The application model has changed from tightly packed application and source code to an aerated
approach.
The API solution can and should be adopted for all types of applications, be it desktop applications, mobile
or web, the API is the way to go.
Having an intertwined code which accesses the data storage and keeps all the processing in a black box will be hard to expand and add various platforms to it. Adding a mobile application to an existing web application requires the data storage to be exposed also to the mobile application.
Exposing a data storage to a mobile application is really risky being that the credentials should be provided with the application, and having the login credentials to a database can be risky.
But say you created a special account for the mobile application with limited access to the database and its tables, maybe read only to some.
Managing that account will turn into a nightmare if it gets too complicated, or if, for example, the mobile application has different access levels. What if the requirements for the access level change with time?
Human error is also a factor in these problems, and usually, it's the biggest factor of all.
These problems can be solved by exposing the data storage through an API. The API can be changed on the fly, the logic behind it can change without the application needing an update, the security is not an issue here, because, if implemented correctly from the beginning, it will stand solid over time.
Usually, the API-lization of an already existing application means that you want to add more clients to your data. If you plan on adding mobile applications to your stack we can help plan them and we can also help develop them.