SOA Vs API Management

API management is concerned with managing external APIs where consumers are unknown. SOA Governance, on the other hand, is about managing services with known consumers.

SOA and API management are the same but different approach.  SOA has its reusability and loose coupling, web based access values, but it may not suitable for every enterprise.  SOA work will maintain its worth because it is always amenable to use in the newer Web technologies, for both development and integration.  API Management is about connecting different parts of a hybrid IT infrastructure including social, mobile and cloud.

o   API Management solution needs to integrate with SOA (at least Enterprise Service Bus) for sharing the metadata about the available enterprise data.

o   APIs are created as business approach to reach new markets with BYOD model, where are SOA is to reach web customers.

o   APIs provide SOA with a way to reach beyond the controlled environment of the enterprise, while SOA provides APIs with acceleration and proven design principles.

o   Defining a strategy for how to merge SOA and API management will be important(long term) to the enterprises.

o   So, we can say that both have close relation and both help customers for business agility. 

Comparisons

API Management	SOA Services
API Management is natural extension of SOA.  All API are services, but not all APIs are good services.	A set of components which can be invoked, and whose interface descriptions can be published and discovered.
API management is concerned with managing external APIs where consumers are unknown	SOA Governance, on the other hand, is about managing services with known consumers.
Web APIs more truly reflect the nature of the Web	SOA reflects the nature of  Web services
More suitable for cloud, mobile, big data platforms to involve external world to innovate new ideas.	More suitable within the enterprise integration
API management enables enterprise services through channels and new forms of innovative products and services.	A business centric architectural approach.
The API security model says ‘good old SSL is good enough.	Security is handles with high standards at the message lever in a complex way.
Its more on REST and JSON services	Its standards based and mostly on SAOP
In a lot of ways, you can think of it as the web for machine-to-machine communication	Its machine-to-machine and machine-to-people as well
Doesn’t require you to sit down and install special infrastructure or libraries to do machine-to-machine communication	Needs special software
Designed for reuse by many apps platforms.  API provides	Designed to reuse in standards basis over the web/connectors