Can we and should we have fully open APIs?

With fully open APIs, too, developers get the same level of control and freedom in the cloud.

Open APIs are quick access for many solutions but also bring up a lot of vulnerabilities. According to Neosec, almost half of the 300 senior decision-makers that they surveyed rated their API strategies were under development, and only 31% said that their API programs were fully executed across the entire organisation.

The survey that was conducted in November 2021 from decision-makers in the US, Germany, France and the UK resulted that 53% of companies use third-party APIs to develop products and services, and 46% create APIs as products by external developers.

Open APIs – solution for many

From government organisations to large companies, all are looking into integrating open-source APIs, not just because they are convenient and interoperable but also because they believe that fully open APIs are the future.

THE BELAMY

Sign up for your weekly dose of what's up in emerging technology.

Last month, the National Health Authority (NHA) of India, under its scheme of Ayushman Bharat Digital Mission (ABDM), announced the completion of 27 integrations with organisations offering Health Management Information Systems (HMIS), health locker services, Laboratory Management Information Systems (LMIS), health tech services and other digital services to develop an integrated, interoperable and user-inclusive digital healthcare ecosystem for the country.

Dr R S Sharma, CEO, NHA, believes that the objective of ABDM is to deliver health services in an affordable manner. For the same, they are building an interoperable, open system based on open source with open APIs and open standards. “So that basically enables every public player, whosoever wants to integrate with the system to integrate with ABDM,” said Sharma. Out of 27 integrators, 17 are private sector integrators that provide solutions compatible with the overall architecture of ABDM.

According to McKinsey, as the functionality evolves, APIs will deliver more advanced services. It has become a matter of pride for companies to be a part of Open API initiatives. Recently, Reliance Jio achieved the Open API Platinum conformance certification from TM Forum, requiring the telecom giant to successfully implement over 20 Open APIs. According to Nik Willetts, CEO, TM Forum, Jio is actually future-proofing their cloud-native tech stack by building their IT infrastructure using TM Forum’s Open APIs. Additionally, the company is using Open Digital Architecture (ODA) as the blueprint for its enterprise architecture.

There are also initiatives been taken to promote Open APIs. Last week, The Linux Foundation and the GSMA announced a new, open-source project called “CAMARA – The Telco Global API Alliance”. The partnership is to address the challenges in porting and reproducing API services across cloud architectures and heterogeneous operators. The project is expected to support customer and developer ecosystems by developing global, open, and accessible API solutions.  CAMARA also offers opportunities for collaboration between network and cloud companies like telcos, device manufacturers, ISVs, etc., to look into the challenges of porting and reproducing API services. 

Legally speaking – Open APIs are great

Fully open APIs have open source software that has open-source operation procedures. This allows for the technology to be reproduced and even audited in any region. Additionally, it resolves a lot of geopolitical conflicts. For example, users of Azure, AWS, or even the Google Cloud Platform might not be able to expand in Russia or an EU country as they require data to be locally stored. Additionally, in the EU, using any US-based clouds violates their GDPR. It totally makes sense to use fully open APIs that are based on open-source software as they are the technology of the future.

With fully open APIs, too, developers get the same level of control and freedom in the cloud.

Wrapping up

To consider the limitations of open APIs, it is essential to also take into account the issues with API itself. According to Salt Edge’s survey of over 2,000 API initiations with banks from 31 European countries, 38% of bank APIs don’t meet EU or UK regulatory standards. It was also revealed that 43% of banks did not support automated registrations to access the relevant APIs, 22% had faulty documentation, and 28% had downtimes during the integration.

A closed API is not accessible openly and typically resides in highly secure settings. But with Open APIs, a recent report from Transparency Market Research showed that, in terms of security, uncertainty and vulnerability of the third-party apps is one of the major restraining factors that affect the market.

According to experts, a good open API requires basic considerations like the choice of selecting data format (JSON, XML, Text, VML, etc.), the protocol (HTTP, HTTPS), and the version of API. It is also important to consider security, be it API authentication or HTTPS. Considerations of performance, availability, error, and defects for better service and availability of documentation in PHP, Python, Java, etc., become quite essential. Developers also can look into advanced options like streaming, catching, etc. and even limiting the callouts per day to handle traffic on the open API. 

More Great AIM Stories

Meeta Ramnani
Meeta’s interest lies in finding out real practical applications of technology. At AIM, she writes stories that question the new inventions and the need to develop them. She believes that technology has and will continue to change the world very fast and that it is no more ‘cool’ to be ‘old-school’. If people don’t update themselves with the technology, they will surely be left behind.

Our Upcoming Events

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan, 2023

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

Conference, in-person (Bangalore)
MachineCon 2023
23rd Jun, 2023

Conference, in-person (Bangalore)
Cypher 2023
20-22nd Sep, 2023

3 Ways to Join our Community

Whatsapp group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our newsletter

Get the latest updates from AIM