Organisations cannot work on their own as they need to integrate with customers and suppliers. I will explain some of the integration types I have worked on until now.
REST
This is the standard and what all systems should use nowadays. It is simple, clear, and easy to create and to consume. In Java, for example, you can use Feign to call endpoints, and the JSON requests and responses are automatically converted to objects. If you want to make the consumer happy, you could also provide a Postman file, like some companies, such as Currency Cloud, do, or even a connector, as Atlassian provides.
There are many ways to handle security. If you are the provider and want to protect the endpoints, a simple way to do it is to have the APIs in a secure network and use some tools like Apigee that allow you to expose only some endpoints. If you are the consumer, you will have to handle different ways, like sending a security token in the headers or first making an authentication request that will return a token that would be sent in the next requests.
SOAP
This is a bit older alternative that has the advantage of having more stable formats in the requests and responses. The providers usually share templates with the format (wsdl). There are some tools, such as JAXB, that allow the generation of objects and converters that transform the data to the format accepted by the API.
Connectors
Many organisations use the most popular SaaS solutions like NetSuite or Salesforce. Some companies have noticed it and have created tools that have connectors built in for them. There are some scenarios where they are handy, like when the team that maintains the integrations doesn’t have experience coding. However, these tools are pricey, and I have both sweet and sour experiences using them, so I will leave it to you to try them and decide for yourself.
SFTP
This is the most standard approach used by organisations that don’t offer APIs, including banks and SaaS platforms. They upload spreadsheets to a server that you will have to poll to detect when a new file has been added. They may allow access to the server from only one whitelisted IP address, and it may take them some time to configure it, so I would suggest asking for it and testing it since the very beginning. I had to wait for weeks to use the production SFTP of a bank because the IT responsible was on holidays and then different teams had to coordinate to configure it.
Alternative solutions
This is one reign where I hope you never have to enter. There are some organisations that don’t have resources to integrate with partners, so they offer other solutions like a back-and-forth of emails that you would have to parse or generate, or putting the files in external systems like Box. If it is by email, I hope you can convince them to send the data in a spreadsheet that is encrypted or at least is protected by a password, as the communication by email is quite insecure. In the case of using systems like Box, you may be able to have access to a REST API that may allow you to get the files easily.
Summary
There are different ways of integrating with other systems, and it will depend on both sides. If possible, use REST; if not, use SOAP and leave SFTP and other solutions for the cases when an API is not accessible.
Leave a Reply