API Management

Zain: Accelerating Connections with APIs and Apigee

Zain pioneered mobile telecommunications in the Middle East and Africa and has achieved market leadership in most of the 8 countries it operates. Scott Gegenheimer is Zain’s group CEO of operations and is responsible for the leadership, management, and oversight of the group’s operating companies.

The big question for us is: “How does a telco change the way we run our business so that we can use the new digital world capabilities to both identify new areas of growth in the digital space and better leverage our existing telecom infrastructure?” In the past—and this is true for most telecommunications companies even today—it could take three or four months to launch a new product or service.

Now, with API platforms and cloud computing, we can launch new services in a matter of days with the ultimate goal of bringing this down to hours. The agility and flexibility, and how easy it is to scale, makes working with the Apigee platform quite compelling. It all helps to reduce cost, enable reusability, and achieve faster go-to-market.

Uniting operating companies by exposing APIs

For us, the biggest advantage of a single API platform is how we can consolidate to have our whole group reading from the same playbook. On the business side, we previously had to negotiate and then integrate with each of the eight opcos (operating companies) in our group.

Now, with the group API platform, we have the ability to consolidate integration efforts into one single, seamless, and evolving interface. The fact that we can now sign a group contract and readily deploy service across our group companies is probably the biggest advantage for us.

Digital transformation is always tough, and what we’re really talking about is business transformation at a deeper level. There's a lot of complexity but in the end it always comes back to people, processes, and technology.

For me, the culture—the people part—is probably the most challenging aspect. Culture change is difficult at any company. I have found that one of the fastest ways to move forward with this transformation is to get one early adopter of a single exposed API on board for just one project. Once the other country operations see that success, they’re more willing to adopt the same service, and then we are in a better position to accelerate implementation across the group.

We just launched our group-wide API platform on Apigee Edge, which will allow us to connect our operating companies around the Middle East and Africa on a single enablement platform. We’ll be rolling it out gradually after the initial pilot phase in Saudi Arabia and Kuwait.

A partnership born in the cloud

The decision-making process to settle on an API platform took us about a year. This involved looking at vendors, organization, addressing questions like “do we have the right people to run this,” and doing an RFQ. And then Apigee came in and launched the cloud API platform in 48 hours! This was a crucial step in our digital transformation journey.

Google’s acquisition of Apigee gave us a big boost in confidence, especially when looking at the long play and the many opportunities to team up with them. We realized that we wanted a partnership, and we thought the combination of Apigee and Google was strong. We’re looking forward to having a strong relationship with Apigee and figuring out other steps that we can take to further our digital transformation.

Leapfrogging toward customer satisfaction

One of the interesting things about our business and our region is that most of our consumers are digital natives. The cell phone is an extension of how they live. They do everything on the phone, so whether it's payments, making communication calls, or streaming, almost everything is done from the device.

What we've seen with our customer satisfaction and net promoter scores is that the digital channel rates are much higher with customers. It's more than double our traditional scores for our call centers and retail shops. People like to have control of what they're doing, when they want. Being digital natives, our consumers expect us to provide them with a seemingly endless array of capabilities. Not only do they expect services like payments, streaming, and making calls, they expect them to be delivered with the speed and agility an API platform provides.

Looking forward with Apigee

Just after implementing our API platform, one of the opcos started implementing a new service and our opco technical guys wanted to give the vendor a cumbersome direct connection to the SMSC (short message service center). We had to explain that we have an API platform. Why would they want to do an old fashioned direct connection and not go through the new platform? That’s an example of the culture change we have to work on inside the company.

As we continue to press forward with our digital strategy, it will become increasingly clear across Zain that APIs and an API platform give us the agility and speed to execute so we don’t have to deal with legacy solutions like direct connections. We're just at the beginning of executing our digital strategy, but the API platform underlies all of our digital pillars—within Zain and with the outside.

