Abstract
Service Oriented Architecture (SOA) has evolved from business-to-business interactions, into the new API model that enables open partnerships and interoperability with just about anyone. In SOA, terms of service (ToS) and service level agreements (SLAs) were agreed upon on one-to-one basis, as the Web service interfaces were defined. In contrast, API ecosystems appeal for self-serve and instant gratification, being able to access, try and buy an API with a single click. As business teams and citizen developers access API ecosystems, they will want to quickly identify APIs that conform to their legal and usage terms requirements. For example, a large, established enterprise would not be as keen to give up their brand permission easily through use of a 3rd party API, whereas a citizen developer would probably not be concerned too much. Therefore we see a need to be able to automatically assess API terms of service to facilitate comparison and selection of multiple APIs from different providers. To enable API consumers to navigate this flood of APIs, we present a system that simplifies API terms of service creation and assessment. The core of the proposed system is a common API terms of service data model, which captures legal and entitlement capabilities. The system enables profile-based search, thereby allowing users to specify their terms of service requirements relevant to different roles that they may have in the ecosystem (e.g. citizen developer, enterprise procurement officer, etc.).