Question by birute@google.com · May 02, 2016 at 07:34 PM · 388 Views api management ama ama ed anant esb

Why do I need API management to expose an API when I already have ESB?

Add comment Show 1

10 |5000 characters needed characters left characters exceeded

Kristopher Kleva · May 03, 2016 at 06:55 PM 0

Link

Good question... I wonder this all the time ;0)

Answer by anant · May 05, 2016 at 08:31 PM

In the answer to @Dino, I had given some reasons why APIs around the ESB endpoints is basically just that -- you might have given a “REST” interface to your endpoints. Even for that exposure, you need to think through the endpoint management that is needed. What is your security model? Is your endpoint being touched from outside the firewall? And even if it is being touched from only inside, do you really trust that it has not been breached? What visibility are you getting? What documentation do you have on your endpoints? You do not get any of it by just putting a REST interface to the ESB endpoint.

And on top of it, you get none of the consumption benefits that a true API should have. A developer portal, keys associated with applications, visibility, APIs as a product -- the list goes on and on.

Finally, the architecture of ESB gets in the way of the right API architecture -- the latter scale, distribute, have self-service models, support the right tradeoffs between exposure and governance concerns.

ESBs can’t solve the API problem. New architectural trends -- many more backends have APIs, integration moving to code, and http based connectivity -- allow you to do in the API layer what you might have thought to do in the ESB layer. And a lot lot more :)

Add comment · Link