API Design and Management Flashcards

1
Q

Types of API

A

Open API
Internal API
Partner API
Composite API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

API that are used within an organization to facilitate communication between internal systems

A

Internal API (Private)

example: School Organization.

Private Organizations that only shares within their circle.

Cvsu indang –> Cvsu imus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

These APIs are available to developers and users with minimal restrictions.

A

Open API (Public)

example: Facebook or twitter.

open for all and let its user to interact with their services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

API that are shared externally but with limited access. They are used to integrate with trusted partners, typically under strict agreements.

A

Partner API

example: Shopee, the trusted partner of shopee is ShopeePay, who offers seamless and cashless transactions.

another example is Messenger as trusted partner of Facebook in terms of messages and calls.

Mostly used in finance industries or businesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An API that allow developers to bundle multiple API calls into a single request.

A

Composite API

example: bank transfer

from Gcash -> Pesonet-> BPI, BPO, Landbank

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Types of API Architecture

A

> RESTful Architecture (Representational State Transfer)
SOAP (Simple Object Access Protocol)
GraphQL
gRPC (Google Remote Procedure Call)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The most widely used API architectural style.

It leverages HTTP methods and stateless communication to interact with uniquely identified by a URI (Uniform Resource Identifier).

A

RESTful Architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Is a protocol that defines strict rules for exchanging structured information using XML.

A

SOAP (Simple Object Access Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Developed by Facebook, ______ is a query language for APIs that allows clients to request exactly the data they need.

A

GraphQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Is an open-source RPC (Remote Procedure Call) framework that uses HTTP/2 for transport and Protocol Buffers (protobufs) as the interface description language.

A

gRPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Securing API (5)

A

Authentication and Authorization
Rate Limiting
Data Encryption
Input Validation
CORS (Cross Origin Resource Sharing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

3 under Authentication and Authorization

A

API Keys
OAuth
JWT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Simple token that identify the client making the request.

A

API Keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A more robust system that allows secure token-based authentication and authorization.

A

OAuth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

These tokens allows users to securely transmit information between parties.

A

JWT (JSON Web Tokens)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

APIs can be subject to abuse, such as being overwhelm with request.

A

Rate Limiting

17
Q

All data transmitted through APIs, especially sensitive data, should be encrypted using SSL/TLS

A

Data Encryption

18
Q

APIS should always validate incoming data, ensuring it matches expected formats and types, and should sanitize data before processing.

A

Input Validation

19
Q

____ policies control which domains can make requests to the API, helping to prevent unauthorized cross-site request and ensuring that only trusted domains interact with the API.

A

CORS (Cross Origin Resource Sharing)