Application programming interfaces (API) that connect enterprise applications and data to the Internet are subject to the same vulnerabilities as web applications. Forrester Research says direct external access to transaction updates and mass data that APIs enable subject them to additional threats that web applications rarely encounter. An API basically allows applications or components of applications to communicate with each other over the Internet or a private network. The most common use case for APIs continues to be interoperation between internal tools, systems and reducing development time and cost.”]
Source: https://www.darkreading.com/application-security/insecure-apis-a-growing-risk-for-organizations