Modern App Development - Low Code
Low-code platforms enable you to build, test, and deploy enterprise apps faster than traditional hand-coding. These platforms are well suited for building opportunistic apps in collaboration with business stakeholders, building data reporting and analysis apps, extending SaaS apps, and modernizing legacy apps.
A low-code platform frees you to focus on solving your business problem instead of confronting the complexities of traditional development. These complexities include data visualization, data collection, data analytics, security, accessibility, performance, and globalization. A low-code platform significantly alleviates these complexities and dramatically reduces the amount of code you maintain.
Oracle Application Express (APEX) is a low-code platform that provides you with high-level components, such as forms, charts, and UI widgets. APEX also provides common design patterns through an intuitive graphical development environment. Apps developed using APEX can access local data via SQL and integrate with external services using REST APIs. Additionally, you can publish the functionality you develop in APEX as REST APIs for external consumption.
Design Principles
- Use fully managed services to eliminate complexity in app
development, runtimes and data management
Use a fully-managed service, such as Oracle APEX on Oracle Autonomous Database, to simplify deployment and operation of your scalable, secure, and performant low-code app. In addition, the capabilities of Oracle Autonomous Database, such as Oracle Data Guard, ensure that your low-code app can be made available 24/7/365.
- Automate build, test, and deployment
Use the OCI Resource Manager to automate the provisioning of Oracle Autonomous Databases and APEX environments. Use Oracle SQL Developer Command Line (SQLcl) with Liquibase to automate the deployment of changes to your data model.
- Keep the app tier stateless
Oracle APEX apps are stateless because all their state is persisted in the database. This approach provides strong transactional guarantees and makes it easy for your apps to fail over and be backed up so that they can recover from failure easily.
- Use multi-model databases with full featured support across all your
data
Your app can use data in a variety of formats, such as tabular (relational), unstructured, XML, JSON, spatial, and graph. Integrated text search, fuzzy matching, analytics, and machine learning facilitate advanced apps. With Oracle APEX on Oracle Autonomous Database, you can use transactions to guarantee consistency and isolation for all data formats. You can also protect sensitive data by using the security features of Oracle Data Safe, such as access control and data masking.
- Eliminate single point of failure though automated data replication
and failure recovery
APEX on Oracle Autonomous Database is deployed using a highly-available architecture. You can further increase the availability of your apps by using Autonomous Data Guard to enable seamless failover.
- Implement a defense-in-depth approach to secure the app lifecycle
Use OCI Identity and Access Management (IAM) to control access to your APEX apps. Assign an authorization scheme to your APEX app (and its components) to enforce access control based on user role or privilege. Use the built-in declarative capabilities of APEX to handle Session State Protection (SSP) and item-level encryption to protect your apps and data. Use bind variables in SQL queries to prevent against SQL injection. Configure app-appropriate timeouts to ensure that inactive sessions are automatically terminated. Run the built-in APEX Advisor to detect potential security concerns, such as unprotected pages, items, and buttons. Use declarative escaping and programmatic escaping APIs to guard against cross-site scripting (XSS).
Architecture
Description of the illustration low-code-arch.png
The architecture leverages gateways and load balancers to isolate the Autonomous Database in a separate private subnet. A NAT gateway is used to consume external REST APIs securely.
Non-Recommended Architectures
Example Use Cases
- Opportunistic Apps
When a new business opportunity emerges, often a new application needs to be built quickly. Organizations have a huge backlog of apps that are required to meet changing business needs and remain competitive. This backlog can be poorly defined, and business priorities might change rapidly, so the apps must be fast to build and easy to update as required. Such apps can be easily built and maintained using APEX.
- Data Reporting and Analysis
Obtaining a complete, accurate picture across an organization, or even within a department, is often challenging. Data is held in numerous systems, existing reports are limited and don't always provide the detail needed to make informed business decisions. It’s hard to limit who can see what and avoid data breaches and running canned reports can take hours. Using APEX and its extensive reporting and data visualization capabilities makes developing appropriate dashboards for various user communities far simpler.
- SaaS and EBS Extensions
ERP systems provide extensive functionality but they don't always provide the specific reports that you need or might be missing functionality that’s specific to your industry or your organization. You might also have common business processes that take too many steps to complete, making them inefficient. In such cases, building an extension using APEX can deliver the appropriate information or greatly improve productivity and user experience.
- Legacy App Modernization
Oracle Forms apps often provide an out-of-date client/server user experience. These legacy apps often have usability and accessibility issues, have difficulties working with various browsers, and aren’t mobile friendly. Oracle APEX is the clear platform of choice for easily transitioning Oracle Forms apps to modern web apps. The same stored procedures and PL/SQL packages work natively in APEX, making it a breeze to develop.
- Spreadsheet Replacement
Almost every organization uses spreadsheets to disseminate and report on data. Why? Because spreadsheets are so easy to create. Anyone can put together a spreadsheet when they have the data. After they are created, spreadsheets are often sent it out to colleagues to help update, which inevitably leads to numerous copies with different data and flawed business processes. A far better solution is to have a single source of data stored in a fully secured database with a browser-based app that everyone can use to maintain the data.
Acknowledgements
- Authors: Sajan Parihar, Shakeeb Rahman, Marc Sewtz
- Contributors: Todd Bottger, Matthias Brantner, James Emerson, Bernard Horan, Harshad Kasture, Parvez Syed Mohamed, Joshua Stanley
Change Log
This log lists significant changes:
April 22, 2022 |
|