Jump to content

Open API: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Starting general tidy-up
m Reverted 1 edit by 37.217.168.141 (talk) to last revision by Very Fantastic Dude
(46 intermediate revisions by 40 users not shown)
Line 1: Line 1:
{{Short description|Type of application programming interface}}
{{multiple issues|
{{About|a type of application programming interface|the web service specification|OpenAPI Specification}}
{{Refimprove|date=October 2015}}
{{Other uses|OpenAPI (disambiguation){{!}}OpenAPI}}
{{essay-like|article|date=November 2007}}
}}
An '''open API''' (often referred to as a public API) is a publicly available [[application programming interface]] that provides developers with programmatic access to a proprietary software application or web service.<ref>{{Cite web|title = What is open API? - Definition from WhatIs.com|url = http://searchcloudapplications.techtarget.com/definition/open-API|website = SearchCloudApplications|accessdate = 2015-10-26}}</ref><ref>{{Cite web|url = http://readwrite.com/2013/09/19/api-defined|title = What APIs Are And Why They're Important|date = September 19, 2013|accessdate = 28 October 2015|website = Readwrite|publisher = |last = Proffitt|first = Brian}}</ref> APIs are sets of requirements that govern how one application can communicate and interact with another. APIs can also allow developers to access certain internal functions of a program, although this is not typically case for [[web API|web APIs]]. In the simplest terms, an API allows one piece of software to interact with another piece of software, whether within a single computer via a mechanism provided by the [[operating system]] or over an internal or external [[TCP/IP]]-based or non-TCP/IP-based network .<ref name=":0">{{Cite web|title = API Strategy 201: Private APIs vs. Open APIs {{!}} API Design and Strategy|url = http://www.apiacademy.co/resources/api-strategy-lesson-201-private-apis-vs-open-apis/|website = www.apiacademy.co|accessdate = 2015-11-02}}</ref> In the late 2010s, many APIs are provided by organisations for access with [[HTTP]]. APIs may be used by both developers inside the organisation that published the API or by any developers outside that organisation who wish to register for access to the interface.


An '''open API''' (often referred to as a public API) is a publicly available [[application programming interface]] that provides developers with programmatic access to a (possibly proprietary) [[Application software|software application]] or [[web service]].<ref>{{Cite web|url = http://readwrite.com/2013/09/19/api-defined|title = What APIs Are And Why They're Important|date = September 19, 2013|access-date = 28 October 2015|website = Readwrite|last = Proffitt|first = Brian}}</ref> Open APIs are APIs that are published on the [[internet]] and are free to access by consumers.<ref>{{Cite web |title=What is open API? - Definition from WhatIs.com |url=http://searchcloudapplications.techtarget.com/definition/open-API |access-date=2015-10-26 |website=SearchCloudApplications}}</ref>
== Characteristics ==
Open APIs have three main characteristics:
# <ref>{{Cite web|title = What is an Open API?|url = http://blog.ldodds.com/2014/03/25/what-is-an-open-api/|website = Lost Boy|accessdate = 2015-11-02|first = Leigh|last = Dodds}}</ref> They are available for use by developers by developers and other users with relatively few restrictions. Restrictions might include the necessity to register with .
# They are typically backed by '''open data'''.<ref>{{Cite web|title = What is Open Data?|url = http://opendatahandbook.org/guide/en/what-is-open-data/|website = opendatahandbook.org|accessdate = 2015-11-02}}</ref> Open data is freely available for everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control. An Open API may be free to use but the publisher may limit how the API data can be used.
# They are based on an '''open standard.'''


== Alternative Definitions ==
== Open API vs. Private API ==
There is no universally accepted definition of the term "Open API" and it may be used to mean a variety of things in different contexts, including:<ref>{{Cite web |last=Dodds |first=Leigh |title=What is an Open API? |url=http://blog.ldodds.com/2014/03/25/what-is-an-open-api/ |access-date=2015-11-02 |website=Lost Boy|date=25 March 2014 }}</ref>
# An API for use by developers and other users with relatively few restrictions. It may require registration or enforce quotas and [[Rate limiting|rate-limits]], but registration is free and open to all; or
# An API backed by [[open data]]. Open data is freely available for everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control; or
# An API based on an [[open standard]], which specifies the mechanism by which a consumer queries the API and interprets its responses.


