Web Terminologies

Skip to first unread message

Nikhhil Anand

Sep 21, 2019, 2:36:51 PM9/21/19
to API Security Project
Hello All,

Can anyone explain to me the difference between API, Web Service, Web Socket and Web Adapters?

I believe this should be added.

Inon Shkedy

Sep 25, 2019, 7:34:09 AM9/25/19
to API Security Project

Thanks for your post.
These topics might be a bit confusing, mostly because they are abstracted concepts.
I'll try to explain at a high level:
  • API & Web Services, from this article :
    "Contrary to what you might think, APIs and web services are not mutually exclusive. In fact, one is a subset of the other: every web service is an API — since it exposes an application’s data and/or functionality — but not every API is a web service."
  • Web Socket: (usually) is a way to implement a duplex TCP socket over port 40/443, so it's compatible with HTTP. Is usually used when the app needs a Bi-directional message pattern and fast reaction time.
  • Web Adapters - I don't know. From a quick google search, I learned that is mostly related to ArcGis ("geographic information system for working with maps and geographic information")

The reasons that these technologies should be added are:
- Web Service: is very similar to APIs. Also, the term "web service" is usually used when we talk about traditional apps. 
The main goal of our project is to address security issues in modern apps, where the term "API" is much more common.
- WebSocket: even though most of the apps that use WebSocket also use APIs, those are different technologies. 
We don't try to cover every single technology in modern web applications. 
If we did, we would also need to add tips for mobile / IOT / NoSQL/ /etc, which would make the list way too long.
Nevertheless, almost all the issues that are relevant to APIs are also relevant to WebSocket. 
- Web Adapters: it's a niche technology 
Reply all
Reply to author
0 new messages