June 17, 2021
Open vs. Closed APIs
Should you open or close your APIs? If you’re in charge of an application or web service, that’s a key question to ask as you begin development efforts and plan the mission for what you hope your application will accomplish.
Both approaches have valid use-cases. Much depends on how much control you need to have over how your application is used, or if opening the APIs might help drive greater usage by external developers—and perhaps more revenue for your company.
One such example of an open API is Kenzen, which makes a body heat sensor system for worker safety. It features a smart patch that wraps around a person’s bicep that relays stress indicators in real-time. Companies can hand the device out to protect workers against heat injuries. By using an open API, Kenzen allows integrations to its platform and thus increases revenue opportunities.
An example of where an open API would not make sense is Pandora, the online music service. If Pandora used a public API, developers could access the service and skip all the ads—thus destabilizing the business model. Instead, Pandora uses a hybrid API approach where only registered partners can access a limited set of features, with the goal of fostering new experiences and revenue.
Open APIs Benefit Three Groups
An open application programming interface (API) is publicly-available and gives external developers access to a proprietary service. Developers can design APIs using different techniques, but the goal is the same: Make the API easy to consume by a large audience. That’s why it’s important to avoid proprietary protocols and data formats. Open source is the way to go!
Open APIs benefit multiple groups. The owner can expand the application user-base while third-party partner developers can generate revenue licensing the software. External developers like open APIs too—they don’t have to worry about dependencies between their app and API backend.
Providing outside developers with access can also lead to innovative ways that an application service can be used by other applications—without the target application owner having to do all the work. In-house teams may continue to develop applications using the open API, but the main purpose is to get developers from the outside working on complementary services for the environment that the primary application has created.
Open APIs also offer tremendous opportunities for connecting your application services with the applications of other businesses. It’s a great way to get your services inserted into external applications that will potentially lead to customers purchasing your products and services.
Think of all the travel booking sites that link to airlines, hotels, car rental companies, travel agencies, credit cards, and other travel services. Bookings flow into those sites because of open APIs. Social media is another area where open APIs make sense. If you want to improve user experiences and quality of service, open APIs should be considered.
Use-Cases Where Closed APIs Make Sense
Conversely, with closed APIs, the application owner is looking to keep development in-house. The API allows only the company’s development team to use the application services to make new applications. The application publisher thus has a high degree of control over the types of applications that can be developed and the different functions they can perform.
Closed APIs may be used for applications that, once fully developed, will become publicly available. While the capabilities of the application will be limited to what the internal team was able to envision and develop, the application will be fully controlled by the business.
A Business Leader’s Guide to APIs
Particular use-cases where closed APIs make sense are applications that handle confidential information or high-value financial transactions as well as those subject to compliance regulations. Additionally, if an API includes integration to your application infrastructure, you certainly don’t want an outsider to have access.
In all of these cases, you need a robust management strategy to monitor for inappropriate use, maintain strong security controls, and track everything that happens. With an open API, achieving these objectives is next to impossible.
Consider a Hybrid Approach
As described in the Pandora example above, a hybrid approach you can consider is opening your APIs for limited use by companies with an application that represents a strategic value to your application. To grant access, you would give partner developers a unique key ID, but you would keep the API closed for everyone else. This approach can work well if, for example, a company with a CRM application wants to integrate with a limited set of companies that offer a marketing automation application.
Whether to use this hybrid approach or keep an API closed or open should be driven by the overall business strategy of the application you are developing. Accessibility has its benefits because outside developers can offer innovative ideas and new ways your application can be leveraged that may be beyond your imagination. It will also increase the growth in the number of applications that will work within your application’s environment so that your customer base can expand more rapidly.
However, keeping your APIs closed gives you a stronger security posture, which may be critical if sensitive data is involved. You can also control the applications that will work in your environment. And who knows, maybe someone on your team already has all the imagination you need to create innovative uses for your application!