FTP vs. API
Here at Profound Logic, our focus is helping our customers as they move their applications into the future. A future with flexibility and seamless integration. A future where their IBM i applications and data coexist as an equal player in their enterprise. Applications and services, both internal and external, need to be brought together to bring business value and innovation. Bringing these various and ever-changing systems together to deliver modern solutions is a top priority for all businesses. This is what we mean by futurization.
As we discuss integrations with customers, almost all have some sort of data import or export involving a flat-file format such as CSV, tab-delimited, or fixed position. These files are sent and received using file transfer protocols like FTP, SFTP, or FTPS. While there are times when these types of imports and exports are the right solution, in most cases, a well-implemented API strategy will deliver better business value, simplify implementation, and reduce risk.
Problems With FTP Integrations
While transferring files between systems has certainly served as a solution for integration for decades, the approach is dated and has inherent drawbacks.
Data Latency
Data latency is a common issue for all integrations that are done in large scheduled batches. Solutions like FTP transfers and even EDI will often transmit large amounts of data that can become out of date almost immediately due to rapidly changing business conditions. In the past, when business moved at a slower pace, updating data between systems two or three times per day was sufficient. Modern businesses need to make decisions with always current data, and they need all parts of the business using the same data.
A well-built API interface can allow all of your applications and services to have real-time access to your data and processes. If an order comes in from a customer, shouldn’t it be reflected in your order entry, CRM, and distribution center systems immediately instead of hours later when the order entry system FTPs new data to the other systems? Shouldn’t that be the case even if some of those systems are on different platforms, different data centers, or even in the cloud?
Security
To transfer files via FTP and similar protocols, a valid user profile is needed for authentication. This is true when using username and password or SSH keys. Providing a system user profile and authentication information can be a security risk.
- Unless properly secured, this profile could be used to access the system for more than FTP transfers. Telnet, 5250, SSH, ODBC, JDBC, and other tools could be accessed.
- Even within FTP, remote commands can be run once logged in.
- Profiles used for integrations like FTP rarely have their credentials set up to expire.
- Authentication information is stored on the remote system and could be discovered during a hack or even by a legitimate user with too much authority in the remote application.
With an API solution, authentication does not have to be tied to an actual system profile. API user profiles can be managed within the API solution or even on a 3rd party server using OAuth. This ensures that the user profile can only be used to consume APIs, reducing the potential for misuse.
Profound Logic Can Help
Profound Logic is here to partner with our customers in all aspects of application development, IT strategy, and futurization. Our knowledgeable staff can help your company build a strategy and roadmap to prepare your applications and staff for anything the future brings. Our tools, like Profound API, and our experience with both IBM i and emerging technologies help ensure your shop reaches its IT and business goals.
Profound API is designed from the ground up to make creating, managing, deploying, and consuming APIs simple. Using Profound API makes it easy to:
- Define API interfaces, including methods, paths, and parameters.
- Secure APIs with built-in authentication and authorization.
- Build API logic using an intuitive low-code development environment.
- Access databases (Db2, MySQL, MariaDB, Microsoft SQL Server, Oracle).
- Automatically document API interfaces using OpenAPI/Swagger.
- Make API documentation easily discoverable with a built-in API Explorer portal.
- Monitor the performance of APIs with an easy-to-understand dashboard.
Profound API is a comprehensive set of easy-to-use tools that reduce the learning curve and have you working with APIs in minutes, not weeks.
Find out more at https://profoundlogic.com/api.