Third-party APIs
- 04 Jan 2023
- 2 Minutes to read
- PDF
Third-party APIs
- Updated on 04 Jan 2023
- 2 Minutes to read
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
A third-party API is an API that has not been created and maintained by your organization. A third-party API is an API that is developed by an organization or individual besides the primary provider of the software application. Third-party APIs can be used to add additional functionality to an existing software application, or to integrate the application with other software or services. Traceable discovers such third-party APIs based on internal heuristics. These third-party APIs are A rich set of information about the third-party APIs is provided, for example, whether any sensitive information is flowing from your system to such third-party APIs, or the number of calls made in a day, and so on.
Dashboard
Navigate to API Catalog > API Discovery > Third Party to access Third-party APIs..png)
The following table describes the different columns:
| Column Name | Description |
|---|---|
| Name | Name of the third-party domain, for example, abc.com, google.com. |
| Third Party Endpoints | The number of third-party API Endpoints that have been accessed. |
| Caller Services | The services that are calling the third-party APIs. |
| Calls/min | The number of calls per minute made to the third-party APIs. |
| Errors/min | The number of errors per minute faced from the third-party APIs. |
Using the Actions drop-down, you can download a CSV file for the third-party APIs.
Mark backends
A backend may have been misidentified as a third-party backend. You can mark such a misidentified third-party backend as a normal backend. Click on the ... (three dots) in the dashboard to mark the third-party backend as a backend. Similarly, you can mark a backend as a third-party backend from API Catalog > API Discovery > Backend.
Flow map
The Third Party API dashboard also provides a flow map that depicts the flow of traffic to the third-party APIs. The flow map displays the level of sensitive data that flows to the third-party APIs in addition to the caller services that connect to the third-party APIs. Click on the flow map icon as shown in the screenshot above. 
The above flow map screenshot shows that one caller service calls two third-party endpoints. It also displays that sensitive data of high sensitivity is flowing through. You can click on the API Endpoints in the flow map to view the APIs in that service that are calling the third-party Endpoints. For example, the following screenshot shows that eight APIs are calling the third-party APIs..png)
Sensitive data in third-party APIs
You can view the sensitive data flowing through third-party APIs by navigating to API Catalog > API Risk > Sensitive Data. Click on the Third Party tab. You can filter the data based on:
- The third-party API
- The caller service
- The data types. The data types are the type of sensitive data identified by Traceable, for example, credit card CVV, social security number, and so on.
- Data sets. For example, PII data, PCI data, and so on.
- Filter based on sensitivity, for example, critical, high, medium, or low.
You can view Sensitive data for more information.
Was this article helpful?
