An API refers to the application programming interface which is basically the middleware between your application and the server. An API can be used to interact with the server by passing some parameters and getting some result in the response by the server.
There are several API’s that are used depending on the of developer requirement. The various API such as REST, SOAP or Remote Procedure Call (RPC).
REST is resource based which means that it inherits its operation (GET, POST, PUT, DELETE) from HTTP. This not only helps developers to use it easily but also become easy for the browser to consume it.
REST offers security which is transport dependent while SOAP does not. REST API offers transport level security which means that the message will be secured while it’s on the wire, once it leaves the wire it is not secure anymore.
SOAP API is a little complex as compared to REST API as these API’s returns data in the form of XML which is the acronym for Extensible Markup Language. It is language, platform and transport independent and works well in the distributed environment. It provides built-in error handling facilities.
Since SOAP is a stateful API which means that it maintains the state of the user interaction with the server. SOAP is good for the application which requires a formal contract between a consumer and the API by enforcing the use of contracts provide by WSDL (Web Service Design Language).
SOAP defines its own security which is known as WS- security, which means that SOAP provides message-level security. In this API it is ensured that whatever message is transmitted over channel it will be secured even if it leaves the transport channel.