API Enablement

A company needs to open its services to third party applications.

Problem

A company that provides services online has been losing competitive advantage because they are not open for third-party applications.

Overview

The company provides online services to customers globally through their mobile application. Thanks to heavy continuous investment into the service quality and application user experience, they have been the first choice for a number of customers so far.

Although the company is one of the market leaders, it has been progressively losing the market share. The research conducted by the company shows why.

The competition has been increasing their market share mainly thanks to new customers using third-party applications and devices.

Third-party developers haven’t been strategically important to the company, thus the company doesn’t have technical capabilities to change that instantly. The company is aware of hidden and uncontrolled integrations through non-public APIs, but it is a niche that will not scale.

For the developers and device vendors who risked such an integration, it has been a detective task to discover and integrate with non-public APIs. The integration is hard to maintain if there is no confidence in the API stability.

Solution

The company changes the strategy and looks for a quick and secure way to open to third-party developers. They decide to use Cloudentity’s solutions to

  • Open for third-party developers with a developer portal
  • Build third-party developers’ confidence by exposing public APIs
  • Let developers integrate their applications easily in a standardized way
  • Define access rules with authorization policies
  • Enforce resource access rules on APIs
  • Get visibility into third-party applications and services they consume with the API governance
  • Integrate with the existing consumer identity and enterprise identity

Result

Cloudentity’s solutions allow the company to

  • Quickly open for third-party developers and thus increase its market share,
  • Discover integrations and developers so far hidden and uncontrollable; manage developers and their applications, control the service consumption,
  • Gain the credibility of third-party developers and device vendors who are confident of the APIs specification stability and inclined to introduce features that leverage the integration,
  • Set up access policies enforced during the API access to define who and under what conditions can access services, service categories, and resources,
  • Gain API governance tools to control APIs, applications, and the services resource access,
  • Significantly improve the user security, which shows, for example, in the company’s customer care reports as a drop in stolen account complaints: Users are clearly informed they should not use their credentials in third-party applications anymore.