Awesome Secure SaaS APIs
Awesome Secure SaaS APIs is an awesome style list that curates the security aspects of SaaS and SaaS APIs so that you can evaluate them and make your infosec decisions faster.
- AI APIs
- API Analytics/Monitoring
- API Design/Documentation Platform
- API Industry Specifications
- API Management/API Gateway
- API Oriented IT Consulting Firms
- API Platforms
- API Testing
- API-Developer Portals
- Access Level and Identity Management
- Accounting APIs
- Automation/Orchestration APIs
- Backend as a Service
- Blockchain APIs
- Cloud Storage API
- DBaaS
- Data Management API
- Data-as-a-service
- Delivery APIs
- Ecommerce APIs
- Email API
- Fax/Mail/Voice
- GraphQL
- Headless CMS API
- Headless Ecommerce APIs
- Healthcare
- Human Resources APIs
- Human as a service APIs
- IOT Platforms/Networks/Devices API
- Infrastructure/Cloud/Serverless APIs
- KYC APIs
- Login APIs
- Marketing/Analytics
- Messaging APIs/CPaas
- Open Banking APIs
- Payment APIs
- Search Engine APIs
- Smart Home
- Streaming APIs
AI APIs
API Analytics/Monitoring
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
API Fortress | https://apifortress.com/ | |||||||
|
API Science | https://www.apiscience.com/ | |||||||
|
APImetrics | https://apimetrics.io/ | |||||||
|
Moesif | https://www.moesif.com/ | |||||||
|
Repustate | https://www.repustate.com/ | |||||||
|
Runscope by Broadcom | https://www.runscope.com/ |
API Design/Documentation Platform
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
AutoSwagger by APIZR | https://autoswagger.apizr.io/ | |||||||
|
Blobr | https://www.blobr.io/ | |||||||
|
Datahive by APIZR | https://www.datahive.ca/ | |||||||
|
Deployd | https://deployd.com/ | |||||||
|
Lucybot | https://lucybot.com/ | |||||||
|
Optic | https://opticsinc.com/ | |||||||
|
Oracle apiary | https://apiary.io/ | |||||||
|
ReadMe | https://readme.com/ | |||||||
|
StopLight | https://stoplight.io/ | |||||||
|
Superface | https://superface.ai/ | |||||||
|
Swagger.io by Smartbear | https://swagger.io/ | |||||||
|
swaggerhub by smartbear | https://swagger.io/tools/swaggerhub/ |
API Industry Specifications
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
AsyncAPI | https://www.asyncapi.com/ | |||||||
|
Berlin group | https://www.berlin-group.org/ | |||||||
|
Open Banking UK | https://www.openbanking.org.uk/ | |||||||
|
Open Insurance Initiative | https://openinsurance.io/ | |||||||
|
OpenAPI Initiative | https://www.openapis.org/ | |||||||
|
stet api | https://www.stet.eu/en/psd2/ |
API Management/API Gateway
API Oriented IT Consulting Firms
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
APIIDA | https://apiida.com/ | |||||||
|
APIZR | http://www.apizr.fr | |||||||
|
Apiware | http://www.apiware.io/ | |||||||
|
Byteflair | https://byteflair.com/ | |||||||
|
EveryDeveloper | https://everydeveloper.com/ | |||||||
|
FiveByFive | http://thefivebyfive.com | |||||||
|
Hexgrid Consulting | http://www.hexgrid.io | |||||||
|
Innovation Process Technology AG | https://ipt.ch/en/ | |||||||
|
LaunchAny | https://launchany.com/ | |||||||
|
Les Tilleuls Coop | https://les-tilleuls.coop/en | |||||||
|
Octo Tehcnology | https://www.octo.com/en/ | |||||||
|
Onyx | https://www.onyxinc.ca/ | |||||||
|
Platinion by BCG | https://bcgplatinion.com/ | |||||||
|
Pronovix | https://pronovix.com/ | |||||||
|
Truefit | https://www.truefit.com/en/Home | |||||||
|
Vanick Digital | http://www.pkglobal.com |
API Platforms
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Bearer.sh | https://www.bearer.sh/ | |||||||
|
Cloud Elements | https://cloud-elements.com/ | |||||||
|
CloudRail | https://cloudrail.com/ | |||||||
|
RapidAPI | https://rapidapi.com/ | |||||||
|
SnapLogic | https://www.snaplogic.com/ | |||||||
|
VisuAI APIs | https://vap.is/ | |||||||
|
Xapix | https://www.xapix.io/ |
API Testing
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
AutoSwagger by APIZR | https://autoswagger.apizr.io/ | |||||||
