API Economy Briefing Paper

From wiki
Revision as of 14:02, 25 October 2018 by John.bain2 (talk | contribs) (Created page with "Back to Tech Briefs list page ==Business Brief== An Application Programming Interface (API) is a clearly defined set of subroutine definitions, protocol...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Back to Tech Briefs list page

Business Brief

An Application Programming Interface (API) is a clearly defined set of subroutine definitions, protocols, and tools used in building applications. APIs are interfaces that allow software components to communicate amongst one another. The term API economy describes the manner in which APIs can be leveraged to increase an organizations profitability. From a development standpoint, well designed APIs facilitate easier development of applications. This is because APIs can be reused and provide the building blocks for applications. For example, Companies like Uber use an API to monitor Google’s location data of the user. Popular APIs from companies like Twitter, Netflix and Google can receive between one to five billion calls a day.

In today’s API economy APIs are being leveraged using three different business models. Each of these models has its strengths and weaknesses. In direct consumer model a company will develop an API and offer it directly to its consumers. Using the API a consumer gains access to wide variety of services such as data storage, application development platforms, and cognitive computing. A market making strategy is another model used to leverage APIs. In this strategy companies will bring together API producers and consumers. In this manner the organization will act as broker of the technology. Companies using this model will create new growth platforms. For example, AirBNB connects travellers and accommodations while leveraging geolocation and payment APIs. The third business model is ecosystem enablement. This is where a company uses an API to generate establish third party relations and partnerships. The services provided by this API can then be added to and resold to other organizations. For example, RBL bank one of India’s largest banks, sells their payment, virtual account, and Collection APIs to non-banking institutions. Other companies can also become “wallet” companies by combining the bank’s APIs with their own. As they resell the use of the bank’s APIs this creates an ecosystem all leveraging the API.

Technical Brief

An API is a software intermediary that establishes communication between two applications. APIs can be used in web-based systems, database systems, computer hardware, and software libraries. APIs can be written in several languages and there are also several types of APIs. Web-based ones can be written as a series of XML (extensible markup language) messages. For example, if an individual is designing a conferencing API able to schedule conferences, the XML messages will each configure different aspects of the conference (organizer name, time, location, etc.). This API can then be called through other applications like e-mail, meaning a person can schedule a conference through the e-mail application without having to go through the application scheduling the conference. In this manner, the endpoint of the API is decouples the consumer application from infrastructure that is providing the service or data. This then grants service providers a greater deal of flexibility with how their infrastructure is built. For example, if the infrastructure behind a particular API involves physical servers at a datacenter, the provider can switch to virtual servers capable of running in the cloud. HTTP protocol can be used to encrypt data while being transmit or while it is resting on the server or on the client. Mobile APIs tend to use token-based authentication. Some types of APIs are program-centric APIs, web APIs like Simple Object Access Protocol (SOAP), Remote Procedure Call (RPC), and Representational State Transfer (REST). REST APIs are the most popular as they are used on internet based applications to establish interoperability between computer systems and the internet. These APIs allow the requesting system to access and manipulate textual representations of web resources using predefined stateless operations. .

Industry Use

Most major technology companies are now utilizing the power of APIs. APIs are now used in almost all application development. This is because they increase the range of flexibility and the amount of infrastructure needed to be built. All online business now is conducted through the use of APIs. E-commerce platforms like PayPal provide a secure payment method in which all transactions can be handled on PayPal’s servers. This becomes a huge asset for companies like amazon who handle millions of transactions a day. A User choosing to pay through PayPal call the PayPal’s API, meaning the data is received from PayPal making it a more secure connection. Large internet businesses are also leveraging APIs to store data about their users. This data allows them to tailor specific services to customers based on the data being collected.

The manner in which companies are leveraging APIs depends largely on the business model they are using and if they are using a private or public API. Private APIs are for internal use within a company allowing development teams to plug in directly into back-end systems. Public APIs are ones that can be accessed by anyone. This concept is derived from the notion of open-source software. Companies like Google, Facebook, and twitter all own public APIs which allow developers to access their data in a secure manner. For example, Twilio is a software company with a public API. The API allows other companies to offer text messaging and calling functionality to other applications like Uber, AirBNB, OpenTable, and eHarmony.

Canadian Government Use

The GC has commitred to the open government initiative. The policy is set to introduce greater transparency with regards to government data. The GC will be releasing APIs that provide public information to Canadian citizens. CKAN is a feature-rich registry system that allows users to browse and search data.The system can be used directly through the site or can be accessed through the use of an API allowing the user to automate search results and add functionality. CKAN’s action API, which is an RPC-style API allows users to access all the key features of the system. The API can manipulate datasets, every dataset in the system had a “Link to JSON format”, when pressed the API is called and a record of all metadata is printed in JSON (JavaScript Object Notation) format. The Canadian GeoNames Search Service is another example of the GC use of APIs. The service allows users to search for current and formerly official geographical names from the Canadian Geogrphical Names Data Base (CGNDB). This is done using an API which uses Uniform Research Identifiers (URI) to query the CGNDB. These identifiers can include geographical name, unique key, and coordinates.

Implications for Departments

Shared Services Canada

Value proposition

The value brought forth by APIs depends largely on how the APIs are being leveraged for consumers. Base on the three business models presented in the business brief there are roughly three way to capitalize. If SSC were to be designing APIs they can either offer a direct to consumer model or a ecosystem enablement model. Also, SSC could act as a broker of the technology connecting clients with producers of the API. Although APIs facilitate a smoother transfer of data between applications there is a security risk since data

can be so readily accessible. Also SSC will need to gain perspective on the impact APIs have on cloud resources and services.


There are a few challenges regarding the design and use of APIs. One of the biggest challenges with APIs is different standards regarding stability, quality, and reliability. In any kind of modular or layered software design the different modules must be able to communicate in a standard way. Adding new levels to the program should not affect the pre-existing code, this can sometimes be a challenge with APIs. Another challenge arises when testing APIs. When testing a REST API in the cloud their implementation may collide with the resource mapping of the cloud. The right level of abstraction is needed for this to properly allocate resources. SSC should already be quite familiar with APIs as they are being used in almost all applications today. There is a need to measure the security implications brought forth by APIs

Dept X

Implications list