API Management / Open Source / Sponsored / Contributed

5 Ways That Open Source Benefits API Management

14 Jan 2021 2:00pm, by

WSO2 sponsored this post.

Nuwan Dias
Nuwan is Vice President and Deputy CTO-API Management and Integration at WSO2. He is a part of the architecture team that drives the development efforts of WSO2’s API management platform.

Digitally driven organizations increasingly expose their services as APIs, for better reusability and faster innovation. Today, APIs live at the heart of many systems — which has led to widespread API adoption. APIs enable businesses to compose their capabilities as reusable units, which can then be delivered independently and help speed up innovation.

APIs are a strategic investment to any organization and should be looked at both as a technical enabler and as a business driver. According to The Forrester Wave: API Management Solutions, Q3 2020 report:

By opening access to digital business capabilities, APIs drive agility to optimize customer experiences, create dynamic digital ecosystems, achieve operational excellence, and build platform business models.”

Organizations that strategically invest in building a product mindset for APIs have been successful in placing themselves significantly ahead of the curve. For more information, please refer to this presentation about six key points that API product managers and architects should consider when bringing a product mindset to APIs.

Within this context, open source technologies provide key features that make them strategically better for API management than closed-source, proprietary solutions. Let’s take a look at some of these benefits.

Boundless Innovation

Recent events have taught us that you can never really predict the future; however, we saw that companies that were agile and had embraced digital transformation were better equipped to quickly adapt. This is one key reason why open source technology is a great choice. It gives an organization the flexibility to change rapidly.

APIs, which are at the forefront of most digitally-driven enterprises, need to be flexible in order to change quickly to cater to new market demands. This sometimes requires new capabilities to be added to an API management solution. An open source API management solution gives an organization this flexibility.

Owing to the strength of the community, an open source solution enables collaboration and contributions to make the product better. This also gives users the ability to add new capabilities. With an open source solution, a user does not solely rely on the vendor that offers the solution; you now have much more freedom and flexibility to implement the required capabilities yourself.

Transparency

APIs play a major role in shaping an organization’s future. It is therefore crucial for a user of an API management system to understand more about how it works, the thought processes and developments happening around it, and plans for the future. It’s beneficial if the API management system provides full transparency into its code, discussions, and roadmaps. The benefit of an open source API management system is that most of these details (in certain cases) are open to the public. This is a significant win for users. It gives them the opportunity to plan well ahead based on what is to come and align their strategies to stay ahead of the curve. The roadmap being public and open for discussion gives users the opportunity to influence the API management product’s progression.

Staying ahead of the competition requires having a creative and forward-thinking technical leadership, who have a strong vision for the company’s future. Not only do they need to think of new products and services, but they also should try out new technologies — and be courageous enough to evaluate these offerings and make decisions on their own. This requires new technologies, even if in their pre-release status, to be available for evaluation and experimentation.

Quick to Start

One of the key requirements in any API project is the ability to quickly get your hands dirty by using the API technology. Being able to evaluate API management systems based on first-hand experience instead of RFPs, presentations and videos is extremely valuable. Trying out and creating your first few APIs and consuming them gives you confidence in what exactly the API management solution has to offer, instead of relying on hopes and promises. Being free from licensing-related issues and restrictions and not having to go through sales calls for an initial proof of concept are significant wins in terms of being able to start quickly.

Start Small and Scale

Most API programs start at a small scale and eventually grow into large businesses. Open source business models are much friendlier when it comes to starting small and growing, compared to closed-source, proprietary business models. Most open source software providers earn revenue via commercial support. This is great for community users of the software, as it gives them the flexibility to use the software at no cost to begin with, given they rely on community support only at first. As their API programs succeed and become critical parts of their businesses, they have the option to obtain paid support from the vendor with SLAs. These types of business models are heavily conducive to making API programs succeed, compared with traditional enterprise licensing-based models.

Security

The popularity and success of APIs have made them a rich hunting ground for attackers. As the number of APIs being exposed by organizations grows exponentially, the threat landscape expands as well. The transparency provided by open source API management systems guarantees a certain level of trust in the security offered by these products. The fact that the code for these systems is open makes it easier for security scan tools to check for known vulnerabilities and antipatterns. Anyone willing to perform these scans can simply review the code and run scans themselves, instead of merely relying on the vendor’s word.

Almost all software systems heavily make use of third-party libraries. There are many such libraries that contain known security vulnerabilities. When a software system uses open source code, it makes it possible to discover the libraries that the software is using and check them for known vulnerabilities. The simple fact that there is a community of developers with different areas of expertise and backgrounds working on open source software systems makes the code much more secure (and better) than a closed-source solution.

“Given enough eyeballs, all bugs are shallow,” said Eric Steven Raymond in his essay, “The Cathedral and the Bazaar.” He dubbed it “Linus’s Law,” in honor of the creator of the Linux operating system, Linus Torvalds. The message here is that, given a large enough developer/tester base, almost every problem in a piece of software can be identified quickly and the fix will become obvious to someone. This is the benefit of having better software reviewing processes. The review audience of open source software systems is much larger and diverse. This not only makes the software better and more secure, but, in the case of a defect or vulnerability, it also enables finding a fix faster.

Conclusion

The new technology world has embraced open source. Almost every vendor now has at least some part of its offerings as open source. This is a strong statement that in the future we are only going to see increased adoption of open source technologies.

Unlike enterprise licensing-based business deals, an open source agreement represents the beginning of a relationship between two organizations. This is an alliance that goes beyond a handshake. With open source vendors offering their products freely for use, the commercial aspects only become relevant when it comes to support and services. For an organization to obtain support from a vendor, the solution itself needs to be an important part of the organization’s business; it is unlikely anyone would be paying for it otherwise. This simply means the success of the open source vendor solely relies on the sustained success of the organization obtaining support from the vendor. This sends a strong message to the world regarding the level of confidence the vendor has in the technology it offers.

Feature image via Pixabay.

A newsletter digest of the week’s most important stories & analyses.