API sprawl is when an organization doesn’t have a clear vision for how to implement their APIs, leading to confusion about who’s responsible for different APIs or even what APIs exist in the first place.
Businesses are deploying a record number of internal APIs. According to Rapid’s 2022 State of API Report, organizations with 10,000 or more employees have an average of over 250 internal APIs.
API sprawl poses some specific risks for business owners, though, which can have serious repercussions for anyone looking to generate income with a service that uses APIs.
API sprawl causes APIs to spiral out of control quickly, creating new endpoints faster than they can be tracked. This can cause everything from broken or underperforming services to wasting time on unnecessary work to all manner of security risks.
Data breaches have been exploding over the last 10 years. A staggering 66% of consumers won’t trust a company once they’ve experienced a data breach. Once a customer’s data has been exposed by your business, you may never get them back.
According to recent research from McKinsey & Co., a product that’s six months late to market can earn 33% less profits over five years.
API sprawl can result in an uneven user experience, for example, if an incorrect API works its way into an API catalog. If they’re able to see the backend of a product, they may end up encountering an API without any documentation, which could end up leaving an unfavorable impression of your business.
The good news is that API sprawl has become such a prevalent concern there’s a wide range of excellent wisdom and best practices you can follow to keep it at bay.
Employing an API catalog is one way, as it puts all of your APIs in one central location. This makes it much less likely for an API to get lost in the shuffle.
Following an API-first design is another, as your API will be planned before it’s built. This all but eliminates the possibility of unknown endpoints that could be an API security risk.