Industry Application of APIs

APIs have become the default path to integrating solutions. API interfaces provide “contracts” between software solutions or within different parts of a solution. API specifications are driving changes in how solutions are being developed and made available, and they are a major source of revenue for some technology companies. By adopting and standardizing APIs, business innovation is being propelled throughout all industry sectors. In 2021, Gartner suggested that in 90% of solutions APIs expose more systems than UIs1.

Here’s a look at how APIs are making a major difference in several industries.

APIs in financial services

Traditionally, the financial services sector has been dominated by a small group of very large, global businesses. In 2007, within the European Union and the European Economic Area, the means to make payments needed to be standardized to open the market to greater competition and innovation. This led to the original Payment Services Directive, which proved successful. In 2018, legislation within Europe for the revised Payment Services Directive (PSD2) extended the scope of the original goal to impact payments to EU businesses. PSD2 has had a positive impact on the industry, helping usher in a new generation of standards, such as open banking. America and Canada also have their own API standards, facilitated by the Financial Data Exchange organization.

Oracle provides a wide range of solutions for the financial services industry. To find out more about Oracle’s applications and cloud services as well as our use of API standards, check out the following resources.

Learn more about APIs in banking and finance

APIs in hospitality

From linking key cards to hotel reservations to charging food and drink to your room, the modern hospitality experience is incredibly interconnected. Take, for example, the behind-the-scenes orchestration of hotel reservations and pricing with different third parties, such as Expedia and Trivago.

Most hoteliers see themselves as service providers, not technology companies. In fact, many of these capabilities came about by using a wide range of smaller specialist software providers. To help hotels build efficient, connected, and agile business processes, Oracle Hospitality has been rebuilding its products as SaaS solutions. And we understand that our new SaaS services need to support integrating many third-party solutions without expensive development work, which is why the Oracle Hospitality Integration Platform (OHIP (PDF)) was born.

OHIP provides a unified API platform for third parties. With OHIP, hotels can integrate third-party services, such as P3’s online check-in and check-out service or Best Western’s central reservation system that integrates with Oracle Hospitality OPERA Cloud Property Management. OHIP enables hotels to be more efficient, offer better guest experiences, and ultimately be more profitable. The OHIP platform embodies best practices for supporting API development and consumption, from mocking tools and test endpoints to the use of streaming APIs to make the consumption of API events efficient.

Learn more about APIs in hospitality

APIs in healthcare

In an industry undergoing tremendous technology transformation, APIs have become essential. The use of APIs in healthcare has been driven by an array of factors, including:

  • The growth of health sensors in personal devices that share data using healthcare industry-defined standard APIs and data definitions. Devices, such as smartphones and watches, are equipped with sensors that can collect reliable measurements of blood pressure, sleep patterns, blood oxygenation, heart rate, and other medical data for remote monitoring.
  • The increased use of these devices has driven the commoditization of networks, batteries, and other mobile components, allowing more specialized monitors to become network and API enabled in a practical and cost effective manner. All of this is powering massive growth in the remote patient monitoring market, which is forecasted to grow by 25% per year for the next few years.
  • While less visible, the need for cost efficiencies and the ability to provide rapid decisions has driven integration between healthcare providers, healthcare insurers, and others central to the decision-making for care provision. Ultimately, providing healthcare is a time-sensitive activity, and APIs offer a quick, efficient, and reliable means to speed processes along.
  • Legal and service supplier/provider agreements demand data flow through automated/integrated channels. For example, Medicare providers must have a compliant Electronic Health Care Record (EHR) solution, and compliance includes working with Medicare APIs.
  • Technology and its connectivity are becoming so crucial to healthcare that technology providers, such as Oracle, are investing in or acquiring healthcare companies. For example, the acquisition of the global healthcare services provider Cerner.

So many different solution providers need to interoperate and consistently communicate that the industry is trending toward developing common standards for integration. In the healthcare industry, Health Level 7 (HL7) has been adopted as an international standard. HL7 is extensive and includes the development of REST API specifications for communicating data, such as patient records. Fast Healthcare Interoperability Resources (FHIR) is the patient record API specification and forms part of HL7. The adoption of FHIR is central to enabling a vast range of services, such as patient journeys and the discovery of patterns in healthcare that can help isolate causes of illness. The adoption of FHIR has progressed to the point that Apple uses the standard to communicate the health data created by their phones and watches.

While healthcare-specific APIs facilitate interoperability and innovation, healthcare, as an industry is probably the most data-sensitive there is given the volume and personally sensitive the data can be. This makes the role of robust infrastructure security, application development, and, critically, the effectiveness of an API gateway essential. While firewalls and related infrastructure services help secure the basic platform, they aren’t defined to support each specific individual service or endpoint. It is API gateways that sit at the intersection of application and business logic security controls (i.e., which applications can interact with a specific service function along with when and how they interact) and identity and access management products.

How does this impact Oracle? The importance of standards for healthcare APIs will be understood and support for FHIR and other medical standards will be incorporated into its solutions. With the recent acquisition of the healthcare information technology company, Cerner, Oracle will be enhancing and optimizing its services by migrating them to Oracle Cloud Infrastructure (OCI). To enable the use of APIs, API definitions and documentation need to be available. The need for access to this information drives the need to provide developer portals, such as those provided by Cerner. The Cerner product family also provides APIs so third-party specialist organizations can integrate their services into solutions, such as the Cerner EHR that enhances clinicians' ability to care for their patients, from simplifying patient experience to allowing a patient’s genetic analysis to inform clinical prescriptions.