===Private API===
== Open API versus private API ==
=== Private API ===
A private API is an interface that opens parts of an organization's backend data and application functionality for use by developers working within (or contractors working for) that organization.<ref>{{Cite web|title = 6 Business Benefits of Private APIs {{!}} Nordic APIs {{!}}|url = http://nordicapis.com/business-benefits-of-private-apis/|website = Nordic APIs| date=13 February 2014 |access-date = 2015-11-04}}</ref> Private APIs are only exposed to internal developers therefore the API publishers have total control over what and how applications are developed. Private APIs offer substantial benefits with regards to internal collaboration. Using a private API across an organization allows for greater shared awareness of the internal data models. As the developers are working for (or contracted by) one organization, communication will be more direct and therefore they should be able to work more cohesively as a group. Private APIs can significantly diminish the development time needed to manipulate and build internal systems that maximise productivity and create customer-facing applications that improve market reach and add value to existing offerings.


Private APIs can be made "private" in a number of ways. Most commonly the organization simply chooses not to document such an interface, such as in the case of undocumented functions of Microsoft Windows, which can be found by inspection of the symbol tables.<ref>{{cite web |title=NTAPI Undocumented Functions |url=http://undocumented.ntinternals.net/ |website=undocumented.ntinternals.net}}</ref> Some Web-based APIs may be authenticated by keys, both discoverable by analysis of application traffic.<ref>{{cite web |title=A Tutorial for Reverse Engineering Your Software's Private API: Hacking Your Couch {{!}} Toptal® |url=https://www.toptal.com/back-end/reverse-engineering-the-private-api-hacking-your-couch |website=Toptal Engineering Blog |language=en}}</ref> macOS furthermore uses an "entitlement", granted only by digital signature, to control access to private APIs in the system.<ref>{{cite web |last= Mo |first= Darren |title= A helper tool that enables Optimus Player to stream audio using AirPlay 2 |website= [[GitHub]] |date= 2019-05-07 |url= https://github.com/Optimus-Player/AirPlay-Enabler |access-date= 2019-05-09 }}</ref>
<ref name=":0" /> A private API is an interface that opens parts of an organisation’s backend data and application functionality for use by developers working within (or contractors working for) that organization.<ref>{{Cite web|title = 6 Business Benefits of Private APIs {{!}} Nordic APIs {{!}}|url = http://nordicapis.com/business-benefits-of-private-apis/|website = Nordic APIs|accessdate = 2015-11-04}}</ref> Private APIs are only exposed to internal developers therefore the API publishers have total control over what and how applications are developed. Private APIs offer substantial benefits with regards to internal collaboration. Using a private API across an organisation allows for greater shared awareness of the internal data models. As the developers are working for (or contracted by) one organisation, communication will be more direct and therefore they should be able to work more cohesively as a group. Private APIs can significantly diminish the development time needed to manipulate and build internal systems that maximise productivity and create customer-facing applications that improve market reach and add value to existing offerings.


Private APIs are by definition without any guarantee to the third-party developer choosing to uncover and use them. Nevertheless, the use of undocumented functions on Microsoft Windows have become so widespread that the system needs to preserve old behaviors for specific programs using the "AppCompat" database.<ref>{{cite web |last1=Pierce |first1=Sean |title=Malicious Application Compatibility Shims |url=https://www.blackhat.com/docs/eu-15/materials/eu-15-Pierce-Defending-Against-Malicious-Application-Compatibility-Shims-wp.pdf}}</ref>
===Open API===


