Following on from my previous post Not All Integrations/Automations Are Made Equal I want to share with you how we tackled the problem of esoteric and unmaintainable integrations for our customers. I felt very strongly that non-technical business process users could easily use these integrations without the need to have a deep technical understanding of APIs, coding and authentication schemes.
Hornbill has the ideal canvas in its business process tool, its an intuitive, graphical canvas that allows you to draw diagrams of your business process so Hornbill can orchestrate the flow for automated and human tasks. Expanding this capability to also be able to orchestrate automated tasks on other systems seemed like the next logical step for us to take.
Now as a general rule there are real technical challenges when trying to integrate with other systems. I am not going to go into too much detail here but I would like to highlight the key points.
- Most API’s now days on modern systems use HTTP as a transport for their API’s, this is a good thing. However, this is also a very flexible, so while some use JSON as a payload, others use XML, some XML implementations are relatively simple and others are just ridiculously over-complicated for no good reason. (Yes Microsoft, you should be better than this).
- Modern software systems like to call their APIs RESTFul which is supposed to be a simple alternative to things like XML-RPC and SOAP. But every implementation is different, some use custom HTTP Verbs, others try to fit their business logic into some pre-defined standard verbs. The bottom line is, every RESTful API is created with slightly different philosophical design approach.
- Interoperability is where things go very wrong. Yes, XML, HTTP, SOAP, JSON are all “standards” but they are foundational standards, none of them tell you how to represent data for a given system, primarily because every system is different so these things have to be “glued together”
- Stateless or Stateful, yes this is yet another layer of complexity. Some consider it to be more secure to establish and maintain a state (log in, keep session and log out when done) while others advocate stateless, for example using tokens or API keys.
- Authentication is probably the single biggest headache when building integrations, its security so by nature its complicated. There are many competing standards, which are also complicated, some examples are OAuth1, OAuth2, SAML, WS-Security, API Keys, Basic, Digest and a whole range of product-specific schemes too. Even worse, things like OAuth and SAML often require three phase authentication processes which need you to interact with the services own UI when trying to connect and authenticate.
If you have ever tried to integrate with something yourself you will recognise some of these difficulties for sure.
In order to solve these problems for our customers, we started by trying to understand what problems our customers have when trying to do this. We looked at the use cases for integration and we looked at many systems that have API’s to enable integration, we looked at tools that can integrate with other things and we looked at tools in the cloud that are specifically designed to integrate one thing with another thing. In almost all cases there was a common theme, things get VERY technical VERY quickly, and almost exclusively there was the “get out of jail free” coding environment that one would need to use a lot!
There is no escaping the need for “glue code” when connecting systems together, when transforming messages and data from one system or another, the only real practical way is to use code, which left us with a dilemma, we either relax our “No Code in the BPM” policy and make our customers responsible for creating the glue code, or we take on the responsibility of creating the glue code ourselves so our customers don’t have to…. Care to guess which path we took...?
Enter “Hornbill iBridge” (meaning Hornbill Integration Bridge), and it does pretty much what it says on the tin, it’s the bridge between our very powerful BPM tool and a large (and ever growing) number of pre-canned integrations ready to use. The iBridge is a containing execution environment that hosts and runs our glue code, each and every integration has been built and tested by us. Under the hood there is an integration development environment that allows us to rapidly build and test integrations. The iBridge requires that integrations are exposed to the BPM in a business-friendly and non-technical way, and finally, the iBridge solves the problem of authentication.
KeySafe is a new security feature of the Hornbill Platform that allows a complete de-coupling of security credentials and business process design. Imaginatively named based on the fact it’s a “Safe” place to store digital “Keys”. In essence, you can setup your credentials to the various systems you want to integrate with in KeySafe, giving each credential a name, within this environment you can do whatever two-phase or three phase authentication process is required by the service you are connected to, and once authenticated the credentials are safely locked away, encrypted, secure and safe. These keys can later be used within the BPM environment without ever exposing the details of the credentials. KeySafe+iBrdige even handles the complications of refresh tokens completely automatically, logging every security even for full audit purposes.
The Hornbill iBridge was introduced at our recent customer event Hornbill Insights 17 and because of our “Priced for Life” policy and commitment to customer loyalty, all existing customers get full access to the iBridge for free for as long as they remain a subscribing customer. We have also opened up a community forum to take requests for new integrations which we have committed to build as we are keen to expand our integration portfolio. As of right now we have over 400 built and tested integrations with 30 of the most common authentication scheme variations fully implemented and tested ready to use by our customers. Here is our sticker portfolio of systems we have pre-built integrations for.
You might have noticed from the above stickers, we have also committed to integrate with any system without commercial or competitive prejudice so we have even built integrations with competitive products including Jira, Servicenow, BMC, Freshservice, ZenDesk and Salesforce. We have even built an integration with Hornbill so one Hornbill Customer can easily integrate with another Hornbill Customer instance if required. One of the more exciting things our customers have reported is our integration into infrastructure and Tier 1 cloud solutions like Office365, Azure and Amazon Cloud making it possible for organisations using these services to automate provisioning of users, accounts and servers.
Now these are big claims and I can understand why you might think that too, we have all heard this before, its never that easy right - well the best way I can think of convincing you is to show you some short videos so you can see for yourself how easy we have made this very complicated task, you can integrate with things in a few minutes without any technical expertise - watch and see for yourself...
Integrate with Twitter
Integrate with Slack
Integrate with Trello
Integrate with Servicenow
Integrate with Microsoft Azure, Salesforce and Hornbill
Integrate with Twillo SMS and Microsoft Azure
We have only just got started with integration, we have a lot more to come so watch this space. In my next article, I will be talking about our integration with Microsoft System Center Orchestrator for behind the firewall IT automation.