By: Shilpi
July 19 2019

Hybrid API Management In Focus

A person facing monitor while typing something as he works on Hybrid API management platform


One on One Software conversation is the layman definition for Application Programming Interfaces. These are the most tangible solutions for building and connecting many modern-day applications and software. It has been seen that with APIs, the power of development has increased, resulting in the final software deliverable development in a very short duration of time.

In short, we can say that APIs have revolutionized the business models enabling organizations to build more strategic goals for better digital opportunities.

What is API management?

In order to accommodate distinct end-user requirements, organizations are choosing a wide variety of applications to offer end to end services to their customers. Recent years have seen an exponential rise in the use of such apps and thus has led organizations to exhibit more and more data through APIs.

Manifesting data using APIs has streamlined the exchange of information and data through client request and response reaching outside the span of an enterprise. Expansion of APIs has led organizations to take their API management on a serious note. To make APIs function hassle-free, a compact administration of an API life cycle is required.

Image instance showing the API management life cycle in green circles
Source: Nginx

A full-fledged API life cycle encompasses defining, publishing, documenting, analyzing and managing them for a secure environment and traffic. With effective API management, an organization can provide assurance for the security and validity of both Internal APIs (accessed by the users located within an enterprise) and External APIs (exposed to the outside enterprise users). Performance monitoring and troubleshooting for APIs is imperative to maximize customer engagement and satisfaction.

The major areas covered while managing Application Programming Interfaces are API Design, allowing everyone from developers to partners to design, publish and deploy APIs. Along with this recording of other relevant information. API Gateway, imposes the security policies and requests for the APIs conforming authorization and certainty. API Store, offers a storage capability for a user that can be unveiled to both internal and external stakeholders. API Analytics, allows the monitoring of API usage through the load, transactions, logs, metrics, etc,  to check the status of an API.

What is Hybrid API management?

1. On-premises: Traditional API management platform

basic standard model deployment for traditional on-premise api management platform in orange and grey color
Source: WSO2

As the name suggests, the on-prem APIs are installed and run within a local area. Deployment of such API management platforms on the organization's local data center offers more control, a lot of extensibility and easy backend integration. Maintenance of such deployment is quite a task and requires both hardware and software resources, adding an extra cost for an organization.

Moreover, as the integration of more number of third-party organizations due to security compliances has made it infrequent for external parties to collaborate with an enterprise, as onboarding external parties to such platforms is a bit challenging for the organizations.

2. Cloud-based traditional API management platform

illustration of traditional on cloud api management platform in orange and grey color
Source: WSO2

With the itching need to go more digital, organizations are choosing cloud-based API structures. With the cloud-based API management platforms administration of infrastructure became easy by being pocket-friendly at the same time.

But this also does not solve the problem of successful API management, due to the issues arising with the varied business requirements. For example, security compliances will come forward within a healthcare organization. Backend integrated internally needs to be exposed to the outside environment is an additional task.

3. Hybrid API management platform

image showing a basic model for hybrid api management platform in orange and grey color
Source: WSO2

Measuring the highs and lows of both the on-premises and cloud-based traditional API management platforms, it is recommended to move ahead with a combined approach, referred to as the hybrid API management. Since the majority of the infrastructure is located in the cloud, thus it becomes easy for the publishers and subscribers to access the same. 24*7 accessibility and maintenances being handled by the vendors remove an extra burden from the organization’s shoulders.

The API gateways, also known as Microgateway, are the lightweight cloud gateways that progresses the APIs runtime in the data center or on-prem while thrusting the analytics data into the cloud’s management layer.

Microgateway while running on-premises, ensures security and compliances and cuts down an extra network overhead by removing the need for any other network connectivity solution. Further, when the API gateways are run through clouds, it eases access for the external dealers.

Also, integrations of clouds with any third-party tools, like Kubernetes, Docker, ensure leveled up availability and scalability enhancing the use of the cloud-based infrastructure.

Hybrid API management benefits

Allowing advantages of a cloud-based environment and good control through on-prem API solutions, hybrid API management has emerged as a boon for the organizations. Below are the mentioned benefits of a hybrid API management platform

  • Peak Performance Level: Hybrid APIs cuts the extra hops to the clouds and the backend services keeping the API gateway close to the backend services and API subscribers.
  • Rapid Deployment: Being light-weighted and simplified, Microgateway makes the deployment prompt, Java and Docker being the only installation requirement.
  • Anywhere Deployment: It is very much flexible to deploy a Microgateway on any cloud or on any container-management system.
  • Increased Security and Compliances: The all-time presence of API calls and the payload data results in better security and compliances.
  • Low Total Cost of Ownership(TCO): API lifecycle management, subscriptions, analytics performances, statistics generations, etc, are handled on cloud and actual API requests are routed through Microgateway instances, leading to a low total cost of ownership.
  • Efficient Connection: No need for VPN or any other network connectivity as the API gateways can be deployed anywhere easily.

