API development

A well designed or well integrated API will allow your organisation’s data to flow securely and efficiently to customers, suppliers and internal teams.
API development

Designing your API

An application programming interface or API is built for consumption by other applications. It needs to be reliable, scalable and simple to integrate with. At OWA, we can assist with the design and creation of new APIs, and additions, maintenance and documentation of existing APIs, along with integrations with third-party APIs.

Do you need to provide an API to expose data or services? We can review your existing codebase to determine how this may be made available outside your application. The design will take into account the most suitable style, such as REST or GraphQL, the format used for data transfer, for example JSON or XML, and authentication, API versioning, resource organisation and request / response / error formats.

We will discuss the pros and cons with you, taking particular care to ensure your API is designed correctly first time to reduce the need to make changes in the future. Once an API is released, it can be very difficult to redesign and redevelop without affecting users and requiring them to make corresponding changes to their own systems.

API development

We can assist with the development of your API, even if we were not involved in the development of your existing system. With our experience of working with third-party developers and adopting ownership of third-party systems, we can advise on and undertake the necessary development to take your API into production. 

Our API development service covers backend APIs for mobile apps, integration with online forum software to allow posts and other data to be transferred, providing memberships and payments data to back-office systems for processing, and also providing APIs to integrate with a large network of video recording and storage devices.

While we recommend working with newer more standard technologies when creating APIs, we recognise there’s sometimes a need to use or integrate with legacy systems. We have experience working with API technologies such as SOAP and RPC and can assist with the creation of new APIs in legacy codebases, allowing functionality to be added while retaining existing systems at a much lower cost than a full redevelopment.

OWA team reviewing a new API integration
New features provided by API integration
API integration in development by the OWA team

Keeping your API secure

The addition of an API does open up another avenue for attackers, especially for APIs which must be made available over the open internet, so we ensure API security is a priority consideration. All our API design and development follows the OWASP ASVS best practices for secure development, in particular section V13 (API and web service) which ensures that the functionality exposed by the API has the correct authentication and authorisation, validates data sent to the API and the relevant security hardening.

Depending on the requirements of your API, we can discuss the possible security threats which may exist and suggest mitigations such as signing API communication or detecting and blocking or throttling unauthorised use.

API integration

As well as creating APIs, we can also assist with the integration of existing internal or third-party APIs. Many common Software as a Service (SaaS) applications – for example those used in payments, document management, social media and customer relations management (CRM) – have APIs available which can be used to automate certain functionality or provide additional services.

We have experience integrating with many common SaaS APIs, including Salesforce to allow leads to have accounts set up via an API, MailChimp to enable the automated management of email lists, and a number of payment providers, including Barclaycard EPDQ, Stripe and Worldpay, to integrate complex payment flows.

OWA team scoping an API integration
API integration planning in course
Hosting and supporting API integration projects

I would recommend their services.

Say Eng Loo, senior applications analyst, London borough of Camden
Find out more about our web app services

Find out more about our API development services

API development and integration can transform data flow for your organisation and your users.