Just going by the title, I think it is a good idea to have an API service that uses a database service for storage. It moves logic out of the database layer, which is good for scaling and perhaps easier to develop. It's also necessary for authenticating end users and managing permissions.
In the description, it seems the database server does more than just databasing though, at least something related to authentication? I don't really think that's useful unless I'm missing something - the API service can run queries against the database somehow, possibly through an intermediary service, so if it gets compromised, the attacker can run any queries without needing DB credentials.