How to use open APIs for business growth

Open APIs are increasingly being exposed, especially for mobile and cloud apps, but they require appropriate monitoring and management

When you think "open source," you probaby think applications. But maybe you should also be thinking about APIs. In a recent conversation with Sonoa Systems' Sam Ramji -- who in a previous life was a central figure in Microsoft's open source strategy team -- Ramji described a shift in his work from "open source to open cloud." It's a shift that may -- and should -- be coming soon to your work as well.

Ramji explained that enterprises are increasingly opening access to enterprise applications and services to third-party developers, especially mobile developers, through open APIs. The impetus? Increase application content routes to market in an effort to boost revenue potential. The increased routes to market add to the potential load on the core application or service being exposed through the open API. Without careful consideration, the potential load from a third-party application could disrupt the company's own, likely business-critical, use of the application or service.

[ Keep up on open source issues, news, and reviews with InfoWorld's Technology: Open Source newsletter. Sign up today! ]

Ramji explained that the explosion of third-party mobile applications is driving interest and use of open APIs. For some companies, this is a double-edged sword. Third-party use of a company's APIs increase revenue potential, but it also ups the risk of core system downtime based on factors beyond the company's control, whether through misuse or abuse of the open API.

Data Explosion iGuide

As you'd expect, Sonoa Systems addresses this issue through an enterprise-grade platform for visibility, management, and governance for cloud services and APIs. Sonoa's flagship product, ServiceNet is available as a hardware appliance, a virtual software image for private data center, or public cloud deployment.

Ramji described a major U.S. retailer whose IT department built and exposed an API to its product catalog as a skunk-works project. Nobody knew the degree to which the API would be used or the extra load to expect on the product catalog service, a business-critical IT asset.

Today, the API is experiencing significant usage as third-party developers have integrated the retailer's content into a mobile mashup application. Not surprisingly, the mobile application is driving workload to the retailer's back-end services that must be managed and optimized, a sweet spot for Sonoa. However, the application is also drivinrg new revenue, which can be tracked through the API analytics that Sonoa ServiceNet offers.

The opening of enterprise applications and services through APIs is heading in only one direction. Sonoa hopes to accelerate this trend through its Apigee service: "You have Google Analytics for your Web site -- what about your APIs? And how do you protect your app against a burst of traffic or find out if an API you are using is slowing down your app?"

The great thing about Apigee is that companies can use ApigeeBasic, a free offering, to protect the core system through API usage quota, rate limiting, and spike protection. This enables companies of all sizes to start getting higher utilization out of the core application or service by making it available through a much broader channel than the company's online presence alone.

Regardless of whose tools you use to address these open API management and business issues, what's key is the ability to track revenue associated with the open API. Why? Because that is sure to help business case discussions that may result when infrastructure upgrades are required to keep up with the new load through the open APIs. For most companies, that would be a good problem to have.

This article, "How to use open APIs for business growth," originally appeared at Read more of Rodrigues et al.'s Open Sources blog and follow the latest developments in open source at

Follow Rodrigues on Twitter at SavioRodrigues.

p.s. I should state: "The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions."