SOA Software Delivers Lifecycle Control, Agility to APIs for B2B, Mobile and Cloud Apps

SOA Software wants to help companies speed up the launch of secure and governable APIs, mobile apps and cloud projects. Updates to its Lifecycle Manager provide new features that will provide IT operations more control, without bogging down inventive devs. IDN speaks with SOA Software’s Brent Carlson.

Tags: API, cloud, integration, Lifecycle Manager, management, mobile, REST, security, SOA Software, expert voice,

Brent Carlson
senior vice president


"Businesses are asking for
a more efficient way to secure and govern their APIs...without slowing
down developers"

SOA Software wants to help companies speed up their launch of secure and governable APIs, mobile apps and cloud projects.


The company’s latest version of Lifecycle Manager adds features that balance developer needs for speed and agility for devs with IT’s need for more security and control.  

“APIs are driving a lot of innovations, especially with mobile and cloud apps. Given that, businesses are asking for a more efficient way to secure and govern their APIs that open up access to back end systems,” SOA Software senior vice president Brent Carlson told IDN.

“Companies also need to make sure the cool mobile and cloud apps that use these APIs to get to backend systems and data will be secure and comply with policies and regulations,” he added.

Filling this growing need for more IT control needs to avoid putting any more work or pressure on devs that might slow down projects, Carlson said. A recent ALM survey by Forrester found an overwhelming 78% of devs admit the “pressure to deliver faster” has made work harder.

Lifecycle Manager looks to strike this balance between what is too often seen as competing needs of devs and IT, Carlson told IDN.


He highlighted three key of Lifecycle Manager’s latest features. Working together, these technologies let companies move API and app projects more smoothly to launch, and provide assurance that they meet security, policy and regulatory requirements, Carlson said.

  1. A new “Lifecycle API” that enables the integration of business data collection and decision making into technical processes that can be controlled and governed. Granting API access to external devs would be an example. 
  2. A rich “Sandbox” environment that lets devs precisely mirror a real production environment. This speeds the steps across test, Q&A, review and provisioning. 
  3. A configurable end-to-end workflow that allows companies to quickly build custom forms and even enable a combination of automated and human steps. Another productivity benefit is that these components can be reused from project to project. This means IT gains the control and governance it needs – without making devs code workflows or criteria into each project, It also eliminates the need for separate ALM or business process tools.

Sachin Agarwal, SOA Software’s vice president of product marketing, added the changing nature of the API sector is leading companies to ask for a better way to impose API control and governance – without hindering dev innovation or productivity.
“There are two types of API: Open APIs, like those offered by Facebook and Google that any developers can use. And then there are what we call ‘Restrictive APIs,’ such as those used by companies for internal use, ecommerce and B2B,” Agarwal told IDN. “And although the ‘Restricted APIs’ don’t get the attention that open APIs get, they are becoming more critically important to businesses.” In fact, Agarwal estimated some 80% of all new API projects use restricted APIs – either internal or B2B APIs.

SOA Software’s Lifecycle Manager Leverages
REST, Integration for End-to-End API Support

Lifecycle Manager focuses on meeting both the needs of devs and IT by doing what Carlson called “delivering practical solutions that lead to a more rapid and flexible on-boarding processes.”

This end-to-end focus on API projects led SOA Software to develop and include in Lifecycle Manager a set of pre-built forms and approval processes. They reflect today’s API Best Practices, but allow companies to easily adapt them as needed, Carlson added.

The forms, workflows and templates are designed to put all key stakeholders – devs, testing and QA engineers, compliance officers and IT operations – on the same page, and give each better visibility into all the steps, Carlson said. “The idea is that one way to get faster on-boarding is to speed up developer and application registration, and streamline how stakeholders get approvals to work with the APIs and assets behind them,” he added.

Architecturally, Lifecycle Manager also introduces a comprehensive set of REST APIs that support the creation, update and role-based review of business-critical assets that need to be governed (such as services, APIs and apps).

Lifecycle Manager also is designed with pre-defined integrations with SOA Software’s API Gateway and Community Manager products. This lets companies easily assemble a fully-integrated API-focused platform to support API projects by internal and external devs, communities and corporate partners – thanks to access and certification controls, as well as the ability to identify and manage APIs and other assets. 

Other new Lifecycle manager improvements include:

  • GitHub Integration – Lifecycle Manager’s AnySource Asset Adapter automation framework is extended to support GitHub. This brings bringing Lifecycle Manager’s repository and governance capabilities into cloud-based development communities.
  • Layered Architecture Visualization – This lets IT designate specific taxonomies to represent layered models, so that any asset ‘tagged’ with such values can be visualized by layer using Lifecycle Manager’s Asset Relationship Visualization viewer.
  • Role-Based Custom User Actions – This allows admins to extend core asset functionality with custom user actions (e.g., specialized exports).
  • Infrastructure Enhancements – Integration support with the latest releases of popular enterprise infrastructure technologies, including Oracle WebLogic Application Server 12c, Red Hat’s JBoss EAP 6, Microsoft Visual Studio 2013, Eclipse 4.3 and Microsoft Windows Server 2012.

“This era of APIs is being driven by business innovations and experimenting with new business models and revenue streams. Our latest Lifecycle Manager release will help companies launch more API-driven projects much more quickly than ever because it lets businesses embed workflow and governance controls into any existing or new API, app or process,” Carlson said. “It’s exciting times.”