By Jaime Ryan
Success in digital transformation and AI initiatives of any kind depends on APIs and effective API management. With the release today of the Boomi API Control Plane, we’re giving organizations a powerful and practical solution for federated API management, enabling you to tackle the problem of API sprawl and discover, manage, and govern APIs at scale.
In this post, I’ll give a quick overview of the Boomi API Control Plane and its position in Boomi’s overall solution for API management. I’ll also offer a concrete plan of action enterprises can adopt today to gain unprecedented visibility into and control over their API investments, setting the stage for accelerating progress on AI, digital transformation, and other business-critical IT investments.
New Acquisitions Expand Boomi API Management Capabilities
At Boomi World in April, we announced that we’ve acquired the federated API management business from APIIDA AG, an innovator in the API management market. This acquisition brings APIIDA’s federated API management capabilities to the Boomi Enterprise Platform. The APIIDA solution also features a modern API developer portal with low-code, drag-and-drop design features, streamlining the documentation, publishing, and marketing of APIs. We’re now making all these capabilities available through the Boomi API Control Plane.
We also announced bolstering the enterprise-grade scalability and security of the Boomi platform by acquiring API management assets — the former Mashery business — from Cloud Software Group, a new company formed by the combination of TIBCO and Citrix. We’ll be making more announcements about the Mashery product later this year.
Both acquisitions accelerate Boomi’s roadmap for providing solutions to the most pressing API management challenges that companies face today, allowing enterprises to rapidly and securely deliver business value through API products created and managed in one end-to-end enterprise platform. And both of these acquisitions help realize Boomi’s vision for API management centering on:
- Governance and visibility through federated API management
- Simplicity through low-code and no-code development
- Enterprise security and scalability
Why is API management so important? APIs are the connective tissue for data and transactions in the modern enterprise. They’re the means through which most applications and all microservices communicate. They’re also an essential technology for moving data into and out of AI large language models (LLMs), AI agents, and other AI applications.
Any digital transformation initiative aiming to capitalize on AI and automation requires a solid foundation for managing APIs. At Boomi, we’re providing that foundation to customers with our own recently enhanced API Gateway and the Boomi API Control Plane, both of which are available today.
Tackling the Problem of API Sprawl
Importantly, the Boomi API Control Plane provides visibility and governance that’s missing from most API deployments today. Without centralized, comprehensive visibility and governance, API developers and consumers are left with questions like these:
- What APIs have been deployed and where?
- How many are active?
- How many are dormant and unmonitored?
- Which are redundant?
- How many are compliant with security policies?
- How can developers easily discover all the active, supported APIs that are available, so they don’t needlessly spend time and resources developing new APIs?
Together, these questions point to the problem of API sprawl. Over years, various teams across an organization have developed and provisioned various APIs — some with IT oversight and some without, some using one type of API gateway and some another. Most organizations do not know how many APIs they have, and are using API gateways from multiple vendors.
APIs are a critical resource for any data-driven business, but API sprawl is a symptom of resources being unmanaged, underutilized, and often unsecured. When APIs can be found, each may have a different process for adoption. Investments in creating them go to waste. And unmanaged, unsecured APIs create security risks. These “shadow APIs” are involved in 31% of cybersecurity attacks against transactions. That exposure is just part of a larger problem with poor API security. In a 2023 survey by Traceable.ai, 74% of organizations reported at least three API-related data breaches in the past two years.
Organizations want to leverage their data for AI and other initiatives. The operational murk and financial waste of API sprawl undermines those efforts and others.
Solve the Problem of API Sprawl With the Boomi API Control Plane, Starting Today
The Boomi API Control Plane solves the problem of API sprawl. It provides a single, cloud-based dashboard with visibility into all API environments across your organization, making it easier than ever to discover and catalog APIs and to ensure that APIs comply with all applicable security policies.
The Boomi API Control Plane provides:
- Centralized API Discovery: Discover all APIs within an organization from a single location, bring shadow APIs under control, and increase API consumption to drive business innovation.
