Published on the 30/10/2017 | Written by TIBCO
Leverage the power of APIs to accelerate programme delivery...
Are you talking mobile apps and partnerships?
Then you’re talking APIs. Is your IT shop flooded with requests to support new mobile apps and strategic partnerships? If so, experts agree it’s time to invest in a secure, flexible Web API, or application programming interface. APIs are at the center of what Gartner calls the new “extensible enterprise.”
But how to build a robust, scalable API program?
In this guide, Mashery, the leading API management solution for more than 150 top enterprises — including Comcast, News Corp Australia, Macys.com, IHG, and CocaCola Enterprises—shares lessons learned about deploying and managing successful enterprise APIs.
- Target your mobile app developers
An API will turbocharge app development among your own developers, your strategic partners, and even public developers—people outside your company who are itching to innovate with your data. Successful API programs target some or all of these groups.
For example, Edmunds.com saves weeks of development time and generates millions of dollars in revenue by exposing APIs to third-party developers and big-name partners like eBay. The Edmunds API also powers partnerships in the Internet of Things space with companies like Carvoyant, leveraging automobile data in new ways to reach different industries and consumers, and continuously innovate.
Once you decide which developer groups to target, you can set appropriate access policies and terms of service.
- Optimise your API for mobile
Mobile devices are getting more powerful, but they still have limitations in processing power and bandwidth. Where possible, minimize response size by adopting lean formats like JSON (more on that in step 6) and allowing apps to specify the size of data chunks you’ll return. Compress responses with GZIP, especially when payloads are large.
If you’re serving the same responses over and over, you can gain big efficiencies by caching responses close to where apps live through a content delivery network, or CDN. Your data center will enjoy a lighter load, and you’ll see faster response times. Mashery’s customers serve up to 90% of responses from our global, distributed cache, speeding response times by 10x or more.
- Leverage the cloud—Or stay on-prem
Where you put your API traffic management solution matters. For maximum ease of deployment and highperformance caching, distribute your traffic manager through a cloudbased delivery platform. For data around which the business requires more control or security, consider an on-premise traffic management solution. Either way, be sure that you can set policies, manage developers, and monitor traffic across all traffic managers from a central dashboard.
- Trust some mobile apps more than others
It’s becoming increasingly common for successful API providers to think of their APIs as not just one set of methods and policies, but rather as a product line of API packages One package might support apps built by your own developers— with generous rate limits and extensive access to corporate resources—while another might enforce stricter limits and expose only a subset of resources for close partners. An even more 3 WHITEPAPER restrictive package might support public developers. The most successful API programs now package not only different levels of access, but also different business models— each tailored to the needs of a specific developer segment.
- Distribute your buy button
These days, mobile apps are expected not only to deliver product and service information, but also to handle full-on transactions. For PCI compliant enterprises—those that submit to audits around the Payment Card Industry standard for handling credit card data—this can present challenges.
Mashery recommends several best practices for extending commerce to mobile apps. For your own apps, encrypt data and get PCI auditors to add your API to their scope. To allow partner apps to transact, employ a PCI-compliant API distribution platform. Or, use OAuth to let app users authorize purchases using payment info that’s already on file.
- Delight your mobile developers
Whether they’re on your corporate campus or at a hackathon (more on those below), developers can do more with your API if you make life easy for them. That means creating a portal where they can get easy access to keys, giving them interactive documentation (such as Mashery I/O Docs) that let developers explore and test your API before they write code, and providing usage reports so they can see how their apps are interacting with your API over time.
- Grow your developer community
Finally, remember that a thriving community of apps doesn’t happen without a thriving community of developers. If you’re targeting public developers, sponsor hackathons or other app contests that encourage developers to dig into your API.
Companies including Macys.com, EDGAR Online, and USA TODAY take advantage of the Mashery Developer Outreach Platform to reach our community of more than 130,000 (and growing) registered developers through Mashery-sponsored hackathons, Mashery Developer Newsletters, and other programs.
For more whitepapers on API:
Extend brand and business with API-powered mobile applications