Create financial applications using APIs on mainframe  

Utilize retail banking APIs to drive fast, agile innovation with mainframe hybrid cloud architecture

Last updated | By Alexis Chretienne


Banks and financial institutions are adopting open banking initiatives to comply with evolving banking regulations, such as the Payment Services Directive (PSD2), to meet customers’ digital expectations and to adjust to new technological innovations. APIs are at the core of such initiatives, allowing banks and financial institutions to leverage existing assets combined with the latest innovations, and providing an agile mechanism to quickly and efficiently develop new applications with partner ecosystems. This journey utilizes API calls to business operation processes running on a core banking system.


Developers in financial services require fast, reliable, secure ways to deliver software innovation that meets customer expectations for high-quality experiences – all while meeting strict compliance requirements. Forty-four of the top 50 banks trust IBM Z to run their mission-critical banking applications. APIs provide a secure mechanism to empower developers to use core business services to continuously build, refine, and deploy apps quickly.

This journey uses a hybrid cloud architecture to access simulated retail bank applications on an IBM Z mainframe via banking APIs published on IBM Cloud®. Like a retail bank, these APIs access an account management system, a customer management system, and machine learning.

Three banking APIs have been designed using IBM z/OS® Connect EE and published using IBM API Connect server hosted in IBM Cloud to access the various mainframe subsystems. In this journey, there are three kinds of banking APIs:

  • API managing banking customer information
  • API managing banking account information
  • API requesting loan approval


  1. The user calls one of the published banking APIs through the banking application. The API is called using an HTTPS request comprising a URI, a method access, data, and a header. This header contains authorization keys that allow the user’s application to use banking APIs. Those APIs are published in a secure API Connect server, hosted in the public cloud (IBM Cloud).
  2. The banking API calls a service in one of the provider cloud (mainframe) subsystems through the IBM Secure Gateway service, meaning that a Secure Gateway server has been set up in the public cloud, and a Secure Gateway client has been set up in the provider cloud, in front of the mainframe in a virtual IBM DataPower® Gateway. According to a configured access control list (ACL) file, the DataPower Gateway authorizes or denies the incoming request.
  3. If the request has been authorized by the IBM DataPower Gateway, it goes to the expected mainframe subsystem. Taking over the previous API introduction:
    • i. API managing banking customer information request the customer database on mainframe.
    • ii. API managing banking account information request the account management system through z/OS Connect Enterprise Edition.
    • iii. API requesting loan approval request the credit scoring service based on IBM machine learning for IBM Z.

Related Blogs

Two “edgy” AI TensorFlow models for you!

The global Call for Code is well underway, we want to share some visual recognition models which could help you. These AI models can operate on the edge, which could be particularly useful for this years’ theme: disaster preparedness. How could visual recognition help in relief work? From satellite and drone imagery analysis, to classifying...

Continue reading Two “edgy” AI TensorFlow models for you!

Leveraging the power of AI at Unite Berlin

Last week, from June 19 – 21, we were at Unity’s premiere in Berlin: Unite 2018. This conference brought together Unity’s video game and development community. Unity touches 770 million gamers all over the world and is the market leader for consumer AR and VR use cases and is also rapidly emerging as the market...

Continue reading Leveraging the power of AI at Unite Berlin

Related Links

Digital Transformation

Secure your APIs

Use a combination of Liberty for z/OS features and z/OS Connect EE security capabilities

Measuring API workloads with WLM

Use z/OS Workload Management to classify API requests and Resource Management Facility to measure z/OS Connect EE API workloads.

IBM Z blog

Learn how to incorporate financial data into your app to aid disaster-recovery efforts.