4 min Applications

Boomi brightens shadow API sprawl

Boomi brightens shadow API sprawl

Integration and automation company Boomi has detailed the shape of its newly announced Boomi API Control Plane and positioned the technology as a tool to discover, manage and govern all application programming interfaces (APIs). Key to its core capabilities are functions designed to boost developer productivity when weaving in connections to API-based services. It also offers features in the realms of strictly defined API governance so that connected apps only benefit from the third-party API juice that they are supposed to be drawing upon.

With this news emanating from Boomi’s headquarters in Conshohocken, Pennsylvania (just a skip from Philadelphia), the company has engineered this service as a result of its recently acquired federated API management business from Apidda.

What is API federation?

For completeness here to define the set of design principles, tools and infrastructure behind API federation, this approach enables software application developers to expose a set of services and event streams within a bounded context. As MuleSoft (Salesforce) API engineer Antonio Garrote explains, “By exposing services within a particular bounded context as a unified and consistent API for external customers, [this] allows individual services within the bounded context to evolve and change without additional restrictions.”

Given the geographical freedom that API federation allows, developers working at this level will need to avoid relying upon a manual, fragmented approach to registering, managing and publishing APIs across distributed platforms because those APIs be undiscovered, overlooked and hence unadopted by users and applications that should be using them… and this is what Apidda’s toolset is built to address.

API shadow & sprawl

Adding this new ability to unify access to all APIs across cloud-based and on-premises API gateways from multiple vendors, the Boomi API Control Plane promises to enable software teams to discover all APIs in one place, including so-called ‘shadow APIs’ that may exist outside the purview of IT. 

“APIs are the backbone of modern digital transformation, yet managing them across various platforms remains a significant challenge for many organisations. Boomi provides a federated API management approach that is vendor-independent, enabling organisations to utilise existing on-premises and cloud API runtimes effectively while addressing API sprawl,” said Ed Macosky, chief product and technology officer at Boomi.

Macosky insists the Boomi API Control Plane offers an integrated, holistic solution that simplifies operations, strengthens governance and accelerates innovation. He further points to comments made by  Shari Lava, senior research director for AI and automation at IDC who says that organisations increasingly need federated API management to handle the complex and diverse API landscapes that span multiple environments and platforms.

According to Lava, “A centralised, federated approach [to API management] can enable consistent governance, security and monitoring across all APIs, reducing risks and enhancing operational efficiency.”

Offering centralised API discovery functions, the Boomi API Control Plane allows software engineers to discover all APIs within an organisation from a single location, bring shadow APIs under control and increase API consumption to drive business innovation. The company also highlights simplified API management across gateways for a consistent developer experience to gain insights into API performance and usage. There is also strengthened API governance here to ensure consistent policies across all platforms, reduce the risk of data breaches and streamline security audits, making compliance simpler and more efficient.

The rise of the API economy?

“[Today we can say that] API management solutions need to work well across a heterogeneous landscape of API gateways and portals to address enterprise governance. Second, companies need richer capabilities to support the business activities of the growing population of API product managers within their organisations. Lastly, as more and more people and roles become involved in the API lifecycle, usability needs to be democratised to present the right interfaces for the right users,” wrote Matt McLarty, chief technology officer at Boomi, in a technical blog in May this year.


Key to Boomi’s vision at this time appears to be a smörgåsbord of API tools positioned at different tiers of the IT stack from an API gateway to look after runtime governance (security, rate limiting, dynamic routing etc.), an API developer portal (where endpoints and tooling are available) and an API admin portal for API product owners and administrators to view analytics and manage the lifecycle of APIs… plus of course the Boomi API Control Plane toolset on offer here.

As the so-called API economy continues to emerge, Boomi will want to show us a way to manage the realities of API operating everywhere. At a time when prudent IT management will now be looking to drill down on API rationalisation to calculate what ROI it is drawing from investments in this approach, any notion of best-in-class API lifecycle management may still be some way off.