an external marketplace,
enabling customers and partners to find, connect,
and manage their APIs. 16
#4 - Peripheral Tooling
Beyond an API Hub, there are a set of tooling that are required for creating a successful
strategy across the entire API lifecycle. This tooling includes API design tools, testing and
monitoring tools, data, middleware, etc.

Monitor
Manage
Acquire / Monetize
Secure
Publish / Engage
Monitor / Optimize
Secure
Pay / Subscribe
Deploy

Test Integrate

Develop Evaluate / Test

Design / Mock Discover

API Producer API Consumer

API Design
Good API design results in a better developer experience, improved documentation, and
increased adoption of the API. Companies like Postman, Insomnia and Swagger provide
design tool options.

Testing and Monitoring

Testing tools enable you to “live test” the API to ensure it meets expectations for function-
ality, reliability, and performance. For monitoring, the right tool enables you to monitor API
uptime, complex functionality testing, and performance. Companies like API Fortress, API
Metrics, and Runscope provide testing and monitoring to ensure the health of your API.

Synthetic Data

Synthetic data is a “fake” data set that is created algorithmically and is used as a stand-in
for test dataset or to validate certain mathematical models. It carries the same statistical
properties as the original data so it can be used for AI/ML. Because the data-sets are sen-
sitive, it typically cannot be shared across the company.

Middleware
The last tooling that is typically recommended with any API strategy is the right middle-
ware solution for converting older API types to more modern APIs (REST, GraphQL, etc.).
These middleware solutions combine data from multiple sources into a single user-fac-
ing API. It is often used for creating APIs on top of existing systems and data sets. AWS
AppSync, Dream Factory, and Prisma are all companies in this space.

17
#5 Education and Awareness
When introducing an API strategy to the enterprise, it makes sense that you educate the
team on the latest technologies and best practices.

For example, to generate awareness, you might want to:

Create an API Newsletter to highlight new services and data available and new
tooling and reward API publishers.

Celebrate wins by highlighting them and incentivizing both API publishers and users.

Schedule events such as internal hackathons and meetups as starting points for
API awareness.

Drive visibility for API publishers to create the first internal champions. Everyone
wants their API to be popular!

To educate your team on using and managing APIs, there are several ways you can initially
get started:

Maintain up-to-date documentation on API standards and tooling.

Create Seminars and workshops on API development and tooling.

Invest in Online Courses and make them available to everyone in the company.

18
5
The time is right to get started!
You already know that APIs are the foundation for any modernization effort and they
have the potential to help you change the velocity of your business. Determine the
types of APIs that your organization has and view those APIs as valuable assets for
accomplishing business goals - whether they are for internal productivity or building
a new revenue channel. There often is not one right path but it is important to agree
on a path, get executive buy-in, and create an API strategy that will enable you to
create differentiation and enable innovation. Get started now as an API strategy is
essential for remaining competitive in today’s digital economy.

For more information,visit us at https://rapidapi.com/enterprise

19
19
v1.1