Organizations across every industry are aiming to achieve digital transformation initiatives to stay competitive, which increasingly include overcoming the complexity of hybrid and multicloud environments. With resources stretched and margins getting thinner, application programming interfaces (APIs) and the API economy will continue to play a critical role in connecting services, applications, and clouds.
So, what do you need to know to help your organization continue to thrive? Here are the biggest trends shaping the future of the API economy.
1. API security takes center stage.
As the number of APIs has surged to support the digital ecosystems and applications of the world, so has concern over security risks. The primary attack surface is no longer the application—Gartner® predicts that in API abuses will become the most-frequent attack vector responsible for data breaches during 2022.1
Today, securing APIs requires visibility across all application interactions and observing, analyzing, and taking action at every level of the technology stack. The fixed security perimeters of the past are slowly vanishing as enterprises become more open and distributed. We expect to see more organizations moving away from network-focused security towards models that prioritize zero-trust and layered defense based on encryption, application identity, and strong authentication and authorization.
2. Microservices APIs are gaining speed.
Since the launch of Kubernetes (K8s) in 2014, we’ve witnessed a massive industry shift towards decomposing systems into microservices. But enabling thousands of microservices to work together runs the risk of introducing technology sprawl and even recreating many of the pitfalls of monolithic architecture. Even when enterprises adopt concepts like domain-driven design, they often end up with “microservice islands” that support a single application.
That’s why we expect to see microservices APIs becoming a new focus for IT departments in 2022 and beyond. For instance, Kubernetes-native ingress gateways are emerging as the crucial point of technology optionality for application modernization. Ingress gateways sit in front of Kubernetes resources, allowing you to deliver new business value by exposing those services with APIs. Whether these APIs power internal applications or developer and partner applications, ingress gateways are key enablers for abstraction, discovery, and easy consumption of underlying resources. This helps maintain the internal agility of microservices while also providing stability—an API contract—for developers and their applications.
3. Event-driven architecture (EDA) continues its big comeback.
If we told you five years ago that event-driven architecture (EDA) would still be hot in 2022, we probably would have been laughed out of the room. Yet, according to a 2021 survey from Solace, the majority of organizations (85%) recognize the critical business value in adopting EDA.
This seemingly old development concept has found a new life in many interactions, such as serverless, asynchronous, and streaming use cases. In particular, event-driven architecture is becoming the preferred paradigm to support API-agnostic, real-time data exchange between microservices. Still, EDA technology falls short of many of today’s digital requirements, so we expect to see more and more solutions appear with security, access control, and governance capabilities.
While event-driven APIs are increasing and driving business innovation, they do not guarantee success. Like any approach, failures can often outnumber successes if teams scale project development faster than operations can keep up. Many organizations have some technology to implement event-driven design but lack the vision of event thinking to conceive, design, and manage event-driven interactions. Enterprises will need to adopt a new way of thinking and undergo proper preparation and skills assessments to ensure initiatives succeed.
4. GraphQL will accelerate BFF (Backends for Frontends).
While REST remains the most commonly used standard for designing APIs, GraphQL has been gaining popularity with developers for its flexibility and ease of use. Gartner predicts that by 2025, more than 50% of enterprises will use GraphQL in production, up from less than 10% in 2021.2
One of GraphQL’s standout benefits is that it enables developers to seamlessly query data from multiple apps and services with a single API call. This is particularly useful for the Backends-for-Frontends (BFF) pattern, since it allows companies to aggregate and deliver the exact data requested by a client from multiple microservices without overfetching data or the need to package an API and endpoint for each specific client type. In 2022, we’ll see GraphQL adoption continue to increase and accelerate the use of the BFF pattern.
5. It’s not one API gateway to rule them all anymore.
APIs are now the “crown jewels” of modern software development, providing the connective tissue that powers nearly every digital product available today. With the majority of software still living on premises, hybrid API architectures enable organizations to continue to innovate while bridging to existing technologies.
But heterogeneous distributed IT environments also mean multiple clouds and software vendors for building and deploying APIs, which is particularly challenging given the pervasiveness of hybrid deployments. As a result, expect to see more “multi-APIM by design” during 2022 to enable hybrid API management that is lightweight, portable, and scalable.
API management will need to ensure that every API in an organization, regardless of where it comes from, reaps all the benefits of API management—including consistent visibility, governance and security guardrails, and analytics.
6. Conversational APIs go mainstream.
We live in the age of voice experiences, from smart homes to vehicle infotainment systems. These interactive experiences aren’t replacing traditional IVR technology altogether, but they dominate for specific devices like smart speakers, smartwatches, and in-car infotainment.
There’s a pressing need to enable voice experiences as quickly as other more traditional interfaces, such as mobile apps and websites. As a result, many chat or voice apps and systems will join the API economy and start exposing their own conversational APIs to generate new interactions and innovation across many different platforms.
7. From Shadow IT to Strategic IT
APIs have gained a reputation as the new Shadow IT, as developers often build them without alerting their IT and security teams. Increasingly, more IT departments will start to recognize that APIs are the key way to expose data from tools and apps for internal use.
APIs will play a critical role in governing data access, encouraging shadow API publishers to follow a standard process. Instead of an imminent threat, shadow IT can become a technology advantage that will produce new internal apps and drive application innovation that can be leveraged across the entire organization.
Learn more about how Apigee is continuing to innovate and helping companies stay ahead of the top API trends.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
1. Gartner Webinar, API Security: Protect your APIs from Attacks and Data BreachesMark O’Neill, Dionisio Zumerle, Jul 15 2021
2. Gartner, Predicts 2022: APIs Demand Improved Security and Management, Shameen Pillai, Jeremy D’Hoinne, John Santoro, Mark O’Neill, Sham Gill, 6 December 2021