Running a government website to inform or provide essential services to the public is an extraordinarily difficult, albeit crucial task. Compared to their non federal counterparts, websites run by the government have a dizzying list of compliance standards and security protocols to adhere to. Chief among these is attaining the Authority to Operate (ATO), which determines whether or not a service can be integrated into an existing network. With such a strict rubric, technologies used to build and deliver websites cannot be picked haphazardly and without scrutiny. In this context, the freedom that the JAMstack paradigm provides is met with resistance. While APIs offer the flexibility of outsourcing complexity to external services, the restrictions of government websites mean that services need to be pre-approved before they can be integrated. Considering the dynamic qualities that the API ecosystem brings to the JAMstack, this constraint can seem limiting. Be that as it may, the lack of full access to the API ecosystem doesn’t completely negate the JAMstack as an architecture for building government websites.
The JAMstack is principally characterized by its focus on pre-rendered static assets and the decoupling of frontend from backend. This makes it possible for content authors to work independently from developers thereby separating content from context. In the realm of government websites, keeping content up to date and maintaining compliance standards are equally critical. The decoupled architecture that the JAMstack provides enables government agencies to fulfill these needs independent of one another; developers can focus on technology and standards maintenance while content authors can focus on keeping content up to date.
The JAMstack model’s rootedness in Git additionally means that there is a single point of entry between code and content. Instead of having to manage multiple user accounts, government agencies can grant and revoke access easily with the power of GitHub credentials. This, alongside serving publicly accessible content statically over a CDN is key to keeping a site secure, since only authorized parties have access to the raw site and build scripts at any given time. By encouraging a separation between frontend and backend, and a reliance on Git for version control and user management, the JAMstack eases the workflow for building and delivering federally compliant websites.
If you’re keen on learning more about how government agencies lean on the JAMstack, check out this incredibly informative workshop by the folks at 18F covering Federalist, US Web Design Standards and GitHub, a publishing platform for building modern 21st Century Integrated Digital Experience (IDEA) websites.