The Impact of APIs in the SaaS industry
Enhanced Operational Efficiency with Data - Driven IT Strategy
The Standard Work of IT
CIOs Shouldn't See OpenStack and Public Clouds as an Either/ or...
Travel APIs: Easing the Turbulence from Origin to Destination
Matt Minetola, EVP & Global CIO, Travelport
Henry Ford's Environment
Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
Accomplishing Organizational Security through Shared Responsibility...
Darrell Bateman, SVP-Chief Information Security Officer at City Bank
Democratizing Data at the OT Edge
Claudio Fayad, Vice president of technology, Emerson
Thank you for Subscribing to CIO Applications Weekly Brief
Common Types of Web APIs to Know
A public API is open to the public and can be used by any outside developer or business. A company that develops and offers a public API will have a business strategy that includes sharing its applications and data with other companies
Fremont, CA: The API is a powerful and adaptable tool for connecting disparate software applications. APIs enable a wide range of unrelated software products to integrate and communicate with other software and data. APIs also enable developers to add features and functionality to software by leveraging the APIs of other developers.
However, not all APIs are created equal. Developers can work with a variety of API types, protocols, and architectures to meet the specific needs of various applications and businesses.
Common types of web APIs:
Public APIs: A public API is open to the public and can be used by any outside developer or business. A company that develops and offers a public API will have a business strategy that includes sharing its applications and data with other companies.
Authentication and authorization for public APIs are typically moderate. An enterprise may also try to monetize the API by charging a fee per call to use the public API.
Internal APIs: An internal (or private) API is only intended for use within the enterprise to connect systems and data. An internal API, for instance, could connect an organization's payroll and HR systems.
Internal APIs have traditionally had weak security and authentication – or none at all – because they are intended for internal use, and such security levels are assumed to be in place via other policies. This is changing, nevertheless, as increased threat awareness and regulatory compliance requirements have a greater impact on an organization's API strategy.
Partner APIs: A partner API is a way to facilitate business-to-business activities that are only available to specifically selected and authorized outside developers or API consumers. For instance, if a company wants to selectively share customer data with third-party CRM firms, a partner API can connect the internal customer data system with those third-party parties; no other API use is permitted.
Partners have specific rights and licenses to such APIs. As a result, partner APIs typically include stronger authentication, authorization, and security mechanisms. Enterprises do not typically monetize such APIs directly; rather, partners are compensated for their services rather than through API use.