Cloud APIs enable communication between cloud-based services, or between cloud-based and on-premise applications.
After reading this article you will be able to:
Copy article link
Cloud APIs are software programs that transfer data between cloud computing services, or between cloud services and on-premise applications.
They represent a subset of application programming interfaces (APIs), an interface that facilitates the transfer of data between software programs. Developers use APIs to share data and functionalities across multiple applications, without the need to rewrite code or rebuild existing functions into new apps.
Cloud APIs can be configured for a wide range of purposes. A few of the most common uses include the following:
While cloud APIs connect services within cloud environments, they may not be compatible with every cloud provider or even be designed to work across different providers’ environments. For this reason, cloud APIs are sometimes categorized by the cloud vendors they support. A vendor-specific cloud API is only designed to work with services from a single cloud provider, while a cross-platform cloud API is compatible with multiple cloud providers.
A cloud API can be configured in many different ways depending on the purpose it serves and the protocol it uses.
Generally speaking, cloud APIs work by sending and receiving requests between cloud services, or from the cloud to an on-premise application. To perform API integrations, each API has specific rules that must be followed before a function can be replicated from one API to the other.
The process of making an API connection is fairly complex, but usually follows these steps:
Often, cloud API integrations require multiple API calls. Because this process can quickly become unwieldy, developers use API gateways — a reverse proxy service that manages API calls from a centralized location. API gateways are responsible for receiving, routing, and delivering API requests and responses. They may also handle rate limiting, authentication, security policy enforcement, and a number of other functions.
For a more in-depth explanation of this process, read What is an API call?
Cloud APIs are often labeled by the layer at which they connect cloud services. Typically, this connection occurs at one of three levels:
To put this into perspective, imagine that Bob wants to outsource the construction of a house. Bob may contact architects, contractors, electricians, interior decorators, and other professionals — all of whom play a distinct role in building and furnishing the house. Similarly, developers use different kinds of APIs when building cloud-based applications or connecting applications to cloud services. Like the team of third-party professionals needed to build a house, each of these APIs helps developers access different functionalities.
Like anything connected to the Internet, APIs are vulnerable to a variety of attacks — from application-layer DDoS attacks to OWASP Top 10 threats. Protecting APIs from abuse requires a layered defense that can prevent, detect, and mitigate incoming attacks.
Cloudflare API Gateway helps organizations discover and catalog shadow APIs, block API data exfiltration, and shield APIs from external and internal threats. Learn more about Cloudflare API Gateway.
About Web Application Security
Learning Center Navigation