=== Open API ===
In contrast to a private API, an open API is publicly available for all developers to access. They allow developers, outside of an organisation's workforce, to access backend data that can then be used to enhance their own applications. Open APIs can significantly increase revenue without the business having to invest in hiring new developers making them a very profitable software application.<ref>{{Cite web|title = Beat the risks of managing public, private APIs|url = http://searchsoa.techtarget.com/feature/Beat-the-risks-of-managing-public-private-APIs|website = SearchSOA|accessdate = 2015-11-04}}</ref> However, it is important to remember that opening back end information to the public can create a range of security and management challenges.<ref>{{Cite journal|title = iRiS: Vetting Private API Abuse in iOS Applications|url = http://doi.acm.org/10.1145/2810103.2813675|publisher = ACM|journal = Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security|date = 2015-01-01|location = New York, NY, USA|isbn = 978-1-4503-3832-5|pages = 44–56|series = CCS '15|doi = 10.1145/2810103.2813675|first = Zhui|last = Deng|first2 = Brendan|last2 = Saltaformaggio|first3 = Xiangyu|last3 = Zhang|first4 = Dongyan|last4 = Xu}}</ref> For example, publishing open APIs can make it harder for organisations to control the experience end users have with their information assets. Open API publishers cannot assume client apps built on their APIs will offer a good user experience. Furthermore, they cannot fully ensure that client apps maintain the look and feel of their corporate branding.
In contrast to a private API, an open API is publicly available for all developers to access. They allow developers, outside of an organization's workforce, to access backend data that can then be used to enhance their own applications. Open APIs can significantly increase revenue without the business having to invest in hiring new developers making them a very profitable software application.<ref>{{Cite web|title = Beat the risks of managing public, private APIs|url = http://searchsoa.techtarget.com/feature/Beat-the-risks-of-managing-public-private-APIs|website = SearchSOA|access-date = 2015-11-04}}</ref> However, opening back end information to the public can create a range of security and management challenges.<ref>{{Cite book|publisher = ACM|date = 2015-01-01|location = New York, NY, USA|isbn = 978-1-4503-3832-5|pages = 44–56|series = CCS '15|doi = 10.1145/2810103.2813675|first1 = Zhui|last1 = Deng|first2 = Brendan|last2 = Saltaformaggio|first3 = Xiangyu|last3 = Zhang|first4 = Dongyan|last4 = Xu| title=Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security | chapter=IRiS | s2cid=5613038 }}</ref> For example, publishing open APIs can make it harder for organisations to control the experience end users have with their information assets. Open API publishers cannot assume client apps built on their APIs will offer a good user experience. Furthermore, they cannot fully ensure that client apps maintain the look and feel of their corporate branding.


== Open APIs in Business ==
== Open APIs in business ==
<ref name=":0" /> Open APIs can be used by businesses seeking to leverage the ever-growing community of freelancing developers who have the ability to create innovative applications that add value to their core business. Open APIs are favoured in the business sphere as they simultaneously increase the production of new ideas without investing directly in development efforts. Businesses often tailor their APIs to target specific developer audiences that they feel will be most effective in creating valuable new applications. However, an API can significantly diminish an application's functionality if it is overloaded with features.
Open APIs can be used by businesses seeking to leverage the ever-growing community of freelancing developers who have the ability to create innovative applications that add value to their core business. Open APIs are favoured in the business sphere as they simultaneously increase the production of new ideas without investing directly in development efforts. Businesses often tailor their APIs to target specific developer audiences that they feel will be most effective in creating valuable new applications. However, an API can significantly diminish an application's functionality if it is overloaded with features.
[[File:Open-APIs-v5.png|thumb|Open API Business Chart]]
[[File:Open-APIs-v5.png|thumb|Open API business chart]]


For example,<ref>{{Cite web|title = What Are APIs, And How Are Open APIs Changing The Internet|url = http://www.makeuseof.com/tag/api-good-technology-explained/|website = MakeUseOf|accessdate = 2015-11-02}}</ref> Yahoo's open search API allows developers to integrate Yahoo search into their own software applications. The addition of this API provides search functionality to the developer's application whilst also increasing search traffic for Yahoo's search engine hence benefitting both parties. With respect to Facebook and Twitter, we can see how third parties have enriched these services with their own code. For example, the ability to create an account on an external site/app using your Facebook credentials is made possible using Facebook's open API.
For example,<ref>{{Cite web|title = What Are APIs, And How Are Open APIs Changing The Internet|url = http://www.makeuseof.com/tag/api-good-technology-explained/|website = MakeUseOf| date=19 February 2015 |access-date = 2015-11-02}}</ref> Yahoo's open search API allows developers to integrate [[Yahoo!|Yahoo]] search into their own software applications. The addition of this API provides search functionality to the developer's application whilst also increasing search traffic for Yahoo's search engine hence benefitting both parties. With respect to [[Facebook]] and [[Twitter]], we can see how third parties have enriched these services with their own code. For example, the ability to create an account on an external site/app using your Facebook credentials is made possible using Facebook's open API.


Many large technology firms, such as Twitter, [[LinkedIn]] and Facebook, allow the use of their service by third parties and [[Competition|competitors]].<ref>{{Cite web|title=Facebook Developer Docs|url=https://developers.facebook.com/docs/|access-date=2021-02-09|website=Facebook for Developers|language=en}}</ref><ref>{{Cite web|last=tonyxu-io|title=LinkedIn API documentation - LinkedIn|url=https://docs.microsoft.com/en-us/linkedin/|access-date=2021-02-09|website=docs.microsoft.com|language=en-us}}</ref><ref>{{Cite web|title=About Twitter's APIs|url=https://help.twitter.com/en/rules-and-policies/twitter-api|access-date=2021-02-09|website=help.twitter.com|language=en}}</ref>
You might assume that the technology world is inherently cut-throat, with incumbents not wishing to provide a leg-up to the competition. But you’d be wrong. Indeed, many large technology firms, such as Twitter, LinkedIn and Facebook, even allow the use of their service by third parties and competitors.