Hybrid API management: Challenges and approaches to follow

As mentioned before, in order to gain proper functionality in a hybrid architectured environment, it is vital to manage it through a hybrid API management platform. As the complexity begins with the integration of cloud and on-premise API platforms, imitation of a hybrid API management platform brings its own associated challenges.

Earlier to hybrid, the on-premise API management platform offered a centralized access point allowing the external requests to interface with the internal systems. Later, as the businesses moved towards the cloud, it resulted in the rise of the heterogeneous distribution of many API architectures across the cloud. The following challenges started emerging with time.

  • The centralized API management started showing its limits as in the case of very fewer configurations only, proper setup, running and management of such gateways can be effectively performed. The structure complications in a hybrid API management platform increased, gradually increasing the inefficiency of developers, affecting the rapidity.
  • Cloud to centralized API communication became a tough score to reach because of the innumerable security procedures to cross through. For example, protection through security credentials, IP whitelisting, etc.
  • Maintenance and monitoring of cloud and on-premise components required different procedures and many distinct protocols to follow.

The aforementioned challenges stimulated that it is always better to measure the crusts and troughs before choosing a hybrid API management platform for the organization. Microgateways are being used to pace up the APIs runtimes in the centralized data center and analytics data is pushed into the management layer in the cloud. The flexibility and robustness assurance in the micro gateway deployment has made it the most chosen option. Also, security and compliances are maintained efficiently via these.

As the complexity of APIs is increasing so is the need for them to get small and portable. Being scalable for containers and simplified deployment makes an easy flat route for the hybrid API management platforms. Let us understand more with a Sample use case.

instance for a basic eCommerce structure of an organization showing the interrelatedness of api management platform in blue, green, orange and grey colors


The figure above shows the structure of an ecommerce organization, encompassing distinct divisions, Engineering, Supply Chain, Marketing and Human Resources. Since all the divisions are performing their tasks separately, each section has a separated development team who is responsible for the development and maintenance of the internal apps and can have both the internal and external users.

API management platforms offer a shared platform allowing the full utilization of infrastructure and technological choices at a local level rather than being bound with the organizations' protocols. This is a type of decentralized ownership that allows teams from different divisions to address requirements as per their needs. APIs are defined, managed and administered by the teams that create it. Also, API access is also decided by the teams only.

Is it possible to manage through a Single Gateway? The above scenario shows one team is isolated from the other for an efficient workflow. But is there any possibility where they use a single gateway to expose all the APIs?

The development teams usually prefer to have a team specific gateway in order to address the requirements of a particular business division. The need for separate gateways for loosely-coupled deployment or installation of different network infrastructures on many different organization units has made organizations opt for the distributed deployment of gateways.

The below figure shows how the distinct gateway deployment will offer self-service as per the customized requirements and management freedom to the development teams.

Image showing a basic structure of a centralized api management platform labeled in different colors


A centralized API management platform is used for the easy administration of all the available gateways. Application developers can choose a specific gateway or the cluster of gateways for their categorized APIs (can be called as a single project) and manage only those grouped APIs, keeping them independent from the other available projects.

Collective benefits of both on-premise and cloud-based architectures can be availed with the hybrid API management platform along with these individual gateways are used for the information exchange. The following figure mentions how the hybrid gateway implementation enhances APIs insights.

an instance of a hybrid api management platform showing working through both on-prem and cloud-based apis in different colors

 

  • Internal back-end services can be availed by the internal users through on-premise gateways while the public back-end services can be engrossed by the external users and vendors through the cloud. For example, in the eCommerce structure, the external partners might need to access the marketing division to get information about the services offered by the organization.
  • External partners can get accessibility for an internal service through a secure VPN tunnel.
  • To ease the access of APIs for both the internal and external users, the on-prem gateway is exhibited through the internet via a firewall.
  • Separate gateway deployment will offer flexible availability of the administrative and analytical information to the CXO’s (Chief Experience Officer) in the cloud API management platform.
  • Information latency gets reduced with the help of on-prem gateways offering no hops to retrieve information from back-end services in a public network.

Further advancements are always welcomed 

Still, organizations are working on to improve the existing hybrid API management platform for the efficient administration of the APIs. A multi-cloud infrastructure is being followed in which the gateways are deployed on-premise and also to the cloud-based partners, freeing them from the task of providing accessibility to the external vendors and partners of the organization.

image showing an instance of multi-cloud infrastructure in different colors


The gateway thus deployed offers both the centralized and decentralized management of the APIs, which can be called the hybrid gateway deployment.

Final note

Organizations are now shifting from traditional development environments to modern agile-development models. The newly adopted development model offers them flexibility, robustness by being fast at the same time. It is imperative to have a structure that will manage the customers', partners’ requirements properly.

Hybrid API management offers the perfect solution for all the API management practices and has eased the overhead burden of API Management. With the hybrid API management, organizations can leverage the benefits stated as, robustness, latencies, securities, trimmed costs and an active approach for their API management solutions.