{{About|open vs. private APIs|the web service specification|OpenAPI Specification}}
An '''open API''' (often referred to as a public API) is a publicly available [[application programming interface]] that provides developers with programmatic access to a proprietary software application or web service.<ref>{{Cite web|title = What is open API? - Definition from WhatIs.com|url = http://searchcloudapplications.techtarget.com/definition/open-API|website = SearchCloudApplications|access-date = 2015-10-26}}</ref><ref>{{Cite web|url = http://readwrite.com/2013/09/19/api-defined|title = What APIs Are And Why They're Important|date = September 19, 2013|access-date = 28 October 2015|website = Readwrite|last = Proffitt|first = Brian}}</ref> APIs are sets of requirements that govern how one application can communicate and interact with another. APIs can also allow developers to access certain internal functions of a program, although this is not typically the case for [[web API|web APIs]]. In the simplest terms, an API allows one piece of software to interact with another piece of software, whether within a single computer via a mechanism provided by the [[operating system]] or over an internal or external [[TCP/IP]]-based or non-TCP/IP-based network.<ref name=":0">{{Cite web|title = API Strategy 201: Private APIs vs. Open APIs {{!}} API Design and Strategy|url = http://www.apiacademy.co/resources/api-strategy-lesson-201-private-apis-vs-open-apis/|website = www.apiacademy.co|access-date = 2015-11-02|archive-url = https://web.archive.org/web/20151125194504/http://www.apiacademy.co/resources/api-strategy-lesson-201-private-apis-vs-open-apis/|archive-date = 2015-11-25|url-status = dead}}</ref> In the late 2010sCurrently, many APIs are provided by organisationsorganizations for access with [[HTTP]]. APIs may be used by both developers inside the organisation that published the API or by any developers outside that organisation who wish to register for access to the interface.
== Characteristics ==
Line 12:
===Private API===
A private API is an interface that opens parts of an organisationorganization's backend data and application functionality for use by developers working within (or contractors working for) that organization.<ref>{{Cite web|title = 6 Business Benefits of Private APIs {{!}} Nordic APIs {{!}}|url = http://nordicapis.com/business-benefits-of-private-apis/|website = Nordic APIs|access-date = 2015-11-04}}</ref> Private APIs are only exposed to internal developers therefore the API publishers have total control over what and how applications are developed. Private APIs offer substantial benefits with regards to internal collaboration. Using a private API across an organisationorganization allows for greater shared awareness of the internal data models. As the developers are working for (or contracted by) one organisationorganization, communication will be more direct and therefore they should be able to work more cohesively as a group. Private APIs can significantly diminish the development time needed to manipulate and build internal systems that maximise productivity and create customer-facing applications that improve market reach and add value to existing offerings.
===Open API===
In contrast to a private API, an open API is publicly available for all developers to access. They allow developers, outside of an organisationorganization's workforce, to access backend data that can then be used to enhance their own applications. Open APIs can significantly increase revenue without the business having to invest in hiring new developers making them a very profitable software application.<ref>{{Cite web|title = Beat the risks of managing public, private APIs|url = http://searchsoa.techtarget.com/feature/Beat-the-risks-of-managing-public-private-APIs|website = SearchSOA|access-date = 2015-11-04}}</ref> However, it is important to remember that opening back end information to the public can create a range of security and management challenges.<ref>{{Cite journal|title = iRiS: Vetting Private API Abuse in iOS Applications|publisher = ACM|journal = Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security|date = 2015-01-01|___location = New York, NY, USA|isbn = 978-1-4503-3832-5|pages = 44–56|series = CCS '15|doi = 10.1145/2810103.2813675|first = Zhui|last = Deng|first2 = Brendan|last2 = Saltaformaggio|first3 = Xiangyu|last3 = Zhang|first4 = Dongyan|last4 = Xu}}</ref> For example, publishing open APIs can make it harder for organisations to control the experience end users have with their information assets. Open API publishers cannot assume client apps built on their APIs will offer a good user experience. Furthermore, they cannot fully ensure that client apps maintain the look and feel of their corporate branding.
