An application programming interface (API) is a way for two or more computer programs to communicate with each other.
Concepts related to API
Electronic Data Interchange (EDI) is a is a process between two computer systems that enables two companies to exchange business information.
An example of EDI is EPCIS, a GS1 standard that helps to share information about the physical movement
A web service is a service offered over the web.
A web API is an API that allows communication through the internet. Because of their popularity, web API are often referred simply as API. A web API is in fact a type of web service.
An open API or public API is an API that can be accessed by anyone. This concept usually applies to web APIs.
HTTP methods are used within the HTTP protocol to exchange information. Some of these mothods are POST and GET.
SOAP is a protocol.
Web Services Description Language (WSDL) is SOAP is a standarized XML language that defines the interface for web services.
Rest API, also known as RESTful API, is an application programming interface (API or web API) architecture that conforms to the constraints of REST architectural style and allows for interaction with RESTful web services.
GraphQL is a data query and manipulation language for APIs.
Some formats used for API communication are JSON or XML, among others.
SOAP works only with XML format, while REST is compatible with different formats like JSON and XML.
An API platform allows to share, build and test APIs
The most popular is probably Postman.
Insomnia is free and open source software (FOSS).
hoppscoth is FOSS under a MIT license.
Postman is an API platform that allows to share, build and test APIs, among other actions. It was the largest hub in 2023.
It is closed source and proprietary, owned by company Postman Inc.
Newman tool to manage Postman collection is FOSS.
Common API security issues are:
- Authorization for object access
- Authentication weaknesses
- Rate limiting
OWASP top 10 API on this external link.
OWASP API Security Project on this external link.