Adopt an API-First architecture for business agility

With information at the heart of digital business, APIs (Application Programming Interface) become key economic vehicles. APIs are, in many ways, more important than the systems they expose and apps they serve. APIs become a key architectural point for integration and flexibility, extending the benefits of a service-oriented architecture (SOA) approach outside the core systems.

Clean integration mechanisms are required now that the IT organization is recognized as no longer being the developer of all applications within a business. Documented, managed and secured APIs enable LOBs to work with external suppliers and rapid application development (RAD) tools to create their own applications that remain conformant with corporate guidelines. APIs can also be used as an investment protection mechanism, allowing both sides of the API to evolve independently. For example, an API that converts an old-style interface to a new one decouples mobile provision from application modernization. Equally, an experimental mobile app can be replaced with a production-quality version without affecting the back end, if both work to the same API.

API definition can also pave the way to future developments without the need for immediate implementation. The publication of an agreed-on API enables developers to start work without the need for the API to be fully implemented yet.

APIs can be supported by stubs returning fixed results or error codes if access is needed, or simply defined for future use. Although this is not mobile-specific, it is helpful in decoupling the front-and back-end development stages by reducing interdependencies. APIs also facilitate the testing of mobile apps, which is a complex process that often involves outside parties. Of course, test devices should not be connected to production systems, and agreed-on APIs should support the creation of test harness, if no test system are available. Specific mobile test capabilities, such as simulated slow and unreliable connections, can also be implemented via a dedicated set of test APIs. When the test is over, the mobile app can be redirected to the production system by simply changing the address of the server.

Consistency and version control of APIs are vital in a robust mobile integration layer. In most cases, IT organizations have no control over the updating of mobile apps, so tagging over the air communications with version numbers is important. The communications code can then determine whether the available information is in a digestible format, or whether an upgrade is required. This provides flexibility in deployment, providing app and API developers with the ability to negotiate on acceptable formats, as well as encouraging or forcing users to upgrade according to policy.

Consider putting in place API management tools for large-scale deployments. These tools include analytics that monitor usage and direct future development and investment to the functions that are in heavy use by the mobile app portfolio. These tools may highlight APIs that are rarely, if ever, used and may be candidates for retirement to reduce code size and maintenance. Other relevant functions include control of access certificates to ensure safe access by third-party apps, as well as format and content transcoding to match different needs.