WHAT IS AN API KEY? AND HOW IS SECURE?

Comments · 381 Views

API Stands for Application Programming Interface API is a software to software interface, not a user interface. It is use to authenticate an application calling the API. APIs use to identify invalid or malicious requests.an API a set of rules how two machines talk to each other. It is a co

API Stands for Application Programming Interface API is a software to software interface, not a user interface. It is use to authenticate an application calling the API. APIs use to identify invalid or malicious requests.an API a set of rules how two machines talk to each other. It is a collection of functions, procedures, or methods that are available to be custom web development company in india executed by other software. There are two ways here that will help us understand:

  1. Identifier
  2. Authentication

TYPES OF APIs:

 

Four types of APIs

 

1-    Public APIs: -  open source type

2-    Private APIs: -  closed and internal type, (private APIs are normally not revealed to external users).

3-    Partner APIs:- allow two different companies to enter into an exclusive data-sharing agreement.

4-    Composite APIs:- combine different service or data APIs

 

HOW DO APIS WORK?

 

There are four types of api work

1-    GET: ask for the data from server

2-    POST: sends new information to a server

3-     PUT: makes changes to existing data on a server

4-    DELETE: remove existing information from a server

 

CHALLENGES IN API TESTING

1-    Test Data Generation

2-    Parameter Validation

3-    Call Sequencing In Api Testing

4-    Keeping Test Suite Updated

5-    Monitoring Reporting.

 

API REQUIREMENTS

1-    SECURITY

2-    TESTABILITY

3-    SCALIBILITY

4-    RELIABILITY

5-    USABILITY

 

 

WHY IS API TESTING IMPORTANT?

 

 It easier to identify any bugs in the unit, database, and several levels.api tests are also faster to run and more isolated that ui tests. API testing does not focus on the individual components of an application. api is doneto reveal 

php web application development company in india all the bugs, deviations or inconsistencies from API.

types of api testing: there are many types of API testing

1.     functional testing

2.     load testing

3.     error detection testing

4.     security testing

5.     validation testing

6.     penetration testing

 

 

HOW DO YOU SECURE USE API?

1.     priority security

2.     use a strong authentication

3.     inventory and manage API

4.     encrypt traffics using TLS

5.     validate input

6.     use rate limiting

7.     use firewall

8.     don’t expose data

 

SECURITY RISK

 

CLIENT SECURITY RISK

1.     app source code exposure

2.     shared passwords

 

BACKEND SECURITY RISK

1.     phishing

2.     rate limit

3.     db exposure

4.     clear text data at rest

             

NETWORK SECURITY RISKS

1.     credential theft

 

 

 

LIST OF APIS PROTOCOLS

 

1.     SOAP(simple object access protocols)

2.     REST (representational state transfer)

3.     GRPC (google remote procedure call)

4.     JSON-RPC( JavaScript object notation- remote procedure call)

5.     GraphQL (graph query language)

6.     Apache thrift

Comments