Apigee Up Close: Building the Perfect API with Composite Resources

Webcast replay

Apigee Up Close is a webcast series featuring the Apigee Edge platform and live demos on select topics that users have been asking about.

How do you optimize your API code? And is it possible to make one API call to cover multiple requests?

In this webcast replay, we’ll discuss how to build the “perfect” API using composite resources. With the Apigee Edge platform, it’s possible to call multiple back-end services, and reduce API round trips and cut network overhead.

In our next webcast, coming up on April 17, we'll explore how APIs make it easy to use Google Assistant to build an app that employs a conversational interface. Register now!

Cambridge Assessment: Earning Top Marks in Delivering Business Value

How the Apigee platform accelerated development time for global assessment

Cambridge Assessment has been around for over 160 years, so we’re definitely not what you’d call a “digital native.” But like many organizations today, we’re on a digital transformation journey, and APIs are playing an important role.

We’re a wholly owned organization within the U.K.’s famed University of Cambridge. We operate three exam boards that provide assessment services to leading academic and government customers in more than 200 countries. Every year, we serve millions of people.

Our assessments are used for everything from visa to university applications and, as you might imagine, our services are of enormous importance to people at pivotal points in their lives. The results of the assessments they take, whether it’s to qualify for a job, temporary residence in another country, or acceptance in a university, can determine their future.

A platform for accelerating business

The nature of assessments is constantly evolving around the globe, and transitioning from paper to digital (though a lot of tests are still completed on paper). Consequently, the materials used for assessments is changing as well, to include more digital, audio, and video. From an IT perspective, we have to manage a growing body of digital information.

How could we be more efficient, better serve our customers, and open up new revenue streams? APIs are a core part of our answer. We’d been using APIs for more than nine years to share information with partners. But now we understand the full potential of APIs to benefit our partners as well as our own organization.

An on-premises platform with powerful management tools

Our initial implementation is on-premise, allowing us to take advantage of the Cambridge University Tier 3 data centers. In addition, we wanted a platform that offered powerful management tools, faster development, and the ability to more securely provide customers with access to our APIs. The Apigee platform performs exceptionally on these and other tests.

One of the first things we did with Apigee was build APIs to enable employee data access from one of our apps. We were able to build those APIs in one month, saving us £50,000 by reducing development time by about three months.

Building a chatbot from conversational APIs

Since then, we’ve put six APIs in production from the Apigee platform, with more in development. For example, we have a new headquarters building, The Triangle, where we’re consolidating staff from 11 offices around the city. We used conversational APIs on the Apigee platform to build chatbots that allow employees to easily find and book meeting rooms in our new headquarters using an app. For us, that’s exciting.  

Additionally, with Apigee we created an internal API development portal to accelerate information sharing among our users. The ability to quickly turn on an internal API that allows parts of applications to access data is something that would have taken as long as six months to accomplish in the past.  

Gracefully handling sudden peaks

For us, a key requirement in an API platform is the ability to gracefully handle sudden, enormous peaks in people accessing our services. When we release assessment results for universities, there may be a sudden surge of 200,000 candidates, all wanting to access the test results portal. The demand may only last for several hours, and then it dies down for another few months. Apigee handles this surge with ease.

To be sure, Cambridge Assessment is on a transformational journey. And transformations like this don’t occur at the speed of light. And yet, the Apigee API platform has already sped up the delivery of value to our business in many ways—and we’re just getting started.

Sam Patient is head of integration and API services at Cambridge Assessment

 

Apigee’s Top API Editorials of 2017

2017 was a big year for APIs.

They continued to solidify their position as the mechanism through which value is exchanged in modern economies, with literally quadrillions of API calls connecting apps, data, and systems throughout the world each day.

Apigee experts published dozens of editorials last year, both externally and via our Medium publication, to help developers, IT architects, and business leaders understand how to maximize the value of APIs and keep pace with constant technological change.

Here are some of our top articles from 2017, organized by some of the year’s biggest themes. Thank you to all of our readers, and stay tuned for more in 2018!

