Creating Real, Secure, Production-Ready APIs the Easy Way for Your IBM i


An IBM i developer called me recently to discuss their challenges with API enabling their IBM i. He had been experimenting with several tools that easily generate an HTTP endpoint for accessing a DB2 table or an RPG program. However, as he got deeper into building the APIs his company needed, he found that he still had a lot of code to write.

This is a common concern we hear from IBM i customers. When looking for “ease of use” for building an API, they want more than just a simple HTTP endpoint. They need the latest security (TLS, encrypted tokens, OAuth, etc.), high-speed data transformation, error handling, logging, and support for vendor SDKs. Once they begin production on the APIs, they need to be able to troubleshoot problems, deploy updates, control access, and monitor performance. “Ease of use” for those customers means providing solutions for all these challenges.

For example, we worked with a client who wanted to provide their customers with the ability to check the status of their orders from a mobile device. At first, this seemed like a pretty straightforward task—just API-enable the orders table and then use the order number to track the order. However, when they started to implement this plan, they realized that there was much more involved. They had to generate the JSON Web Tokens for secure access. To protect the security of the data, they had to check an authorization list to control which records each user could see. For example, customers could only see their orders, the company’s salespeople could see only the orders for their customers, and the customer service staff could see all orders. They had to provide “call in” APIs to get the order information from the IBM i and then “call out” APIs to use the order information to get the shipment tracking data. The process looked something like this:


Creating the APIs for this obviously requires more than just creating an HTTP connection to a file or program. There is work to be done. Yet, that does not mean that the creation process can’t be simplified. There is already code available to perform most of these functions; you just need an easy way to use it.

In this case, we used Eradani Connect as the API layer. Eradani Connect was able to simplify building this API integration in several ways:

  1. It provides the highspeed JavaScript-based data transformations necessary to move data from the IBM i to and from the mobile device and open-source APIs. This aspect eliminates the need for developers to parse the JSON and perform the data transformations themselves.
  2. Eradani Connect has the security code built to generate the JSON Web Tokens and connect to Active Directory, so it eliminated the need to write that code.
  3. Since Eradani Connect generates the APIs in JavaScript, the customer was able to simply drop in the Software Development Kit (SDK) code provided by Google and their transportation provider for accessing their APIs.
  4. When Eradani Connect generates the API code, it includes error handling, logging, and monitoring code, so the user doesn’t have to.
  5. As the customer was building and deploying the APIs, they had access to Eradani experts to guide them in design and troubleshooting.

The customer was able to get this system up and running very quickly because so much of the code for it had already been written, but the benefits don’t end there. Because they could use open-source code, they automatically get security patches, enhanced features, and new releases without coding them. It makes everything easier and more secure. We have worked with customers with a wide variety of API challenges and provided the same kind of API generation and automation. Our solution offers the “ease of use” that simplifies building and deploying real, production-ready APIs.

Get the latest Eradani Blog posts sent to your email.