“2010 is the year of the API,” Sam Ramji claims in his session description for Web 2.0 Expo New York, Harnessing the Web’s New Indirect Channel: Open APIs in the Enterprise. With over 15 years experience with open source strategy (spread across startups and large corporations alike), Sam has an intimate understanding of how important APIs are today and will become in the near future.

Sam, VP of Strategy at Sonoa Systems (the company behind Apigee), recently answered some questions we had about his session and how enterprise businesses can effectively employ an API strategy.

Kaitlin: As you said at your Web 2.0 Expo talk in San Francisco, not having an API now is what not having a website in the late 90s was like. What are businesses missing by not having an API strategy?

Sam: The Web has moved beyond the browser to a “Web 2.0″ driven by applications, ubiquitous mobile access, social networks and millions of internet-connected devices. Websites are no longer the only or most effective way to reach consumers and partners online, and just like websites provided the basis for the Web in the 90s, APIs provide the foundation for Web 2.0. APIs allow you to open data and services, expand your reach and get to users wherever they are – app stores and social networks, set-top devices and gaming consoles, phones and tablets. By not having an API strategy, you miss out on a tremendous opportunity for innovation, revenue and reach, and lose competitive advantage to companies that ARE adapting to the new web.

Kaitlin: By using/publishing APIs, some businesses might feel like they’re losing quite a bit of control and protection. How can you be secure while being open?

Sam: While enabling new levels of openness and innovation, APIs do pose new technical challenges around security and management. Companies need to keep sensitive data private or limited to select users, protect their backends against malicious attacks or a surge in requests, and understand who and how their data is being used. Just like there is technology to protect your website and get analytics on its usage, there is technology to protect and understand your API. The key difference is that APIs have new use patterns and demands, for example being accessed by thousands of devices programmatically making millions of concurrent requests. We work with many successful companies who are able to protect their data, ensure optimal performance, control access, and get business-critical analytics to drive their business with API infrastructure technologies suited specifically to the new patterns and requirements of Web 2.0.

Kaitlin: What are some of the unique challenges enterprise companies face when developing an API strategy? (Versus a small startup that is.)

Sam: Enterprises have greater need for rigorous compliance, reporting, and security, requiring increased levels of visibility into their API’s performance and more control over access. Larger potential usage means that enterprises need to build their API strategy to scale seamlessly and safely from the beginning. Another challenge is that some enterprises are “digital immigrants” compelled by competitive pressure and massive opportunity to adapt rapidly to the API-driven web. In order to successfully evolve, enterprises need to think differently about how they reach customers, developers and partners, treating the API as a core part of their business, not just a technical bell-and-whistle.

Kaitlin: The success of an API depends on whether people use it. How do you attract a community of developers to expand your reach?

Sam: The most important thing that companies can do to attract developers is expose high-value functionality in a simple, well-defined interface. Developers want to get up and running on APIs quickly, so remove barriers to entry and play. If you can help make your developers successful, your API will be successful – so champion their apps, serve their goals and help them make money. You also need to engage with the community and understand their needs. You can do this by attending and sponsoring developer events, holding contests to attract innovation, and tapping into existing developer communities that have a natural affinity to your API.

Kaitlin: How do you maintain this community?

Sam: Maintaining a strong developer community means being a good partner. Version your API responsibly and document carefully – you don’t want changes to your API to break your developer’s applications. Make sure your API is always available and scalable, and if there are bugs or downtime, communicate early and often. Listen to your developers and their feedback and pay attention to what they are building. It will tell you a lot about the market and what it needs from your business. Treat your developers well and they will stay and spread the word!

Kaitlin: Because of APIs, the majority of Amazon and many other sites’ traffic comes from elsewhere. Will this be the same story for enterprise companies, or is it already the case?

Sam: Many enterprise companies we work with dramatically expand their reach and ultimately see over 50% of their traffic come from their open APIs. While this is a benchmark of early adopters and today’s API leaders, the market is catching up to the new web and this pattern is showing up more and more across industries – from retail companies enabling “buy-everywhere,” to media companies sharing content with hundreds of mobile apps, to finance companies sharing services with new partners. Successful companies can expect as much, if not more, traffic to come through their API as their website.

~~

Kaitlin Pike is the Community Manager of Web 2.0 Expo. She can be reached @w2e or @kcpike.

Register here with code webny10scm4 to save 25% on Web 2.0 Expo conference passes.

Trackback URI | Comments RSS