API management best practices

The nitty gritty details of API management can be challenging, but Apigee experts are here to help with their observations from the field. Be sure to check out “KPIs for APIs and Digital Programs: A Comprehensive Guide” by Michael Leppitsch and “Building an Outside-In Approach to APIs” by Chris Von See.

APIs and digital transformation

Virtually all companies understand the digital transformation imperative: if you don’t continually use technology to evolve your business, you’ll go out of business.

John Rethans explains why APIs are central to this imperative in his Forbes article, “APIs: Leverage for Digital Transformation.” And to explore why the technologies that businesses have been using for years are simply no longer good enough, read Brian Pagano’s “Legacy IT: Like a Horse on the Autobahn.”

To maximize the leverage John discusses in Forbes, APIs must be managed as products that empower developers—not as middleware. For details, see my article “How APIs Become API Products,” which includes real-world examples from Apigee customers Pitney Bowes, Walgreens, and AccuWeather.  

To appreciate the full scope of an API-first business evolution, check out “Lessons from Magazine Luiza’s Digital Transformation,” in which John interviews the CTO of one of South America’s hottest companies. And to understand where multicloud strategies fit into the mix, read David Feuer’s “Multicloud: Taming the Rookery.”

Caught up on how APIs are used today? For a glimpse into the future of digital transformation and the role APIs will play as new technologies emerge, don’t miss our article in Business Insider,How APIs are Key to Successful Digital Transformation.”

Security

New software vulnerabilities and attacker techniques emerge on a daily basis, so security remained a leading concern for enterprises in 2017. David Andrzejek wrote two of our top articles on the topic. “Using Behavior Analysis to Solve API Security Problems” in Help Net Security examines how user behavior can be monitored in near-real time to identify suspicious behavior and block malicious actors, and “Grinch Bots are out to Spoil the Holidays” in VentureBeat explains how businesses can stop a trend that plagued many online shoppers last year: attackers who use bots to buy up the most in-demand, supply-constrained items.

Digital ecosystems

To adapt to shifts in customer behavior and the competitive landscape, a business doesn’t need to become a platform company, invent new machine learning technologies, or build loads of new software in-house. Instead, it should leverage what others have built to complement its own capabilities, reach new user groups, and explore adjacent markets.

Anant Jhingran and I discuss these ideas in our CIO.com articles “APIs, Ecosystems, and the Democratization of Machine Intelligence” and “Do You Really Want to be a Platform?” For a deep look at these ecosystem dynamics, including a set of simulations, check out Anant and Prashanth Subrahmanyam’s CIO.com article, “3 Golden Rules for Winning in Software-Driven Ecosystems.”

Industry trends

APIs are playing into business strategies in virtually all industries, but there are still scores of specific trends, use cases, and regulatory requirements from one vertical to the next. Some of our top industry-specific stories from 2017 included David Andrzejek’s “Why Haven’t More Banks Embraced Digital Platforms?” in The Financial Brand and Aashima Gupta’s “Voice Interfaces Will Revolutionize Patient Care” in VentureBeat.

Image: Flickr Creative Commons/Jlm Ronan

Creating Value from Data? Three Ways APIs Are Key

For the last half-decade, ever since terms like “big data” hit the mainstream, CIOs have been under increasing pressure to derive value from the vast amounts of data their organizations collect and generate.

The process was slow-going for several years as many organizations grappled with the reality that even an astronomically large amount of data isn’t useful if it’s not combined with the right technologies and assessed with the right use cases in mind. Some of these struggles persist, but after a few years of starts and stops, many enterprises have begun to embrace best practices for turning data into higher revenues, expanded brand reach, improved efficiency, smarter strategies — or in the case of particularly sophisticated organizations, all of the above.

