Irregardless of the how much SaaS a company uses, they’re still going to have internal systems. To improve integration across internal systems companies will create internal API’s. They’re already doing so. And, it’s becoming cool to do so even more so I think we’ll see some acceleration in this space.
Internal API’s need to be managed just like external API’s. In fact, a good API management solution will integrate on-premise and off-premise API management tools enabling developers to manage API’s seamlessly no matter where the API sits.
Mashery has an interesting article about API management that unfortunately tells just half the story. A solution that only lets developers manage external services is incomplete. Internal API’s are more likely to be SOAP based than REST based (my own opinion, not a research driven observation). These internal API’s will need different management tools/features, but the experience of managing internal and external API’s will need to be consistent (and consistently easy to use).
A SaaS API management tool is not going to be allowed access through a company’s DMZ to manage internal API’s. I’m pretty liberal on security implications of enterprise SaaS deployments, but even I can’t see any way something like this is ever going to happen. To properly manage an internal API from a hosted API management tool will require storing your internal API contract on the external host. Way too risky.
You might want to start by managing external API’s first to ensure that you’re managing the service you’re getting from an external provider. But keep the endgame in mind. I believe that over time your internal infrastructure will look a lot like these external ones (if they don’t already). You will want to manage contracts between teams the same way you want to manage contracts to your external providers. Doing so will foster an internet-style collaboration model between internal teams, leading to more creativity in how internal systems (and their data) are used by employees (an important and desirable result).
Be careful that you don’t find yourself in a situation where you invest in a tool that provides no possible path towards a unified API management experience between external and internal API’s. You’ll regret it. And, by the time you do, it’ll be too late.
(Originally posted on OpusGrid.)