With the mobile applications “boom”, and because they rarely are standalone, it came the necessity to create ways to the mobile applications incorporate access to external data and functionalities [1].
A Web API-base architecture is used when is necessary to integrate applications with websites or other applications. This architecture pattern made it easier to integrate unfamiliar software whether they are from another department in a large organization or from an entirely different organization (Business-to-Business) [1].
A Web API is a set of functions and data exposed over HTTP; it uses REST with the JSON data format and is available over the internet [1]. Because Web APIs are typically externally exposed, it must be especially careful with the partner management. You may have external partners with a dependency of the organizations web APIs as a fundamental part of their business. Partner management needs to be a first-class function provided by the web API exposure components. Due to the volume of potential partners, it needs to be self-service. It also needs to recognize partners, to monitor and control their usage according to their agreement. Another concern is security. The API’s should be protected from outside attacks and they must reliably authenticate partner’s applications to control their service levels effectively. One way to address these concerns it is expose and manage a web API through an API Gateway that provides none of the actual function or data provided by the web API. An internal API Management layer is an alternative way of exposing data and functions within the organization [1].
Figure 1. Web Apis Architecture
Ricardo Santos
EAI Consultant and IoT Evangelist at Polarising
References
- Integration architecture: Comparing web APIs with service-oriented architecture and enterprise application integration,http://www.ibm.com/developerworks/websphere/library/techarticles/1503_clark/1305_clark.html