Hacking APIs

avatar
Created by
RetailTortoise38285

Cards (3)

  • How Web APIs Work
    • Like web applications, web APIs rely on HTTP to facilitate a client/server relationship between the host of the API (the provider) and the system or person making an API request (theconsumer).
    • An API consumer can request resources from an API endpoint, which is a URL for interacting with part of the API. Each of the following examples is a different API endpoint:
    https://example.com/api/v3/users/ https://example.com/api/v3/customers/ https://example.com/api/updated_on/ https://example.com/api/state/1/
  • How Web APIs Work:
    • Resources are the data being requested. A singleton resource is a unique object, such as /api/user/{user_id}. A collection is a group of resources, such as /api/profiles/users. A subcollection refers to a collection within a particular resource. For example,/api/user/{user_id}/settings is the endpoint to access the settings subcollection of a specific (singleton) user.
    • When a consumer requests a resource from a provider, the request passes through an API gateway, which is an API management component that acts as an entry point to a web application.
  • How Web APIs Work:
    • The API gateway then distributes the requests to whichever microservice is needed to fulfill each request.
    • The API gateway filters bad requests, monitors incoming traffic, and routes each request to the proper service or microservice. The API gateway can also handle security controls such as authentication, authorization, encryption in transit using SSL, rate limiting, and load balancing.