APIs are increasingly being recognized as one of the most important infrastructure trends for enterprises in the next few years as more companies seek to open up their internal systems to customers, partners and other third parties. The API Economy Session at EIC 2012 last week was a great snapshot of both he potential and the challenges involved in such a transformation.
Craig Burton (KuppingerCole) provided an an excellent overview of the opportunities of the API Economy and there were presentations and inputs from Fulup Ar Foll (KuppingerCole), Kim Cameron (Microsoft) and Martin Kuppinger (KuppingerCole). The day before Ping identity’s Andre Durand also highlighted Cloud APIs as one of the most important new frontiers for Identity in his keynote.
Our slides on the provider view are here:
Reflecting on the event, many of the challenges organizations will face in taking advantage of these new opportunities revolve around the fact that they are authenticating and authorizing new types of users to their systems and this is happening in two dimensions simultaneously:
- From Internal to External: Many of today’s identity management solutions focus on the internal systems of the enterprise – which employees, divisions and systems are permitted to access which systems. This is an extremely challenging problem. However, it becomes even more challenging when access must provided to external parties as is generally the case with Open API – often the external parties are trusted to an extent but not completely and different levels of access are needed to determine who gets what, furthermore user directories are no longer fully under the control of the owner of the data or service in question.
- From Human to Machine: Today’s systems are primarily concerned with granting “Human access” to systems with interfaces accessible in the Browser or through some other UI. This means certain types of authentication are appropriate and the expected capacity of users is reasonably well understood. For API’s however, this changes radically since access is generally granted to software systems developed by external third parties – software systems which might be orders of magnitude faster or more data hungry than human users.
Given these trends and the economic imperative for open APIs, the next few years are likely to see a powerful trend towards managing identity across organizational boundaries and – viewing enterprises as a collection of services they expose and manage access to, rather than as a set of end products they produce.