Digital Developer Conference: Hybrid Cloud 2021. On Sep 21, gain free hybrid cloud skills from experts and partners. Register now

Create financial applications using APIs on mainframe


Banks and financial institutions are adopting open banking initiatives to comply with evolving banking regulations, such as the Payment Services Directive (PSD2), to meet customers’ digital expectations and to adjust to new technological innovations. APIs are at the core of such initiatives, allowing banks and financial institutions to leverage existing assets combined with the latest innovations, and providing an agile mechanism to quickly and efficiently develop new applications with partner ecosystems. This pattern utilizes API calls to business operation processes running on a core banking system.


Developers in financial services require fast, reliable, secure ways to deliver software innovation that meets customer expectations for high-quality experiences – all while meeting strict compliance requirements. Forty-four of the top 50 banks trust IBM Z to run their mission-critical banking applications. APIs provide a secure mechanism to empower developers to use core business services to continuously build, refine, and deploy apps quickly.

This pattern uses a hybrid cloud architecture to access simulated retail bank applications on an IBM Z mainframe via banking APIs published on IBM Cloud. Like a retail bank, these APIs access an account management system, a customer management system, and machine learning.

Three banking APIs have been designed using IBM z/OS Connect EE and published using IBM API Connect server hosted in IBM Cloud to access the various mainframe subsystems. In this pattern, there are three kinds of banking APIs:

  • API managing banking customer information
  • API managing banking account information
  • API requesting loan approval



  1. The user calls one of the published banking APIs through the banking application.
  2. The banking API calls a service in one of the provider cloud (mainframe) subsystems through the IBM Secure Gateway service. According to a configured access control list (ACL) file, the DataPower Gateway authorizes or denies the incoming request.
  3. If the request has been authorized by the IBM DataPower Gateway, it goes to the expected mainframe subsystem.


  1. Discover and test the banking API.
  2. Make your own banking application.
  3. Extend the banking application in Cloud.