Definition
An application programming interface (API) is a set of rules, protocols, and tools that allows different software applications to communicate with each other. It acts as an intermediary layer that allows the transfer of data between different systems, services, and libraries.
APIs will generally fall into one of the following categories:
- system level APIs: low-level APIs that are exposed directly by an application.
- process level APIs: APIs composed of other System APIs through orchestration and choreography.
- experience Level APIs: APIs intended to ease the adoption of API integration between an organisation and its external consumers.
APIs may also be grouped as:
- private APIs, being utilised to facilitate internal system-to-system connection
- partner APIs, being used to connect entity business partners to the relevant systems needed for government service provision
- public APIs, being used to connect external parties to government systems and data.
Purpose
APIs enable entities to open their application data and functionality to internal branches, business partners, third-party developers, and other key internal and external stakeholders, allowing for seamless collaboration and information sharing.
API capability is realised through:
- deployment and use of system-specific APIs provided by technology platform suppliers to allow direct system interface and system-to-system interoperability
- use of API gateways, both proprietary and open source, that allow the connection of single or multiple APIs in addition to providing routing, monitoring, and security and access control functions
- development and release of system-specific APIs by platform owners, typically Commonwealth entities responsible for platform development and maintenance
- supply of APIs at the discretion of the developing entity, dependent on the interoperability context (e.g. internal, intra-entity, internal).
Objective
The objectives of this content are to:
- enable interoperability between Commonwealth entities
- facilitate sharing of non-sensitive data, where suitable and in accordance with Information Asset Management guidelines, to individuals and organisations who might use it to the benefit of the Commonwealth
- consolidate and standardise API solutions with aligned functions to increase efficiency and reduce the complexity of government service delivery
- establish and implement consistent standards or designs where entity solutions require API use
- ensure that new solutions that require the use of APIs draw efficiency from preceding investments, implementations, and learnings
- recognise and protect the Commonwealth’s investment in the development of APIs as a valuable ICT asset
- promote decoupling of business systems and processes to ensure agility when upgrading or modifying an entity’s ICT environment
- encourage adoption, where suitable, of low-code to no-code solutions that allow the development of APIs through a human centred interface rather than programmatically
- maximise the potential for reuse across government when implementing new systems that need APIs
- reduce implementation risk through the reuse of proven designs within government
- leverage whole-of-government purchasing arrangements for the supply of technology supplier-specific APIs.
Whole-of-government applicability
The Data and Digital Government Strategy (DDGS) sets a vision for 2030 to deliver simple, secure and connected public services for all people and business, through world class data and digital capabilities.
API capability will be key to the DDGS missions of ‘Simple and seamless services’ and ‘Delivering for all people and business’. APIs solutions are employed by Commonwealth entities of all sizes, allowing data exchange between entities and with other organisations/individuals, supporting progress against the mission objectives to:
- ‘maximise value from data’ - requiring all Commonwealth entities to make non-sensitive data open by default in compliance with relevant laws and appropriate privacy, security and ethical controls for sharing sensitive data
- 'deploy scalable and secure architecture' - adopting existing and developing new data and digital standards to improve interoperability and encourage innovation
- 'tell us once' - strengthening use of data and digital technologies and capabilities to enable a ‘tell us once’ approach.
Policy Elements
-
Utilise api.gov.au as a central resource
api.gov.au is maintained for whole-of-government API development and distribution. It includes templates and provides visibility of the new API releases. The site provides guidance on what is expected as the minimum standard for API development and maintains a repository on which APIs should be published where it is secure to do so.
-
Understand the evolving API technology environment
Maintain an awareness of current and emerging API development best practices to inform decision making on the development and design of API approaches.
-
Lower development and maintenance complexity
Use of a low-code/no-code development approach over customised APIs can provide numerous benefits, where it is an option to do so.
-
Determine an API release, fair use, and distribution strategy
API owners have discretion over how, and to whom, they release APIs that facilitate interfacing with their systems. A transparent approach should be taken regarding availability for release, conditions of use and the distribution mechanism.
-
Adhere to reuse principles
Entities must prioritise the reuse of existing APIs, patterns, or knowledge. Where it is necessary to design new solutions, entities must develop them with a focus on future reuse. Focus on continual improvement of processes, features, data, security, technology, skills, and cost, to maximise functionality, reduce risk, and minimise accumulation of technical debt.