Simon Dickersonis a technical sales engineer for IBM covering API Management, Cast Iron cloud integration and mobile application development with IBM Worklight. He has an engineer degree and has worked with a broad range of computing technologies and focuses on the benefits of technology to the end user.
Hidden within the code of any mobile application (app) that communicates to a source of data is an API call. This API call is invoked to request data from a server, for example in a banking app the API call might return your bank balance, or it might send data to the server, such as a command for your bank to pay a bill.
This will be perfectly obvious if you are a programmer. After all, how else is your application going to get (or put) data? But underneath the obvious is something a little less so. How does that organization build the APIs and expose them to the mobile app?
How to build APIs and expose them to a mobile app?
When considering the app developers
- Mobile app developers like REST APIs and prefer data in a JSON format. XML is OK too. But having to call a SOAP service makes things harder. The trouble here is that many backend data sources could be legacy systems without a REST interface. The likelihood is that to expose this data, some development might be needed to build a REST service for the app developer.
- The app developer needs to know how to access these APIs. This entails building some kind of portal that publishes all the documentation and code samples that the app developer will require.
When considering the organization
- As soon as you start exposing services you open up those services to attack. So you need a security gateway to prevent, for example, denial of service attacks.
- Some form of user authentication/authorization may be needed. This is commonly OAuth but if the app is for internal employees your existing LDAP services might be needed.
When considering performance and user experience
- If an API is slow in returning a response, this directly impacts the users of the app and they will not be using the app for long.
- An app has to be considered as a product and a bad user experience with a product will reflect badly on the organization.
To expose your data to a mobile app, you can build out the services indicated above or implement an API Management solution. IBM API Management is a solution from IBM to do just this.
Implementing an IBM API Management solution
Key capabilities of IBM API Management include:
- Cloud or on-premise solution
- Security gateway using IBM's trusted DataPower technology
- The ability to proxy to existing REST Services
- The ability to create new REST APIs by connecting to databases and web services
- Aggregation of multiple backend services and data filtering
- A developer portal that can be set up in a matter of minutes
In addition, there is performance tuning and caching, and a comprehensive analytics capability that enables you to search and analyze business information in the API messages, important information over and above simple API statistics.
I have just finished a couple of chapters on the IBM Redbooks Publication for API Management. The IBM Redbooks publication details both the theory of APIs as well as a describing a practical implementation. Check it out.
For IBM API Management related blog posts, see:
- Securing your APIs with IBM API Management
Mobile applications and the need for Application Programming Interfaces (APIs)
For IBM API Management Redbooks publication, see:
- Exposing and Managing Enterprise Services with IBM API Management (the draft is available now!)
Likes before 03/04/2016 - 0
Views before 03/04/2016 - 4611