== Open APIs on the Web ==
== Open APIs on the Web ==
With the rise in prominence of HTML5 and Web 2.0, the modern browsing experience has become interactive and dynamic and this has, in part, been accelerated through the use of open APIs. Some open APIs fetch data from the database behind a website and these are called Web APIs. For example, Google's YouTube API allows developers to integrate YouTube into their applications by providing the capability to search for videos, retrieve standard feeds, and see related content.
With the rise in prominence of [[HTML5]] and Web 2.0, the modern browsing experience has become interactive and dynamic and this has, in part, been accelerated through the use of open APIs. Some open APIs fetch data from the database behind a website and these are called Web APIs. For example, Google's YouTube API allows developers to integrate YouTube into their applications by providing the capability to search for videos, retrieve standard feeds, and see related content.


<ref>{{Cite web|title = A beginner's definition of "Web API"|url = http://franceshocutt.com/2014/05/28/a-beginners-definition-of-web-api/|website = Frances Hocutt|accessdate = 2015-11-02}}</ref> Web APIs are used for exchanging information with a website either by receiving or by sending data. When a web API fetches data from a website, the application makes a carefully constructed HTTP request to the server the site is stored on. The server then sends data back in a format your application expects (if you requested data) or incorporates your changes to the website (if you sent data).
Web APIs are used for exchanging information with a website either by receiving or by sending data. When a web API fetches data from a website, the application makes a HTTP request to the server the site is stored on. The server then sends data back in a format your application expects (if you requested data) or incorporates your changes to the website (if you sent data).


== See also ==
== See also ==
*[[List of open APIs]]
*[[OpenAPI Specification]]
*[[Application enablement]]
*[[Application enablement]]
*[[Open system (computing)]]
*[[Open system (computing)]]
*[[Mashup (web application hybrid)]]
*[[Mashup (web application hybrid)]]
*[[Webhook]]
*[[Webhook]]
*[[Web API]]


== External links ==
==References==
* [https://openapis.org/ Open API Initiative (OAI) website]
* [https://marketplace.eclipse.org/content/openapi-studio-rich-oas3-editor Eclipse OpenAPI (OAS) Editor and Studio]
* [https://remainsoftware.com/docs/openapi/help/index.jsp#nav/0_0 OpenAPI Editor and Test Studio Usage Wiki]

== References ==
{{Reflist}}
{{Reflist}}



Revision as of 18:55, 5 March 2024

An open API (often referred to as a public API) is a publicly available application programming interface that provides developers with programmatic access to a (possibly proprietary) software application or web service.[1] Open APIs are APIs that are published on the internet and are free to access by consumers.[2]

Alternative Definitions

There is no universally accepted definition of the term "Open API" and it may be used to mean a variety of things in different contexts, including:[3]

  1. An API for use by developers and other users with relatively few restrictions. It may require registration or enforce quotas and rate-limits, but registration is free and open to all; or
  2. An API backed by open data. Open data is freely available for everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control; or
  3. An API based on an open standard, which specifies the mechanism by which a consumer queries the API and interprets its responses.

Open API versus private API

Private API

A private API is an interface that opens parts of an organization's backend data and application functionality for use by developers working within (or contractors working for) that organization.[4] Private APIs are only exposed to internal developers therefore the API publishers have total control over what and how applications are developed. Private APIs offer substantial benefits with regards to internal collaboration. Using a private API across an organization allows for greater shared awareness of the internal data models. As the developers are working for (or contracted by) one organization, communication will be more direct and therefore they should be able to work more cohesively as a group. Private APIs can significantly diminish the development time needed to manipulate and build internal systems that maximise productivity and create customer-facing applications that improve market reach and add value to existing offerings.

