ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

— May 15, 2026 · 9 min read

EDI in the API era: why the two worlds are converging

EDI and REST APIs have long been presented as two opposing paradigms — one batch, file-based, AS2; the other real-time, JSON, REST. In 2026 the boundary is no longer a clean line but a grey zone inhabited by gateways, webhooks, and a shared semantic reference called EN 16931.

The eroding myth of opposition

For two decades, architects framed EDI and REST APIs as nearly hermetic worlds. On one side, the EDIFACT/X12 bus over SFTP or AS2, processed in hourly batches, validated by overnight Schematron runs, archived as signed ZIP files. On the other, the punctual REST/JSON API, idempotent where possible, documented in OpenAPI, instrumented by Datadog and called on demand by a front-end or service. One was associated with a "legacy" world, the other with the "modern stack".

This opposition rested on an implicit assumption: that transport, format and cadence were one technology decision. In practice, each of these choices is independent. An EDIFACT message can perfectly travel over an HTTPS POST to a REST endpoint. A JSON payload can be processed in a daily batch from a Cloud Function timer. AS4 PEPPOL has been delivering files within seconds since 2018. The philosophical separation between the two worlds was a legacy of habits, not a technical constraint.

Modern gateways: Stedi, Boomi, Workato

The cornerstone of the convergence arrived through actors often called "EDI-as-a-Service" or "modern EDI". Since 2022 Stedi has offered a platform whose ingestion API is REST, whose storage is event-driven, and whose output can be JSON, EDIFACT or X12 depending on the recipient. Its official SDKs in Node, Python and Go present X12 transactions as resources with a JSON schema equivalent for every version (5010, 6020, etc.). Developers no longer manipulate tilde-separated segments — they manipulate an object, and the gateway handles serialisation at the partner-network edge.

Boomi, in its AtomSphere, exposes both "EDI" and "Web Services" connectors in the same canvas, with a visual mapper that treats the two families symmetrically. Workato, MuleSoft Anypoint and more recently Tray.io have followed the same path. The unification is everywhere: EDI no longer sits as an enclave but as one format provider among others.

These platforms' bet: surface a modern API (REST + webhook) to the developer, and keep the EDIFACT/X12 complexity inside the gateway. The developer writes POST /transactions/x12/850 with a JSON body; the platform produces an ISA/GS/ST with segments in order, signs over AS2, and emits a webhook once the 997 comes back. The developer never sees a single EDIFACT tilde.

The 4-corner model as an API contract

One layer up, the PEPPOL 4-corner model has quietly reinvented the idea of an API contract at the scale of a continent. In this model, the sender (Corner C1) knows a "logical endpoint" — an identifier iso6523-actorid-upis::<ICD>:<value> — and delegates routing to its access point (Corner C2). The network resolves that identifier via SMP (Service Metadata Publisher) and SML (Service Metadata Locator) to discover the right destination access point (Corner C3) and the business capability accepted.

The parallel with a REST API is striking. SMP plays the role of a service discovery; the PEPPOL BIS Billing 3.0 profile plays the role of an OpenAPI contract declaring the accepted resources (Invoice, CreditNote); the Corner C3 access point plays the role of an HTTP gateway that validates the payload before delivering it to the business application (Corner C4). The big difference — and it is what still sets PEPPOL apart from a public API — is that capability negotiation goes through a signed global registry, not a hot introspection. But the analogy holds.

Webhooks, EDA and the end of the nightly batch

The other strong signal comes from webhooks. Where EDIFACT historically required a batch cycle (the partner polled an SFTP folder hourly), PEPPOL access points and modern gateways now emit HTTPS callbacks as soon as a message is delivered, validated or rejected. An INVOIC received at 14:23:15 triggers a webhook at 14:23:17 on the URL registered by the recipient. EDI thus becomes event-driven without giving up its native format.

Internally, this shift translates into the adoption of EIP patterns historically associated with APIs: idempotency on message keys (UNB/0020 or ISA-13), exponential retry on HTTP failures, dead-letter channel for repeated rejections. Those patterns have been documented since 2003 by Hohpe and Woolf, but they gain visibility in EDI teams as the daily batch recedes.

GraphQL and the internal pivot

The most discreet pivot happens inside ERPs themselves. Since 2021, SAP S/4HANA Cloud has published a GraphQL layer over its historical BAPIs; the SAP Integration Suite now exposes IDoc flows (SAP's "internal EDI" format) as events consumable by any connector. Workday, NetSuite and Microsoft Dynamics 365 are following a similar trajectory. Outbound EDI is no longer produced by a nightly batch reading the ABAP database, but by a microservice subscribed to an internal event stream — which serialises to EDIFACT, UBL or JSON depending on the partner.

This internalisation has a strong practical effect: decoupling between the ERP and the partner becomes testable. We can replay an event, mock an access point reply, simulate a PEPPOL rejection in a sandbox environment. EDI pipelines fall under the same CI/CD checks as internal APIs — a topic explored on the Testing EDI pipelines page.

What does not converge — yet

Not everything melts into the same pot. Three differences remain stable and will keep resisting in 2026:

  • Cryptographic non-repudiation. AS2 (RFC 4130) and AS4 (OASIS ebMS 3.0) carry a cryptographic non-repudiation-of-receipt (NRR) — the signed MDN for AS2, the signed receipt for AS4 — with no native equivalent in a REST API. Financial and public sector actors, who need that proof for legal purposes (archiving, dispute resolution), stay attached to those protocols.
  • Decade-long versioning. An X12 850 transaction written in 1997 must still be readable in 2030. An OpenAPI schema published in 2017 will already have been replaced twice. The versioning discipline of EDI standards is, paradoxically, more rigorous than that of public APIs.
  • Shared semantics by default. When you publish a REST API, you publish your own vocabulary. When you send an invoice in PEPPOL BIS Billing 3.0, you stand on EN 16931 — a vocabulary shared by 27 member states. Onboarding a new partner is asymmetrically cheaper on the EDI side.

The connector's pragmatism

The right 2026 reflex is no longer to choose between EDI and APIs, but to designate each axis explicitly: business format (EN 16931, X12 850, custom JSON), transport (AS2, AS4, HTTPS, SFTP), cadence (batch, webhook, synchronous). Modern gateways make that mix-and-match easy, and the 2005 philosophical opposition gives way to the connector's pragmatism. A modern integration chain looks more and more like a graph of transformations where EDIFACT, JSON, and webhooks cohabit without hierarchy.

To dig further, the PEPPOL architecture gives a great concrete example of what an API contract at continental scale has become in practice. And the analysis of EDI patterns in 2026 shows that the time-tested EDI recipes (idempotency, DLC, claim check) are now universal tools, independent from the format carrying them.