Application programming interfaces are critical to provide levels of system access permissions for particular groups of users, but they also present a big problem: Authorization using APIs provides a convenient backdoor for potential attacks, not to mention that APIs can become brittle and consume hours to debug and fix.

Source: SiliconANGLE