Software as a service (SaaS) is a subscription-driven software licensing mechanism. The software vendor owns and hosts the software in a cloud environment.
Both the vendor and the customers take advantage of the economies of scale associated with this model. A SaaS that exposes public API has a significant advantage over competitors that do not. A well thought-out API (application programming interface) makes it easy for SaaS customers to integrate with other applications they use. Citizen developers can roll out useful purpose-specific apps without IT red tape. Third-party vendors can build apps that may expose new uses that the SaaS vendor may not have thought of.
Let’s go over the three sets of API that SaaS vendors must provide to make their platforms successful.
1. Authentication, authorization and user management API
Managing users is one of the core API services that any SaaS must have. This service makes it possible to add and remove users, as well as control access to features and data.
Users should be able to manage and reset their own passwords. Your customer’s help desk employees need be able to act on behalf of the frustrated user.
In my previous post I talked about how a successful API strategy begins with implementation of the OAuth 2.0 protocol. Rather than implementing your own, consider reusing an existing enterprise SaaS platform. For example, if your target users already have access to Office 365, you may rely on Office 365 OAuth 2.0 and Azure Active Directory API. Users get password and account management tools as part of their user experience, leaving the SaaS vendor to focus on the business vertical.
2. Operational data store API
No enterprise application supporting an important business process exists in a vacuum. Operational data store integrates data into a structure that makes sense for your SaaS.
It is important to make it trivial for third-party or citizen developers to integrate with your SaaS platform. You will need to cover the basics:
- Initial bulk load of data
- Replication of data
- Bulk export of data
- Inbound data update notifications
- Outbound data update notifications
- Query and reporting
The integration API should seamlessly fit into the ESB tool chain. Take a popular commercial ESB such as Mule or an open-source one like Apache ServiceMix and make your API workable with it.
3. Usage metrics collection and logging API
Usage metrics is crucial in determining how to support, extend and monetize the application. When frustrated users call you will need to know what led them to the bug. Knowing how they use your application’s user interface can help you make them even more productive. Key application metrics can help predict periods of increased usage.
There is no need to reinvent the wheel. Take advantage of existing tools such as AWS Mobile Analytics, Visual Studio Application Insights and Google Analytics.
Now what?
If you are a customer looking for a SaaS platform for your business vertical, you will need to customize and extend it. The API is what lets you do that. Ask your SaaS vendor for documentation, code examples and best practices. Make sure the API covers your needs and the areas listed above.
If you are a SaaS vendor make sure your API covers the basic needs of your customers. There is no need to overcomplicate it or reinvent the wheel. Relying on existing cloud services and integration practices helps control time to market. Consider what your competitors in the industry have already done and use open standards.