Application Programming Interfaces (APIs)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We've talked about Application Programming Interfaces,
00:00
also referred to as APIs,
00:00
a number of different times throughout this course.
00:00
However, we're now going to go
00:00
>> into greater detail about
00:00
>> the two most common forms of
00:00
APIs associated with Cloud development.
00:00
In this lesson, we want to talk about the uses
00:00
of APIs in the Cloud,
00:00
and then begin to talk about
00:00
the two most common types of APIs,
00:00
RESTful APIs, and SOAP APIs.
00:00
By end of this lesson, you'll be able to explain
00:00
the differences between RESTful APIs,
00:00
SOAP APIs, what are
00:00
the benefits and limitations of each, and then also,
00:00
what business case would be
00:00
used to justify the use of one API over the other,
00:00
and then we also want to think about
00:00
the security issues related to the use of APIs.
00:00
I said before, we've got RESTful APIs,
00:00
and we've got to SOAP APIs.
00:00
A RESTful API is really used
00:00
in point-to-point situations where
00:00
you need things to be very lightweight.
00:00
It's often used for scaling connection
00:00
between web applications and the users.
00:00
Seventy percent of the web APIs out there
00:00
>> are REST APIs.
00:00
>> Its advantages are that it's very flexible,
00:00
it's not really reliant
00:00
>> on a single programming language,
00:00
>> although it is point-to-point,
00:00
so the API connects an end point
00:00
to a database or an application,
00:00
and it does this over HTTP,
00:00
which is distinct from SOAP,
00:00
which you'll see in a moment.
00:00
The other thing is that it's stateless.
00:00
This API is not remembering any particular credentials,
00:00
it's really just starting fresh and
00:00
sending information back and forth.
00:00
It's best for low bandwidth scenarios
00:00
where you really don't want to impact
00:00
any of the bandwidth related to the application because
00:00
the size of the messages that are
00:00
sent over RESTful APIs are very small.
00:00
It's also useful in situations
00:00
where you're caching information,
00:00
where you just need the information to quickly traverse
00:00
from a cache source to a client, and back and forth.
00:00
SOAP APIs, on the other hand,
00:00
are much older, they've been around since the 1970s.
00:00
They are really designed to exchange
00:00
well structured information,
00:00
to say, through web services.
00:00
They could work off a number of
00:00
different protocols other than HTTP
00:00
such as civil message transport protocol,
00:00
file transfer protocol.
00:00
They are slower, but
00:00
one of the benefits is that they are capable of
00:00
stifle operations where you need to maintain
00:00
previous session details in
00:00
the transference of information.
00:00
They also can work best in
00:00
situations where you need asynchronous transfer of
00:00
information to a number of
00:00
different endpoints or applications
00:00
that need to communicate.
00:00
There isn't the same one-to-one relationship
00:00
that often occurs with RESTful APIs.
00:00
Now, I don't want you to really think that
00:00
one is better or worse than the other,
00:00
it really just depends on the needs
00:00
>> of your application,
00:00
>> the requirements of what the application needs to do,
00:00
and why an API is needed in the first place.
00:00
From a security perspective,
00:00
you're going to want to make sure that
00:00
the testing is done
00:00
on this API before the use of anyone,
00:00
or that it comes from a very valid source.
00:00
If an API is misconfigured,
00:00
you can have risks related to
00:00
data leakage when information
00:00
is transferred over the API,
00:00
regardless if it's a RESTful API or SOAP API.
00:00
Quiz question, which API type is reliant on XML?
00:00
If you said SOAP API, you'd be correct.
00:00
RESTful APIs, the connection is over HTTP,
00:00
but the language used to communicate
00:00
the messages can be in various languages.
00:00
In summary, we talked about the use
00:00
of APIs in Cloud applications.,
00:00
we talked about the two major types of APIs,
00:00
RESTful and SOAP,
00:00
and then we talked about the benefits
00:00
and limitations of each.
00:00
I'll see you in the next lesson.
Up Next