The Evolution of APIs: From the Cloud Age and Beyond (Part 1)

By on December 7, 2021

The Evolution of APIs: From the Cloud Age and Beyond (Part 2)

In our last blog post, we traced the evolution of APIs in the cloud age. The cloud age introduced the idea of an “API economy.” It refers to the business practice of organizations exposing their digital services or information through the controlled use of APIs. 

While the API economy looks attractive today, we believe it will become even stronger in the future. According to Gartner, by 2023, 65% of global infrastructure service providers’ revenue will be generated through services enabled by APIs, up from 15% in 2018. Over the last 10 years, APIs have played a significant role in the growth of fintech, artificial intelligence (AI), blockchain, Internet of Things (IoT) and cybersecurity.

In this blog post, we will explore the future possibilities of APIs and how their development and integration might continue to shape the evolution of these technologies. 

The Evolution of APIs: From the Cloud Age and Beyond (Part 1)

The Emergence of Web 3.0

Web 3.0 (originally called the “Semantic Web” by Tim Berners-Lee) is the Web that will dominate tomorrow. It is envisioned that Web 3.0 will be based on decentralized networks and protocols. A website will never go down because a chain of servers will serve it. In Web 3.0, blockchain will become ubiquitous, with no single authority of an entity over information.

The web we know today will become more accessible than ever, by smart devices that are internet-ready and can search, consume, process and share information just like phones and laptops do today.

Searching, consuming and sharing information and content will be based on semantics (meanings) rather than exact keywords, making Web 3.0 heavily dependent on AI to understand and predict the intentions of humans. 

How will APIs look in Web 3.0? Most likely, APIs will be event-driven.

Event-Driven APIs

The traditional approach to consuming an API has been request-response. Applications send an API query, and the API sends back a result. 

Figure: Traditional API Access with Request and Response

Figure: Traditional API Access with Request and Response

In Web 3.0, event-driven APIs will send data when an event occurs. A consumer subscribes to an API endpoint, indicating that it wishes to receive updates asynchronously when particular events happen. When a matching event happens, the API sends the event’s data to all subscribed consumers.

Figure: Event-Driven API with Event Push

Figure: Event-Driven API with Event Push

There are several approaches to building event-driven APIs, and they include webhooks, WebSocket and Server-sent events (SSE).

Blockchain

Blockchain is a distributed ledger of transactions based on trust and verification. Each transaction in the blockchain is immutable and is open to all nodes in the network. 

APIs are making a huge impact in smart contracts, which are applications stored in a blockchain that run to enforce the agreement of a transaction in real-time. The agreement can be anything from exchanging information to e-commerce purchases.

At times, the smart contract needs to access data and functionality outside the blockchain. Ledgers use a blockchain oracle to query, verify and authenticate external data sources, but this could be a single point of failure. In the future, smart APIs running within the blockchain could be a possibility.

Artificial Intelligence

Cloud providers now offer several advanced AI-enabled APIs for developing cognitive applications like natural language processing (NLP), face recognition and video analysis. Using these services’ APIs significantly reduces development time as the cloud product does most of the heavy lifting.

AI can also be used for automated documentation of APIs and monitoring of API security threats or optimization opportunities.

IoT

APIs for Internet-of-Things (IoT) are the glue that sits between heterogeneous devices and the applications that use them. Typical examples of IoT APIs can be seen in app-controlled devices like personal fitness trackers, lights, alarms and more. These devices capture information and send that over the internet to the manufacturer’s backend system. 

Preparing for the Future

What are some areas in which the development community ought to prepare for the next big change in the world of APIs?

  • API Development Practices: With tools now available to help developers design, build, test and publish APIs, development practices are improving remarkably. Two particular areas seeing impact are API Linting—one such example is Insomnia—and APIOps.
  • Enhancing API Performance: Enterprises need to ensure their APIs can stand up to the increased demand of Web 3.0. Techniques for improving responsiveness include more efficient caching, the use of connection pooling, limiting or compressing response data, and processing requests asynchronously or in batches.
  • Securing APIs: Because APIs are also the target of malicious attacks, organizations should become familiar with the API Security Project from Open Web Application Security Project (OWASP), which lists some of the top security issues for APIs, along with mitigation strategies. Everyone involved in the design, development, testing and deployment of APIs should be part of the security initiative.
  • Environment independence: APIs must be adaptable to all sorts of environments (such as bare metal, VMs and Kubernetes clusters) and within all sorts of deployment architectures (such as multi-cloud or hybrid-cloud). APIs can be made loosely coupled and asynchronous but still require a robust and intelligent communication and routing mechanism such as a service mesh like Kong Mesh.

Conclusion

In this blog post, we considered event-driven APIs and the impact of blockchain, AI and IoT. We also looked at how the developer community today can prepare for building and deploying the APIs of tomorrow.

If you are developing APIs, you can consider the extensive suite of application solutions from Kong, a Gartner Magic Quadrant Leader for Full Lifecycle API Management. To learn more, talk to one of our API experts.