Private APIs can be made "private" in a number of ways. Most commonly the organization simply chooses not to document such an interface, such as in the case of undocumented functions of Microsoft Windows, which can be found by inspection of the symbol tables.[5] Some Web-based APIs may be authenticated by keys, both discoverable by analysis of application traffic.[6] macOS furthermore uses an "entitlement", granted only by digital signature, to control access to private APIs in the system.[7]

Private APIs are by definition without any guarantee to the third-party developer choosing to uncover and use them. Nevertheless, the use of undocumented functions on Microsoft Windows have become so widespread that the system needs to preserve old behaviors for specific programs using the "AppCompat" database.[8]

Open API

In contrast to a private API, an open API is publicly available for all developers to access. They allow developers, outside of an organization's workforce, to access backend data that can then be used to enhance their own applications. Open APIs can significantly increase revenue without the business having to invest in hiring new developers making them a very profitable software application.[9] However, opening back end information to the public can create a range of security and management challenges.[10] For example, publishing open APIs can make it harder for organisations to control the experience end users have with their information assets. Open API publishers cannot assume client apps built on their APIs will offer a good user experience. Furthermore, they cannot fully ensure that client apps maintain the look and feel of their corporate branding.

Open APIs in business

Open APIs can be used by businesses seeking to leverage the ever-growing community of freelancing developers who have the ability to create innovative applications that add value to their core business. Open APIs are favoured in the business sphere as they simultaneously increase the production of new ideas without investing directly in development efforts. Businesses often tailor their APIs to target specific developer audiences that they feel will be most effective in creating valuable new applications. However, an API can significantly diminish an application's functionality if it is overloaded with features.

Open API business chart

For example,[11] Yahoo's open search API allows developers to integrate Yahoo search into their own software applications. The addition of this API provides search functionality to the developer's application whilst also increasing search traffic for Yahoo's search engine hence benefitting both parties. With respect to Facebook and Twitter, we can see how third parties have enriched these services with their own code. For example, the ability to create an account on an external site/app using your Facebook credentials is made possible using Facebook's open API.

Many large technology firms, such as Twitter, LinkedIn and Facebook, allow the use of their service by third parties and competitors.[12][13][14]

Open APIs on the Web

With the rise in prominence of HTML5 and Web 2.0, the modern browsing experience has become interactive and dynamic and this has, in part, been accelerated through the use of open APIs. Some open APIs fetch data from the database behind a website and these are called Web APIs. For example, Google's YouTube API allows developers to integrate YouTube into their applications by providing the capability to search for videos, retrieve standard feeds, and see related content.

Web APIs are used for exchanging information with a website either by receiving or by sending data. When a web API fetches data from a website, the application makes a HTTP request to the server the site is stored on. The server then sends data back in a format your application expects (if you requested data) or incorporates your changes to the website (if you sent data).

See also

References

  1. ^ Proffitt, Brian (September 19, 2013). "What APIs Are And Why They're Important". Readwrite. Retrieved 28 October 2015.
  2. ^ "What is open API? - Definition from WhatIs.com". SearchCloudApplications. Retrieved 2015-10-26.
  3. ^ Dodds, Leigh (25 March 2014). "What is an Open API?". Lost Boy. Retrieved 2015-11-02.
  4. ^ "6 Business Benefits of Private APIs | Nordic APIs |". Nordic APIs. 13 February 2014. Retrieved 2015-11-04.
  5. ^ "NTAPI Undocumented Functions". undocumented.ntinternals.net.
  6. ^ "A Tutorial for Reverse Engineering Your Software's Private API: Hacking Your Couch | Toptal®". Toptal Engineering Blog.
  7. ^ Mo, Darren (2019-05-07). "A helper tool that enables Optimus Player to stream audio using AirPlay 2". GitHub. Retrieved 2019-05-09.
  8. ^ Pierce, Sean. "Malicious Application Compatibility Shims" (PDF).
  9. ^ "Beat the risks of managing public, private APIs". SearchSOA. Retrieved 2015-11-04.
  10. ^ Deng, Zhui; Saltaformaggio, Brendan; Zhang, Xiangyu; Xu, Dongyan (2015-01-01). "IRiS". Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. CCS '15. New York, NY, USA: ACM. pp. 44–56. doi:10.1145/2810103.2813675. ISBN 978-1-4503-3832-5. S2CID 5613038.
  11. ^ "What Are APIs, And How Are Open APIs Changing The Internet". MakeUseOf. 19 February 2015. Retrieved 2015-11-02.
  12. ^ "Facebook Developer Docs". Facebook for Developers. Retrieved 2021-02-09.
  13. ^ tonyxu-io. "LinkedIn API documentation - LinkedIn". docs.microsoft.com. Retrieved 2021-02-09.
  14. ^ "About Twitter's APIs". help.twitter.com. Retrieved 2021-02-09.