In our last blog post, we traced the evolution of APIs in the cloud age. The cloud age introduced the idea of an “API economy” — or the business practice of organizations exposing their digital services or information through the controlled use of APIs.
While the API economy looks attractive today, we believe it will become even stronger in the future. According to Gartner, by 2023, 65% of global infrastructure service providers’ revenue will be generated through services enabled by APIs, up from 15% in 2018. Over the last 10 years, APIs have played a significant role in the growth of fintech, artificial intelligence (AI), blockchain, Internet of Things (IoT) and cybersecurity.
In this blog post, we’ll explore the future possibilities of APIs and how their development and integration might continue to shape the evolution of these technologies.
The Emergence of Web 3.0
Web 3.0 (originally called the “Semantic Web” by Tim Berners-Lee) is the web that will dominate tomorrow. It’s envisioned that Web 3.0 will be based on decentralized networks and protocols. A website will never go down because a chain of servers will serve it. In Web 3.0, blockchain will become ubiquitous, with no single authority of an entity over information.
The web we know today will become more accessible than ever, by smart devices that are internet-ready and can search, consume, process and share information just like phones and laptops do today.
Searching, consuming and sharing information and content will be based on semantics (meanings) rather than exact keywords, making Web 3.0 heavily dependent on AI to understand and predict the intentions of humans.
How will APIs look in Web 3.0? Most likely, APIs will be event-driven.
The traditional approach to consuming an API has been request-response. Applications send an API query, and the API sends back a result.
In Web 3.0, event-driven APIs will send data when an event occurs. A consumer subscribes to an API endpoint, indicating that it wishes to receive updates asynchronously when particular events happen. When a matching event happens, the API sends the event’s data to all subscribed consumers.
There are several approaches to building event-driven APIs, and they include webhooks, WebSocket and Server-sent events (SSE).
Blockchain is a distributed ledger of transactions based on trust and verification. Each transaction in the blockchain is immutable and is open to all nodes in the network.
APIs are making a huge impact in smart contracts, which are applications stored in a blockchain that run to enforce the agreement of a transaction in real-time. The agreement can be anything from exchanging information to e-commerce purchases.
At times, the smart contract needs to access data and functionality outside the blockchain. Ledgers use a blockchain oracle to query, verify and authenticate external data sources, but this could be a single point of failure. In the future, smart APIs running within the blockchain could be a possibility.
Cloud providers now offer several advanced AI-enabled APIs for developing cognitive applications like natural language processing (NLP), face recognition and video analysis. Using these services’ APIs significantly reduces development time as the cloud product does most of the heavy lifting.
AI can also be used for automated documentation of APIs and monitoring of API security threats or optimization opportunities.
APIs for Internet-of-Things (IoT) are the glue that sits between heterogeneous devices and the applications that use them. Typical examples of IoT APIs can be seen in app-controlled devices like personal fitness trackers, lights, alarms and more. These devices capture information and send that over the internet to the manufacturer’s backend system.
Preparing for the Future
What are some areas in which the development community ought to prepare for the next big change in the world of APIs?
- API Development Practices: With tools now available to help developers design, build, test and publish APIs, development practices are improving remarkably. Two particular areas seeing impact are API Linting—one such example is Insomnia—and APIOps.
- Enhancing API Performance: Enterprises need to ensure their APIs can stand up to the increased demand of Web 3.0. Techniques for improving responsiveness include more efficient caching, the use of connection pooling, limiting or compressing response data, and processing requests asynchronously or in batches.
- Securing APIs: Because APIs are also the target of malicious attacks, organizations should become familiar with the API Security Project from Open Web Application Security Project (OWASP), which lists some of the top security issues for APIs, along with mitigation strategies. Everyone involved in the design, development, testing and deployment of APIs should be part of the security initiative.
- Environment independence: APIs must be adaptable to all sorts of environments (such as bare metal, VMs and Kubernetes clusters) and within all sorts of deployment architectures (such as multi-cloud or hybrid-cloud). APIs can be made loosely coupled and asynchronous but still require a robust and intelligent communication and routing mechanism such as a service mesh like Kong Mesh.
The need for flexible, scalable cloud native solutions
Kong is well suited in all of the above areas. Kong doesn’t hold organizations back from embracing APIs in the cloud age.
As the world’s most popular API Gateway, Kong is flexible to run in nearly any environment or architecture a project requires. Both configuration and deployment of Kong support automation with common CI/CD tooling, thus enabling the all-important speed in development, scaling, and recovery.
Automation and elasticity as demand for APIs ebbs and flows. Independent form scaling is raw performance, expressed in latency, and throughput. Once again Kong does very well here.
While the merits of APIs remain unchanged in the cloud age, the tooling for APIs must be cloud native. This is one of the reasons Kong is superior versus legacy tools like Mulesoft. See how Kong delivers more speed, scale, and value in GigaOM’s report on Kong vs Mulesoft Anypoint Platform.
Talk to one of Kong’s API experts to learn more about tapping into API-driven innovation.