One recent study, for example, predicts 40 percent of IT projects will create new digital services and revenue streams that monetize data. This particular approach to monetizing data isn’t the only way to generate value from data, of course. Companies can leverage data for better internal operations, for example, or to generate actionable intelligence to inform smarter strategic decisions. But the stat demonstrates the momentum building around specific approaches.

Though the uses cases are growing in number, one thing unites many of the common tactics: they’re all enhanced by, if not reliant on, robust API capabilities. Indeed, in many ways, if a company wants to build up its data capabilities, it needs to start by looking at its API capabilities.

Read the full story on Medium.

Image: TaxCredits.net

The Apigee Edge Platform: An Overview

Webcast replay

Learn about the Apigee Edge API platform, and how it securely enables the delivery, management, and analysis of APIs, data, and services inside and outside an organization.

In this webcast replay, we'll provide an overview of our Analytics Services, Developer Services, and Management Services, and walk you through a demo that illustrates how Apigee Edge simplifies management of the entire digital value chain. 

 

Which App Modernization Pattern Is Right for You?

Webcast replay

App modernization projects are hard. Enterprises are looking to cloud-native platforms like Pivotal Cloud Foundry to run their applications, but they’re worried about the risks inherent to any replatforming effort.

Fortunately, several repeatable patterns of successful incremental migration have emerged.

In this webcast replay, Google Cloud’s Prithpal Bhogill and Pivotal’s Shaun Anderson discuss best practices for app modernization and securely and seamlessly routing traffic between legacy stacks and Pivotal Cloud Foundry.

This session covers:

  • How to decompose a monolith into logical business domains
  • How to approach modernization using domain driven design
  • How API management can be used to modernize applications while keeping the business running

 

 

Simplifying Microservices Management

How Apigee and Istio can bring APIs and microservices together

If you base your IT technology strategy on what you read in the blogs, then you are already building your entire technology stack as a collection of microservices, built by “two-pizza teams,” running in containers, and deployed to the cloud using a container orchestration product like Kubernetes. There are a lot of good reasons to adopt such an architecture, from agility to resilience.

But if you’ve actually tried to follow through on all this, you probably discovered that it’s harder than it sounds. (For instance, what if you have team members who can’t or won’t eat pizza?)

But between pizza breaks, your teams are probably asking how a service in one container can locate another service, since the containers will be coming up and down all the time. Of course, there are facilities in Kubernetes for this, but they’re not enough.

What if one of the microservices is unresponsive from time to time? How do all the API calls between microservices remain encrypted in transit using the proper protocols and cipher suites? How do you control which microservices are authorized to talk to others, while preventing insiders from directly accessing sensitive data from their command line?

Building and deploying microservices is hard

After contemplating these problems and others, we realized that building and deploying microservices the right way is a lot of work.

That’s why, when Apigee joined Google last November, we were happy to learn that Google not only had solved many of these problems for its own services, but that Google has been working on an open source project aimed at solving these same problems for the rest of the microservices world.

So, we’re excited that today Google, along with IBM and Lyft, is announcing Istio, an open source project designed to ease the pain around connecting and securing a network of microservices.

Within Google, the Apigee team already runs a diverse set of services on a variety of platforms, and we’re expecting to deploy more. Istio will help us solve the very problem it’s being advertised to solve—making a mesh of microservices secure and reliable. But we think there’s a lot more to this project.

Most Apigee customers are talking about microservices, and many of our customers are adopting them. We expect that the presence of Istio in the marketplace will give them a great framework for building those networks of services. So we won’t be surprised when our customers ask us, “Will Apigee work with Istio?”

The answer is “yes,” and we’re working with the Istio community on exactly that today.

Microservices require API management

We feel that Apigee and Istio are a great fit. Istio is built with containers and microservices management in mind. The Apigee Edge API platform provides common visibility and management across both APIs and microservices for organizations of any size.

For instance, within a single Kubernetes cluster—and even with Istio helping mediate—an unreliable or slow microservice can drag the SLA of an entire application down along with it.