Learn more about APIs in healthcare:

APIs in telecommunications

Interoperability has been the center of the telecoms industry from day one. The industry’s business model depends on smooth and secure connections across networks, connecting one telecom provider to another—both nationally and internationally—and cross-charging for such calls between the providers. With today’s digital mobile network, customers can switch their mobile providers by simply providing the new provider their phone number and other details. All these business practices have been supported through common processes, vocabulary, and, of course, APIs described by an agreed standard called TM Forum. To support our telecommunications customers, Oracle Communication’s solutions are certified as conformant.

Learn more about APIs in the telecommunications industry:

APIs in utilities

Like healthcare, the utilities sector has been experiencing significant transformation. API and API security have been vital in supporting these transformations, many of which have been driven by the need to be greener and more energy efficient. This includes key business changes, such as:

  • The ability for domestic consumers to see their power consumption in near real time, rather than on a monthly bill.
  • The ability for micropower generation—small-scale production of solar, wind, and thermal-based power—to be sold back into the power grid.
  • The need to manage power generation and distribution using greener sources, such as wind, solar, hydro, and thermal, which are more likely to fluctuate hour by hour compared to the burning of coal and gas.
  • The ability of people to switch energy suppliers, enabled through legislation to promote competition in the industry, which helps market forces influence the adoption of green energy.
  • Energy trading between suppliers and generators propels competition and innovation to drive down costs as our power consumption grows.

Clearly, customers are becoming more empowered to control their energy use through apps and smart devices, supported by solutions, such as the smart meters developed by Chubu and GRDF. The growth in the adoption of electric vehicles is making people more aware of the best times to draw energy to charge them. As we reduce our use of diesel and gas for vehicles and make use of electric cars, the demand for power generation is expected to increase with fluctuations in demand becoming ever greater—moving from demand surges during TV ad breaks as the kettle goes on to cars being plugged into charging ports at the end of the rush hour.

Industry regulators are working to make energy supply more competitive through energy trading marketplaces and encouraging the development of greener energy sources as consumers (domestic and commercial) take ownership of their carbon footprint. Trading drives the need for information to anticipate fluctuations in power demand. And micropower generators that use wind and solar and sell their excess energy back into power grids require automation to work cost effectively.

The ability to provide and draw information using APIs from different information sources has been key to thriving or failing. Security provided through API gateways and other IT infrastructure is becoming essential. Data sensitivity is less critical compared to industries, such as healthcare. Still, defense against bad actors trying to disrupt services is more important than ever as the management and use of power becomes ever more connected, and its continued supply becomes more critical to businesses. The International Energy Agency (IEA) Power Systems in Transition 2020 report discusses these factors in detail. Compared to other industries, the utilities sectors are heavily regulated, and APIs are often managed by semi-public or contracted service providers at a state or national level. As a result, API specifications are not always as standardized. End-consumer APIs from energy suppliers are commonly available, but again, standardization can vary across states and nations.

In the future, vehicles will demand communication relating to power as they move toward kinetic power generation from roads and paths, where vehicles will need to exploit the ongoing development in near-field energy transfer. But that infrastructure will need to be paid for. We’ll see vehicles communicating information about how much energy they draw from the kinetic supply on roads with the providers of that energy. Such developments are likely to be seen along with developments around driverless, or at least self-driving, cars. Self-driving vehicles will create the need for new APIs to enable vehicles to automatically negotiate with traffic signals and other vehicles (known as vehicle-to-everything or V2X) as they approach junctions so that lights change to provide the most efficient traffic flow. In the future, drivers may no longer need to slow or stop at junctions as traffic lights get more intelligent. All these interactions are going to demand APIs. While we see evolutions in how APIs work, as we have with the progression through versions of HTTP, the fundamental mechanisms of how APIs work are not likely to change (structured, payloads linked to a structure, and meaning with the messages being stateless).

Learn more about APIs in the utilities industry


APIs are a crucial technology for consumer services, business-to-business, device-to-device, and even for individual processes within a service, product, or organization. To maximize the potential APIs offer, several key steps should be taken:

  • API first or API led. Design and describe the API before building solutions.
  • Safety. APIs need to be safe and secure solutions.
  • Certification through compliance. Companies need confidence that a solution will communicate as required. Certification helps ensure this, particularly for sensitive data.

Oracle’s cloud services are all built and developed from the API specification. From the API definition many OCI services will have their skeleton built, which influences the UI as all client interfaces invoke the same APIs that Oracle publishes for clients to use. The same APIs are used to build the software development kit, Terraform core, and inter-OCI connectivity. Long before questions about storage schemas are addressed, developing a new service demands a lot of thought about the API and how the service may be used.

As mentioned before, the amount of a solution that is exposed is becoming more significant through using APIs rather than UIs. This demands that the API be safe and secure. If the API is secure, the UI will become inherently more secure. Oracle takes security and compliance very seriously. Which is why Oracle solutions have a proven track record in sensitive data use cases, such as clinical settings, government, and even defense. OCI and OCI API Gateway have been validated against more than thirty national or international standards. This is before taking into consideration compliance with specific specifications in different industries.

1. Gartner, “API Security: What You Need to Do to Protect Your APIs,” Mark O’Neill, et al, refreshed 13 January 2023, published 28 August 2019, ID G00404900.