The best reason for IT to want to keep a lid on things is to protect personally identifiable information. My employer was an early adopter of "data breaches" because a developer had a copy of our database of staff, faculty and students on their laptop which got stolen. Since a data breach can affect your company, its customers, employees, vendors and the rest of society, you should be sensitive to these concerns.
I don't know about your case, perhaps it is not a concern, but I think the modern IT organization should be thinking systematically about PII and data breaches and one of the best ways to prevent data from being misused is to keep it under wraps.
That said, I see two angles.
(1) Politics. Other people have talked about it, but it is a deep art. I can't give you answers that work for every organization other than you really have to know your organization and all the people in it.
Central IT at my employer used to be terribly disorganized and if you were in some other unit and needed them to do things your odds were about 50-50 of getting good results going through "the process" so I had to develop a new process of "vendor management" which mostly involved getting the names of many people in Central IT who I would call and say "so-and-so (somebody who used to work there who was super respected) said that I should ask you if you can help me" and then if they can't "do you have any idea of who can help me?" and then repeat.
20 years later (which I didn't all spend at this place) they did a total reorg and now if you put a ticket in the ticket system they will really get to it. If you want to get faster results and try my old tactic they would probably call your boss and your boss would tell you to knock it off.
I can't tell you what the official process for your organization is and what the process that really works is, you have to figure that out for yourself!
(2) Technology. I'll note that if you have a web application you don't really need an API. Actually when a web site adds an API they are often doing it to take something away or take something from you. For instance I have a webcrawler for image-based web sites that I made for Flickr that I found worked on Wikimedia Commons without any changes and that I can often make work for a new site by changing a few CSS rules. All these sites have different APIs and it might be more work to write API clients for them. Between web crawling of HTML-based sites and the fact that modern SPA sites often have an internal JSON API you can often script a web application pretty easily. The same can be true for desktop applications which can be scripted through accessibility APIs and such.
Of course you have to consider your responsibility and the politics if you do that.
PaulHoule|1 year ago
The best reason for IT to want to keep a lid on things is to protect personally identifiable information. My employer was an early adopter of "data breaches" because a developer had a copy of our database of staff, faculty and students on their laptop which got stolen. Since a data breach can affect your company, its customers, employees, vendors and the rest of society, you should be sensitive to these concerns.
I don't know about your case, perhaps it is not a concern, but I think the modern IT organization should be thinking systematically about PII and data breaches and one of the best ways to prevent data from being misused is to keep it under wraps.
That said, I see two angles.
(1) Politics. Other people have talked about it, but it is a deep art. I can't give you answers that work for every organization other than you really have to know your organization and all the people in it.
Central IT at my employer used to be terribly disorganized and if you were in some other unit and needed them to do things your odds were about 50-50 of getting good results going through "the process" so I had to develop a new process of "vendor management" which mostly involved getting the names of many people in Central IT who I would call and say "so-and-so (somebody who used to work there who was super respected) said that I should ask you if you can help me" and then if they can't "do you have any idea of who can help me?" and then repeat.
20 years later (which I didn't all spend at this place) they did a total reorg and now if you put a ticket in the ticket system they will really get to it. If you want to get faster results and try my old tactic they would probably call your boss and your boss would tell you to knock it off.
I can't tell you what the official process for your organization is and what the process that really works is, you have to figure that out for yourself!
(2) Technology. I'll note that if you have a web application you don't really need an API. Actually when a web site adds an API they are often doing it to take something away or take something from you. For instance I have a webcrawler for image-based web sites that I made for Flickr that I found worked on Wikimedia Commons without any changes and that I can often make work for a new site by changing a few CSS rules. All these sites have different APIs and it might be more work to write API clients for them. Between web crawling of HTML-based sites and the fact that modern SPA sites often have an internal JSON API you can often script a web application pretty easily. The same can be true for desktop applications which can be scripted through accessibility APIs and such.
Of course you have to consider your responsibility and the politics if you do that.