The kinds of sophisticated analytics that the Apigee platform provides can help administrators and product managers see these kinds of issues and react to them before it’s too late.

Once services are used beyond a single team and outside a single cluster, a different set of API management capabilities are necessary. For instance, by enforcing API quotas, an API product team can help control how much load a particular team can place on the whole collection of microservice.

Apigee is used by many organizations to enforce these types of quotas, allowing API teams to dynamically adjust how much API load is consumed by each organization who uses an API.

And, when services are exposed outside the corporation, capabilities like security based on OAuth, intelligent threat detection, and “bot” detection become important. Often, services exposed outside the organization won’t be adopted unless the API team uses a platform like Apigee Edge to enable developers to learn about and access APIs quickly via self service.

In short, we feel that the microservices movement is creating an explosion in the number of APIs in the world—and in the end, that makes API management tools even more important.

For that reason, we’re excited to be working on integrating our suite of API management tools with Istio—including our open source, software-as-a-service, and on-premises products.

 

Experian: Security, Agility, and Simplicity with APIs

“I’m very much looking forward to the day when I can look at the Experian portfolio of applications and we’ve modernized the entire portfolio of externally facing applications and we can drive the pace at which we can innovate much more quickly.” -- Experian CIO Barry Libenson, Computerworld, March 2017

The leading information services company took a big step toward fulfilling Libenson’s vision when it adopted an API-first strategy and implemented an API platform.

In a recent conversation, Experian’s vice president of strategy Alpa Jain explained how API management not only grants the company the agility and flexibility to quickly create new products, but also provides both the security required to protect and manage consumer credit data and a facade that masks the complexities of disparate back-end systems.

Experian offers data and analytical tools to help businesses manage credit risk, prevent fraud, target marketing offers, and automate decision making.

A key business for the company is empowering consumers to check credit reports and credit scores to protect themselves against identity theft. Managing credit data to enable these services requires top-notch security, Jain said.

“We have invested a tremendous amount of dollars over the last three years to continuously improve our security posture,” Jain said. “The API management layer helps us add that additional layer of security that’s needed.”

The ability to offer a range of secure and innovative products would be severely hampered without a platform that effectively masks the complex environments, disparate data repositories, and siloed processes that exist among Experian’s several business units, she said.

“API management … helps me focus my time and efforts on the consumer and the clients,” Jain said. “It takes away all the heavy lifting from an IT perspective behind the scenes.”

Another advantage of API management, Jain added, lies in how it facilitates the use of microservices to piece together new products and services in unexpected ways.

“We can now take APIs and break them up into little pieces,” she said. “Internal and external users can pick and choose what they want to use and how they want to leverage it to create different product sets and different solutions that add more value.”

New segmentation tools, methods of marketing products to consumers, and ways to help consumers monitor ID theft—all can arise by enabling microservices, Jain said.

“Innovation can happen at all different levels.”

How to Get Started Using the New Apigee Edge Experience

New video series

Last year, we unveiled a brand new approach to designing, developing, and publishing APIs using Apigee Edge. Thanks to the Edge platform's APIs, the new Apigee Edge experience sits on top of the same great platform that that powers the "classic" Edge experience but adds several enhancements, particularly in the areas of API design and publishing.

To help you get started using the new Apigee Edge experience, we're rolling out a video series, available at: https://docs-new.apigee.com/videos.

 

Two-minute overview: this provides a quick look at the new Apigee Edge experience and highlights what’s different from Classic Edge.


 

Design your API: Plan the interface you'd like to expose to consumers, and describe it using the OpenAPI Specification format. The new Apigee Edge experience includes a spec editor to make it easier to write and manage your OpenAPI specifications.

 

Publish your APIs: Using the new Apigee Edge experience, you publish your APIs to enable app developers to access and use them from your portal.


Stay tuned! More videos will be posted soon to help you navigate through all phases of the API lifecycle using the new Apigee Edge experience.