- Simplified API Management Across Gateways: Enhance productivity with a consistent developer experience, gain insights into API performance and usage, and extend the value of existing on-premises and cloud investments.
- Strengthened API Governance: Ensure consistent policies across all platforms, reduce the risk of data breaches, and streamline security audits, making compliance simpler and more efficient.
Boomi API Control Plane customers can tackle the problem of API sprawl and build a strong, data-driven foundation for their initiatives in AI, event-driven architectures (EDA), and more. They can also take advantage of a new developer portal to streamline API productization and documentation, to standardize API branding, and to make publishing and managing APIs accessible to a far broader community of developers.
Here’s how the Boomi API Control Plane can benefit your IT organization and revolutionize your API program today.
1. Discover and Register All Your API Gateways
Use the Boomi API Control Plane to discover and register all your API gateways. You can centralize monitoring and management of API gateways from eight different vendors: Apigee, AWS, Azure, Boomi, Broadcom, Gravitee, Kong, and WSO2. Gain visibility across all your environments: test, production, internal, external, and so on.
Boomi’s federated API management solution is low-touch and vendor-independent, allowing you to leverage your existing on-premises and cloud API runtimes, so you don’t have to rip-and-replace dozens of APIs gateways or introduce a new gateway in front and standardize on a single vendor’s solution. Boomi lets you manage and benefit from the API investments you’ve already made.
2. Audit Your APIs
Conduct security and quality audits on your APIs to ensure that appropriate policies are in place. Check for conformance to the OpenAPI specification, vulnerability to OWASP Top Ten API Threats, and adherence to corporate style guides. Create and import new rulesets for custom validations.
Highlight APIs with the highest latencies and worst security/quality scores, and identify which teams have the lowest average scores. Identify shadow and zombie APIs that are unmanaged or don’t have active subscription growth. Track API and product subscriptions and ensure healthy adoption trends. And do it all from a single governance dashboard.
3. Manage Unmanaged APIs
For APIs that are unmanaged or under-secured, leverage the Boomi API Gateway to apply access control, introduce new subscription plans for your API consumers, and configure reusable policies for security, traffic management, and mediation.
Customize cross-origin resource sharing (CORS) policies to ensure access only from trusted domains. Prevent common threats across multiple API styles, validate inbound and outbound payloads, filter certain operations or URL paths, whitelist or blacklist consumer IPs, set limits on message size and other attributes, etc.
4. Make APIs Easier To Use
Use the API Control Plane’s new developer portal to make APIs easier to find, understand, and adopt.
- Make it easy for API product managers to create, document, and manage API products.
- Use a drag-and-drop interface to easily add branding elements to API portals.
- Offer richer descriptions of APIs and with markdown- or rich text-driven pages alongside auto-generated interactive documentation.
- Drive API adoption with APIs that are easier to find, easier to understand from both technical and business perspectives (thanks to more complete documentation), easier to trust (thanks to improved security policy enforcement), and more attractively branded.
5. Make Better Decisions and Deliver ROI
With visibility into all APIs across your enterprise made possible through the Boomi API Control Plane, rationalize your API investments. Deprecate and retire obsolete APIs, improve the packaging and presentation of APIs that matter, and spur their adoption.
With a consistent API consumer experience ensuring business continuity across your internal and external developers, leverage this opportunity to retire or transition API gateway infrastructure to platforms of your choice.
Build With Boomi
As companies prepare to make their data available to their AI initiatives, tackling API sprawl and improving API adoption are two steps that help drive digital transformation and the acceleration of AI and automation initiatives across the enterprise.
At Boomi, we’re making it easier than ever for organizations to provision, discover, and secure APIs, using federated visibility, management, and governance to make API management easy, scalable, and insightful.
To learn more about the Boomi API Control Plane and conduct a brief API Maturity Assessment for your organization, visit boomi.com/apim.