NISHANT ATTREY

APIs - Application Programming Interface

Nishant Attrey's photo
Nishant Attrey
·

3 min read

Table of contents

What is an API?

API stands for Application Programming Interface, a set of definitions and protocols for building and integrating application software, in an easy way API act as an intermediary that allows two applications to talk. The Application in API refers to any software with a distinct function. Interface is referred to as a contract of service between two applications

How do APIs work?

APIs let your product or service communicate with other products and services without having to know how they’re implemented.

  • APIs are sometimes thought of as contracts, with documentation that represents an agreement between parties: If party 1 sends a remote request structured a particular way, this is how party 2’s software will respond. API architecture is usually explained in terms of client and server.
  • The application sending the request is called the client, and the application sending the response is called the server. For example, you would have ordered Uber via app and using it you could locate your taxi and your pickup location and app shows all this information using google maps but does this mean Uber have complete access to google maps the answer is NO. Uber uses google map API, the application connects to the Internet and sends data to a server. The server then retrieves that data, interprets it, performs the necessary actions and sends it back to your phone. This is how API work.

image.png

Why do we need good APIs?

We need good APIs for the following reasons

  1. APIs Promote Business Growth-> A good API can help you to promote your business as in the example given above, Uber pays Google for using its API and through this Google earns revenue.

  2. APIs are efficient-> A good API is efficient enough for developers to integrate new application components into existing architecture. Not only this but it also makes it efficient enough for external development and collaboration.

History of APIs - The Change

There is a lot of change seen in the history of APIs from being a library for operating systems in its early days to becoming an important technology for the remote integration of data but the security of APIs was always in question as there were many attacks on APIs like Brute force attacks, Code injections, SQL injections and many more.

Securing APIs

Securing APIs is very important and kind of hectic but I have got you a tool called Cherrybomb by BLST Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications. CLI tool is open source, enabling support from both the OpenAPI and Rust communities.

How does Cherrybomb work?

It takes in an OAS file, runs a series of checks on it to make sure everything is on par with the OAS, and outputs a detailed table with any alerts found, guiding you to the exact problem and location to help you solve it quickly.

It can also take in your logs and check them for business logic flaws.

Know about BLST

Some features of BLST

  • API Endpoint Mapper ->BLST has an endpoint mapper with a developer-friendly interface that shows you how your API works.
  • Params table ->Documenting your API could be very hectic but here is the catch BLST helps you to document your API in a very easy way.
  • OAS Misconfiguration Checks -> It gives you detailed information on the code bits or parameters in your API that aren't working properly.
APIsapiAPI basics BlogsWithCConescoop