API Management

Top API management vendors and key criteria for selecting one

top list of API Management vendors

Selecting the best API management tools is critical to supporting your digital initiatives, platforms, and transformation. But what correlates to success?

As we walk through some of the key criteria to look for in an API management vendor, we’ll provide a top vendor list to help further guide you in the right direction.

Industry shifts: look through the lens of what’s new

In an ever-evolving market, it’s essential to pause and consider what’s changed in the last year or so. Reflecting on these industry shifts can help you identify ways to extend your enterprise’s coverage, leverage more automation, or achieve a broader reach — or perhaps a combination of these elements.

Let’s pull back the curtain on some of the most significant industry shifts and how they factor into the choice of an API management vendor.

The shift toward cloud-based environments

Where do your applications and systems live?

For many modern enterprises, the answer to this question includes the cloud. 77% of enterprises have at least one application or part of their computing infrastructure in the cloud, and 82% of IT leaders reported adopting a hybrid cloud where applications are split between public cloud, private cloud, and on-prem environments.

Amid this shift in API activity, many enterprises are faced with a balancing act where they need to create API facades that support legacy tech while supporting a new wave of hybrid architectures that straddle multiple environments.

API management tools must enable deployment across these environments (present day and in the future). Yet, it’s even more critical to ensure an API management platform can provide the same level of rich security, successfully address complex workflows, and capture all API traffic across these various environments.

The shift toward automated security measures

Considering the assets, data, and digital experiences at stake, API security is a top priority — and its importance has only grown in light of the growing API sprawl.

In a 2022 survey of IT experts from 350 companies, 41% reported their organization had an API security incident in the past year. Of those companies that experienced an incident, 63% dealt with a data breach or data loss.

Does your API management tool have security in its DNA?

While backed by industry-level security best practices and data protection regulations, the modern API management tool you choose should feature real-time monitoring tools, so vulnerabilities are automatically detected and businesses can shore up weak points.

The use of an open API management platform further supports these efforts. With a centralized view and governance over data flow across multiple environments and teams apt to change over time, you’ll have the flexibility to strengthen your existing technologies and replace outdated ones to maintain a strong security posture.

The shift to APIs as products

The way enterprises think about APIs has evolved from the idea of projects to products. And for good reason: the API economy is booming.

Businesses worldwide are leveraging the power of existing products and services to help scale their business initiatives in a fraction of the time. We can see this integration in travel websites like Expedia that pull in airline and hotel information and ride-share services like Uber that pull web mapping platforms into their interface.

Who will drive the consumption and adoption of your APIs as you scale?

There are some robust platforms for developers on the market, offering features and functions focused on rich design or continuous integration. Others may fall under the category of enterprise serial bus (ESB) platforms with API facades that serve to address business needs but can take years to launch and are expensive to learn.

The API management platform you choose should cater to both parties. Developers should have the means to efficiently build and scale, while digital product managers should be able to innovate quickly and launch new offerings.

To this end, API management platforms need to enable the discovery, management, and control of integrations and APIs — in conjunction with other integration patterns — in a multi-vendor manner. A comprehensive view and control of enterprise assets set the foundation for helping you execute faster and differentiate yourself in the market.

While these efforts support an API product-driven strategy, it’s also essential to think about how audiences will find these APIs in the first place. A user-friendly API marketplace that caters to both developers and digital product managers supports API consumption and boosts monetization opportunities.

Meet the top API management vendors

With these key market trends in mind, you’re ready to evaluate potential API management vendors. Here are some leading API management platforms to consider.

1. Apigee

Apigee API Management is cloud-native but works on-premises. The platform supports enterprise-grade application flows and has a strong set of industry API accelerators. However, it is increasingly reliant on the company’s broader Google Cloud Platform for advanced capabilities.

2. Axway

Axway Amplify Platform offers a secure, open design that empowers organizations to tap into the full value of the digital ecosystem and leverage the IT infrastructure they already have in place. The platform provides a single-pane-of-glass view to control APIs and integrations across all environments and repositories. The launch of Amplify Enterprise Marketplace confirms a strong emphasis on generating business value, making it easy to productize and package APIs for consumption.

3. Kong

Kong is an open-source company that creates, manages, and extends your APIs and microservices. They have invested heavily in development and testing, and are centered on developers as opposed to offering robust tools for product managers or governance.

4. MuleSoft, a Salesforce company

The API platform from MuleSoft creates an application network of apps, data, and devices, both on-premises and in the cloud. This hybrid integration platform includes iPaaS, ESB, and a unified solution for API management, design, and publishing, but its vision for universal API management requires the use of the vendor’s own flex gateway to truly be realized.

5. Akana

Acquired by Perforce, the Akana API management platform continues to strongly focus on portal-focused implementations that protect an enterprise’s REST-based APIs and corresponding flows.

6. Broadcom

Broadcom has shifted its focus to mainframe customers and select enterprise API management customers. The platform’s strong security focus has received investments for modernization to support cloud growth. However, the platform does not have a strong emphasis on developer experience or microservices.

7. IBM

IBM API Connect has been around a long time — starting with Data Power appliances, evolving to API Connect, and now navigating the merging of 3scale by RedHat. The platform has a strong focus on digital products that go beyond REST, but lacks interoperability with third-party gateways

8. Boomi

Boomi promotes itself as an “enterprise integration platform-as-a-service — no hardware or software to manage.” Dell Boomi provides on-prem and cloud offerings with lightweight API management functionality that tends to be complemented by other vendors where feature depth and enhanced security are required.

9. Amazon API Gateway (AWS)

Leading cloud provider AWS offers Amazon API Gateway, which is easy to set up and get running, but short on features. That’s because the platform is meant to be a pathway to other AWS services and can only be deployed in AWS environments.

Axway couples its platform with AWS cloud services to instantiate secure and scalable digital integration solutions that provide compliance services for their customers.

10. Azure

A key enterprise cloud provider, Microsoft Azure has added immense value to their cloud stack. The focus for Azure is not API management, but the company offers a simple, lightweight out-of-the-box solution for its cloud clients.

Enterprises requiring enhanced security, complex workloads, and extensibility to other integration patterns prefer to deploy an APIM solution, such as Axway’s Amplify Platform, in the Azure cloud.

Prepare for the future: invest in the right API management tool

Technology investments and implementations are never easy, and the time allotted to this task continues to shrink. There are a few resources than can help you select an API management vendor:

  • Analyst reports: reports from reputable analysts like Gartner and Forrester can help you assess a vendor’s standing and capabilities. Because they are independent, you’ll get an unbiased overview of the market and pros and cons of different solutions.
  • Peer customer reviews: hearing what other users have to say about a solution can be a helpful element in the decision process. G2, for example, rates products based on data sourced from product reviews shared on G2 as well as other online sources and social networks. 

Demands for faster time-to-market, scalability, and a degree of flexibility to customize solutions are all points of emphasis in current API management initiatives.

This balance of business and technical concepts reflects the current state of API management. It’s time to move beyond simply finding a gateway for APIs. Enterprises need full lifecycle API management alongside a marketplace for effective distribution.

Download the 2023 Gartner® Magic Quadrant™ for API Management for a more in-depth look at vendor pros and cons.


Gartner® Magic Quadrant™ for API Management, Shameen Pillai, Kimihiko Iijima, Mark O’Neill, John Santoro, Paul Dumas, Andrew Humphreys, Nicholas Carter, 11 October 2023.

The report was published as Magic Quadrant for Application Services Governance for the year 2013 and 2015, as Magic Quadrant for Full Life Cycle API Management for 2016; 2019-2022, Axway was recognized as Axway (Vordel) in 2013.

Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.