In this video, we discuss API governance, a crucial aspect of modern technology infrastructure. Our speaker Andrew Rivers will guide us through the complexities of how different systems interact in our increasingly connected digital landscape, primarily through the use of APIs (Application Programming Interfaces). We’ll explore the challenges and solutions in managing these APIs, including the implementation of an API management layer, its benefits in terms of security, efficiency, and potential for monetisation, as well as the importance of versioning and consistent API governance. This insightful talk aims to shed light on how effective API management can streamline operations and enhance the functionality of interconnected systems.
Here’s the video transcript:
Today we’re going to talk about API governance. Now, what does that mean? Well, we live in a connected world that is that all our different systems are designed to talk to each other and they talk to each other through APIs. An API is an interface that allows one system to talk to another. What does that look like?
Well, imagine you’ve got a load of different computer systems in my fictional enterprise here. They’re called ABC and D, and each of these has got an API in it and that allows someone else to go and connect to it and talk to it. It could be to tell it to do something or it could be to go and extract data, but we’ve got a number of APIs there. Now, if you wanted to get into real trouble, what you do is you say to all your development teams, those systems there have got APIs, fill your boots. And if you looked at a diagram of that, you’d have all these different systems talking to everything.
It’d look like a jumble of spaghetti. And as we know, spaghetti in an it sense is not good. So what we do instead is we put an API management layer in front of it. So in other words, what we do is we take that API and we publish a replica of that API here. So that if you call the API management layer, that actually marshals the call and actually calls the API behind the scenes.
Now, why is that important? Well, there’s a number of things that you get from this. First of all, it’s discoverability. An awful lot of time people spend is actually redoing something that already exists. So if you’ve got a catalogue of APIs, then development teams can look at what’s already there and say, can I reuse that or do I have to write something new?
The other thing is that you’ve got a single way of securing things, because if you’ve got access to the API management layer, you’ve got one place, certainly from a network perspective, to go. But also you can control easily how these things are secured. Another thing you might want to do is to say how many people are calling this API and who’s calling it. Well, you can have logging in here so you can log all that information and look at it later. You can have metering, you can have live dashboards of how many times all these things are being called even.
You could then monetize that. You could have people outside wanting to pay you to call your API. An API management software has that in place. There are also loads of other benefits. One of them is versioning.
So what happens if this API changes version? Well, we can manage that in here. And API management tools are really good at handling versioning, so putting that in front of there gives you a much simplified architecture. But it also means that we’ve got all these other benefits, organizationally and security. And it means that people from outside your business, external callers, can be secure, but it also means that internal callers can be managed more effectively.
And indeed, these systems here, these APIs here, they could be inside your network, or they could be external systems. But having one place to go means that you can manage your APIs in a consistent way, and that is what API governance is all about.