2014 was a great year for APIs. There were new technologies, and a lot more reach and relevance as API deployments broadened. We just posted the evaluations for our 2014 predictions and there were a few surprises.
Predicting 2015 is even harder since there is so much going on, but here are our thoughts for 2015. Hopefully a few of them will be on the nail.
In addition to inevitably “more growth”, we predict:
- Web API Design Will become a Premium Tech Skill: One of the requests we’ve consistently heard in 2014 is for design help with APIs. But, while there are great resources out there (for example see A Practical Approach to API Design) and we know of more on the way, experience still counts for a great deal and API Design is likely to show up more frequently in job recs across many industries. We also expect there to be a significant new market for API Design courses, workshops and materials. Hopefully this will lead to more best practice and an evolution of what it means for an API to be “great”.
- API Search and Discovery will Heat Up: As the number of APIs increases, it has become hard to find what’s out there – directories and search will become increasingly important. While in many cases people need to answer the question “does company X have an API”, it’s also becoming more important to find all the components of the API – where can I sign up? do they have machine readable descriptions? pricing? We’re hoping for more use of machine readable meta-data formats like APIs.JSON (or any alternatives) to publicize APIs and strong growth for API discovery services like ProgrammableWeb, Mashape, APIs.IO or new ones which come along.
- Automated Code Gen and SDKs will Raise the Bar: Love or hate SDKs, automation of integration and code generation have now reached the point where resulting code can be genuinely useful. As such, we expect code generation with descriptions such as Swagger or 3rd party tools such as APIMatic and RestUnited to help more APIs do what leading APIs do and add code for developers to get started more quickly.
- Security Breaches will be Top of Mind: With multiple high profile Internet security breaches in 2014 (not least Sony in December), risks to online systems are clearly climbing and APIs will need better protection. Along with all their utility, unfortunate done wrong, APIs can also act as a potential new attack vector through which mass amounts of data could leak. Unfortunately this may lead to one or more serious breaches throughout the year and certainly an increase in attempts and threats.
- API Operations will Become “A Thing”: Building on the previous point and challenges we see articulated by 3scale customers, technical operations for running APIs will become more critical. Ops teams will begin seeing APIs as a first class entity alongside Web and other properties. Needs will run from testing, monitoring, security, alerts, troubleshooting, scaling and general management. (For some related theory, see API Operations and Donuts for one of the few pieces on this from 2014.)
- Industry Standards or Shared Specifications will Start Getting Early Traction: The increasing proliferation of APIs for similar services that different interfaces is a challenge for everybody. Hopefully the increasing adoption of service description formats, and common patterns such as Hypermedia frameworks, will lead to more sharing of designs and collaboration. This is beginning to happen in some areas such as civic APIs (CitySDK), but the opportunity is much broader than this. Changes here are likely to be fledgling and sectorial but the opportunity for shared/public definitions is great. At the other end of the spectrum, industry giants such as Google and Apple are releasing new APIs like HealthKit and Google Fit which may provide defecto rallying points for API Designs in certain sectors (if they are opened up for genuine re-use).
- The API Event Scene will Grow: 2014 saw a mushrooming of API events and those events go from strength to strength. We expect this trend to continue, but also broaden with some events trending larger and others reaching new geographies (check out APIDays Sydney in February) as well as becoming sector specific – Papis showed the way in this respect. Event fatigue may kick in, but hopefully some of the events will be closer to where people need them and deep dive into the right topics.
- Realtime and Post Rest APIs: Realtime APIs will continue to proliferate and it will be an interesting year in API that deviate from REST patterns. At scale we’ll likely see more companies adding device centric calls or compiling call results for efficiency on mobile. This does not mean “REST is Dead”, simply that there is pragmatic evolution for new API use cases.
- IoT will Stretch API Architectures: Internet of Things applications are quickly coming to many consumer products and industrial use cases. APIs are almost always part of the equation. This “APIs on board” trend will lead to interesting challenges for evented systems, web hooks and technical solutions since IoT Apis need to function with no general access to the public Internet. In many ways, IoT use cases such as “in home” networks sit half-way between the original notion of software component / operating system APIs (for which one had to be on the local device to call methods) and public web APIs (which can be called from anywhere). IoT APIs often inhabit partial connectivity or local only networks but not be limited to one device.
- Identity, Privacy and Data Access will be Key: APIs are becoming a means to unify content and functionality delivery across devices. It will become more critical to think carefully about user and app identity in order to both create great experiences and to safeguard security / privacy. Efforts like UMA will be interesting to watch. oAuth adoption will grow but it will remain challenging for organizations to create unified user / identity management across devices. The API programs and policies of the major Internet Companies such as Google, Amazon, Facebook, Twitter and others will remain in the spotlight from a data autonomy, privacy and access perspective. We expect movements to continue to try to create decentralized, indie-web style solutions that separate out data and functionality from silos but it’s hard to predict how large players will open up in response.
So there we go: plenty to be wrong about. 2015 looks like a year in which adoption will continue to grow while there are still a lot of new technical and best practice questions being answered, especially in areas like service descriptions, SDKs, Identity etc.
Looking forward to seeing everyone at the various events throughout the year (not least APIStrat Berlin which is coming up in April!).