By Boomi
In the past year, companies across industries have proven that they can be agile enough to undertake bold digital transformation projects, switching to work-from-home employment models; shifting supply chains; re-imagining ecommerce and logistics; and launching new digital services that helped employees, partners, and customers remain productive.
And the pace of innovation is accelerating. Companies realize that to compete, they need to continue the work of digital transformation. And that work includes modernizing IT stacks, the layers of software and hardware that companies depend on for all their IT operations.
If a company is going to innovate quickly, it can’t continue relying on legacy hardware and software from a decade or two ago: on-premises servers that are expensive to provision, maintain, and update, and large, monolithic software applications that are difficult to customize and connect.
The future is here, and it’s being built with Agile software development practices using a mix of modern IT design patterns and technologies, including low-code software development; software components — whether developed with low code or not — that can be built quickly and reused and recombined as necessary; and application programming interfaces (APIs) that open access to data and software features to other authorized applications and services, wherever they might be running.
The goal: deliver integrated experiences that provide users — customers, partners, and/or employees — with the data and capabilities they need, in as fast and efficient a method as possible.
APIs are an essential part of the IT toolkit for innovative companies. APIs provide programmatic access to software features, making those features useful to other applications and software services. They also make it possible for software teams to subdivide what would have been monolithic applications into combinations of microservices, each designed and optimized to perform a specific function with a high degree of quality and flexibility.
The Advantage of Dividing Applications Into API Services and Reusable Components
Ten or twenty years ago, when a customer accessed a website application, they likely accessed a massive software application that included all its features in a single, monolithic archive. If the development team wanted to improve one feature of that application, they needed it to edit, test, and re-release the entire application — a time-consuming and risky endeavor.
Today that feature is likely a software component or microservice that can be built, tested, and released independently of all the other features in the application. Instead of waiting for a major software release that occurs once or twice a year, developers can introduce and modify features whenever needed: monthly, weekly, even daily if that what a situation requires.
It’s important that companies have API lifecycle management tools in-house so they can quickly and efficiently build, publish, and manage APIs as part of their modernization strategy.
Because APIs enable software features to be built and updated independently, large development organizations can be divided into smaller teams, each of which focuses on a specific feature. Focusing on a feature or small set of features helps developers stay familiar with the code they’re writing. Product quality improves as a result.
When digital transformation projects require features to be combined in a new way to create a new type of integrated experience, developers can add and mix features without worrying about hidden dependencies or the burden of testing and re-releasing an entire product.
Of course, APIs aren’t the only way of building connections between applications and features. Developers can also take advantage of a modern, low-code development environment like that in the Boomi AtomSphere Platform to quickly build integrations, workflows, and other reusable components that can be combined to create integrated experiences. And, inevitably, companies will continue to continue relying on some of their large, monolithic applications as part of their digital transformation projects.
But in many cases, APIs will be the preferred approach. So it’s important that companies have API lifecycle management tools in-house so they can quickly and efficiently build, publish, and manage APIs as part of their modernization strategy.
How Boomi Is Modernizing API Security
At Boomi, we’ve long recognized the importance of APIs, and we’ve continued enhancing the API lifecycle management features of the Boomi AtomSphere Platform.
Some of our recent enhancements to Boomi API Management address two critical areas of software development: efficiency and security.
Efficiency requires that data move through as few nodes or stages as possible. If you can eliminate a component or network node in a workflow and achieve the same functionality, then eliminating it probably makes sense. You’ll save money in development and maintenance costs, and you’ll accelerate the flow of data.
Security, of course, remains critically important for API management, as companies do more with the data they have, moving it, transforming it, and applying it in new experiences for customers, partners, and employees.
Authentication is an important aspect of API security, and we’ve recently simplified the software architecture required for API authentication.
Specifically, we’ve eliminated the need for an authentication broker when securing APIs managed by the Boomi AtomSphere Platform. Previously, clients accessing APIs would need to connect through an authentication broker, which in turn would pass credentials through an identity management broker such as Okta, which would then in turn pass credentials to the Boomi API Gateway. If the identity management broker accepted the credentials, it allowed the client to access the Boomi API Gateway.
Now, by supporting a standard called JWT (JSON Web Token), clients can connect directly to an identity broker, which then passes credentials to the Boomi API Gateway, without connecting to an authentication broker first. The result is reduced complexity for developers and faster performance for software clients and end-users accessing Boomi-managed APIs.
As part of their IT modernization strategies, we also encourage Boomi customers to migrate from SAML, an XML-based authentication language, to OAuth, a more modern authentication standard that provides more flexible scoping of permissions. OAuth makes it easier for an application to grant access only to certain features of an API, rather than granting access to all features automatically. By providing only the permissions that are needed for a particular use case, API developers can help protect data privacy and reduce the risk of unauthorized access to data or features.
Learn more about using JWT with Boomi in this Boomiverse article.
Answering the Mandate for IT Modernization
To compete and win in today’s fast-moving markets, companies need to continue innovating, modernizing their technologies and operations to deliver increasingly valuable experiences to customers, partners, and employees.
APIs play a key role in this work. By modernizing their own API capabilities to take advantage of low-code development and recent standards such as JWT, companies can accelerate the development and deployment of new applications, services, and integrated experiences required for success in a digital world.
Learn why more than 15,000 customers rely on Boomi for pervasive connectivity, data readiness, and improved user engagement. Try our platform for 30 days, for free.