The Application Programming Interface or API is an old concept for exposing application functionality programmatically to other applications and developers. API Management is important. Increasingly commercial and public sector organizations are looking to expose select data and functionality to outside developers so that they can leverage external innovation for reaching new customers, creating new revenue opportunities and building brand loyalty. In so doing companies are transforming their business into platforms. By remaking their business into a platform organizations can
However publishing APIs online makes organizations subject to the growing threat of cyber attacks. While network firewalls can provide some measure of protection from standard, Web-based attacks, they cannot address API threats because they lack the ability to deal with the messaging protocols used by API's today like XML and JSON.
Managing APIs also presents a number of problems, primarily around creating, maintaining and updating different versions of APIs for different customers, as well as granting third parties the ability to aggregate and orchestrate across your APIs to create new services and richer responses to queries. APIs are like any other piece of code you create; they are developed, tested, deployed and revised as needed. But moving Web APIs between environments or deploying new versions of APIs can expose hidden dependency issues or break your customers existing integrations, causing downtime or even SLA violations.
Layer 7’s CloudSpan and SecureSpan XML Gateways deliver solutions for proxing API's exposed to the outside world. The Layer 7 Gateways can manage access to the APIs, throttle usage based on SLA contracts, meter the number of requests for billing purposes, create virtual "aggregated" views customized to each developer or group of developers, manage versions and ensure backward compatibility and protect against attack and downtime. Moreover using Layer 7 organizations can customize and tailor their solution for their needs exactly, something not possible with hosted solutions. Example API control benefits from Layer 7 include
Basic API Management Tasks with the Layer 7 API Proxy