The year 2015 wrapped up with some great conference events (APIStrat Austin and APIDay Paris to name just two) that brought many people working in APIs together and never fail to move the ball forward. Videos and photos from those events have been going up over recent weeks (track @apistrat for videos), so everyone can tap into the zeitgeist themselves. Huge thanks to all those involved in these events and in curating great content – especially Mark Boyd who was involved in both!
2015 certainly felt like a year of getting down to brass tacks and many organizations pushing their API programs hard to create real value, as well as tool vendors increasing in number and upping their game to meet expectations. While that’s something we expected, we also made some specific predictions for 2015 as we do every year. And as usual, it was one of the most read posts on the blog, so it’s time to find out what we got right and what we got wrong. Stay tuned later in the week for our 2016 predictions!
Here are our 2015 predictions and how we fared. We’re awarding a full point only if we nailed it, a half or zero otherwise!
1. Web API design will become a premium tech skill [1 point]: We’ve consistently seen more requests for API design advice, and it also seems to be making its way into job postings. Looking at Indeed’s job trends index:
API design is definitely on the rise, and we’d be surprised if that changes anytime soon. As an added bonus, “API management” is also on the rise, so operations are gaining in importance as well as design.
2. API search and discovery will heat up [1/2 point]: We predicted a significant rise in public API search (listings and search). While these indicators have grown (the Programmable Web index of APIs now stands at nearly 15,000 and APIs.io at nearly 1000), we haven’t seen as much growth as we expected for public API search yet. What has become increasingly common, however, is for large organizations to seek search and directory capabilities internally to keep track of large numbers of private APIs (something which can be done with the 3scale product). Half a point on this, and we’re expecting more growth to come.
3. Automated code gen and SDKs will raise the bar [0 points]: Another prediction that saw progress but not huge breakthroughs. APIMATIC, RestUnited, and others are gaining traction, and API providers are getting better at providing code samples. But it remains far from the norm for APIs. On balance, we’re scoring this at zero, but expect a big year in 2016.
4. Security breaches will be top of mind [1.5 points (unfortunately, this came true in spades)]: Unfortunately we were right on the money with this prediction. API breaches have been frequent and significant in 2015. Moonpig was out of the gate almost immediately on the 5th of January. The IRS “Get Transcript” API was used to compromise at least 100,000 personal records in May. Instagram was forced to further tighten security in November, and the Kardashian’s mobile App suffered breaches immediately after launch in September. Hacks have even included cars, medical devices, Internet-connected Barbie dolls and possibly in-flight aircraft. These breaches and others are certainly raising awareness of API security and best practices – something that we’re sure will remain a big topic in 2015.
5. API operations will become “a thing” [1 point]: With this prediction, we had the trend right, but the label wrong. Just as API security has risen on the agenda, so have other management issues with APIs (rate limits, analytics, alerts, debugging, scaling). 3scale’s monthly inbound product requests more than doubled between June and December, and we expect that trend to continue. We’ve also seen the emergence of API specific consultancies such as apiware that handle not only API development but also ongoing support and maintenance. The label “API operations” however is still less widely used than API management, so maybe we’ll be calling it API management for a while.
6. Industry standards or shared specifications will start getting early traction [1 point]: This year has seen pretty significant progress in terms of formalizing API definition standards. The Swagger community has now created the Open API Initiative, making Swagger the basis for the first formal shared Standard. RAML also reached its 1.0 milestone. However, we’re still waiting for greater traction for industry-specific standard API interfaces like CitySDK, HealthKit and Google Fit.
7. The API event scene will grow [1 point]: After a great year in 2014, it’s hard to imagine things getting much better. Still, after two great APIStrat events in Berlin and Austin that really moved the technical ball forward, and APIDays events across the world, APIDays Paris topped the year off with nearly 900 attendees in December, making it the biggest non-vendor event yet. Numerous other events such as REST Fest, I Love APIs, Nordic APIs, and others all added great experiences. It’s hard to overstate how important these events are in cross-pollinating best practices and supporting those new to APIs. Look out for the next APIStrat event announcements early in the New Year! A shout out to APIDays Australia, which is already coming up.
8. Real-time and post-REST APIs [1/2 point]: We’re scoring this at a half point with clear traction for real-time APIs and even non-HTTP APIs, and many of the main technology companies now offering some parts of their API assortment in real time form (Google, Twitter, Facebook). It’s only half a point, however, since we think there is significantly more growth to come and since real time still hasn’t quite broken through as a standard element of most API stacks.
9. IoT will stretch API architectures [1/2 point]: There’s been clear progress in IoT and APIs with new platforms emerging like Built.IO and big players including Salesforce, Oracle and Amazon all announcing new IoT-specific platform offerings. Still, this tooling has yet to translate into wider deployment to make the fusion of IoT and APIs complete.
10. Identity, privacy and data access will be key [1/2 point]: OpenAuth has continued to be the gold standard for authentication of sophisticated APIs, and other complementary technologies are more commonly being added (such as JWT). However, we’re still some way from having truly unified patterns for identity and data access. Lots of improved tooling still needed here. We’re expecting great things from pure play companies such as Auth0, oAuth.IO, Stormpath, established identity providers such as Ping and Okta as well as API management vendors.
Phew – some big predictions there. Adding up all those scores our grand total comes to… 7 points out of 10 – 1 point better than last year. This may mean we’re getting wiser or we hit a lucky streak. We did hit some major trends with our predictions – with almost all of them being directionally right, though not all those trends have fully played out yet. We hope the predictions were useful in helping guess what was coming!
Stay tuned for the 2016 version, which is coming right up…