|
Blobr | https://www.blobr.io | |||||||
|
Datahive by APIZR | https://www.datahive.ca/ | |||||||
|
Parasoft | https://www.parasoft.com/ | |||||||
|
Paw | https://paw.cloud/ | |||||||
|
Postman | https://www.postman.com/ | |||||||
|
StopLight | https://stoplight.io/ | |||||||
|
Superface | https://superface.ai/ | |||||||
|
optic | https://opticsinc.com/ | |||||||
|
runscope by broadcom | https://www.runscope.com/ | |||||||
|
smartbear software | https://smartbear.com/ | |||||||
|
vREST | https://vrest.io/ |
API-Developer Portals
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
APICloud | https://www.apicloud.com/ | |||||||
|
APIMatic | http://apimatic.io/ | |||||||
|
Hitch | https://hitch.works/ | |||||||
|
Restlet | http://restlet.com |
Access Level and Identity Management
Accounting APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Billecta | https://billecta.com/ | |||||||
|
Debitoor | https://debitoor.com/ | |||||||
|
Expensify | https://www.expensify.com/ | |||||||
|
FreeAgent | https://www.freeagent.com/en/ | |||||||
|
Intuit | https://www.intuit.com/ | |||||||
|
KashFlow | https://www.kashflow.com/ | |||||||
|
Quickbooks | https://quickbooks.intuit.com/global/ | |||||||
|
Sage Intacct | https://www.sageintacct.com/ | |||||||
|
Subledger | http://subledger.com/ | |||||||
|
TrueLayer | https://truelayer.com/ | |||||||
|
e-conomic | https://www.e-conomic.com/ |
Automation/Orchestration APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Azuqua | https://azuqua.com/ | |||||||
|
CloudWork | https://cloudworks.co/ | |||||||
|
Cyclr | https://cyclr.com/ | |||||||
|
Dome9 | https://secure.dome9.com/v2/ | |||||||
|
IFTTT | https://ifttt.com/ | |||||||
|
Usermind | https://www.usermind.com/ | |||||||
|
Zapier | https://zapier.com/ | |||||||
|
elastic.io | https://www.elastic.io/ | |||||||
|
tray.io | https://tray.io/ |
Backend as a Service
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
AnyPresence | http://www.anypresence.com | |||||||
|
ApiOmat | http://www.apiomat.com/ | |||||||
|
Backendless | https://backendless.com/ | |||||||
|
BrightWork | https://www.brightwork.com/ | |||||||
|
Convertigo | https://www.convertigo.com/ | |||||||
|
Dark | https://darklang.com/ | |||||||
|
Firebase | https://firebase.google.com/ | |||||||
|
GoodBarber | https://www.goodbarber.com/ | |||||||
|
Kii | https://en.kii.com/company/ | |||||||
|
Kinvey | https://www.progress.com/kinvey | |||||||
|
Kumulos | https://www.kumulos.com/ | |||||||
|
Materia | http://www.materia-inc.com | |||||||
|
PerfectlySoft | http://perfect.org | |||||||
|
Sencha | https://www.sencha.com/ | |||||||
|
axway appcelerator | https://www.appcelerator.com/ |
Blockchain APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
BiiLabs | https://biilabs.io/ | |||||||
|
Bitbutter | http://www.bitbutter.com/ | |||||||
|
Bitcore | https://bitcore.io/ | |||||||
|
Coinkite | https://coinkite.com/ | |||||||
|
Luno | https://www.luno.com/en/ | |||||||
|
Qredo | https://www.qredo.com/ | |||||||
|
block.io | https://block.io/ | |||||||
|
blockcypher | https://www.blockcypher.com/ |
Cloud Storage API
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
CloudVelox | http://www.cloudvelox.com | |||||||
|
Kloudless | https://kloudless.com/ | |||||||
|
Netlify | https://www.netlify.com/ |
DBaaS
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
DreamFactory | https://www.dreamfactory.com/ | |||||||
|
SlashDB | https://www.slashdb.com/ | |||||||
|
XtraLife | https://xtralife.cloud/ | |||||||
|
restdb.io | https://restdb.io/ |
Data Management API
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
ChaosSearch | https://www.chaossearch.io/ | |||||||
|
LingK | https://www.lingk.io/ | |||||||
|
OpenDataSoft | https://www.opendatasoft.com/ | |||||||
|
Timekit | https://www.timekit.io/ | |||||||
|
WhoAPI | https://whoapi.com/ | |||||||
|
aWhere | https://www.awhere.com/ |
Data-as-a-service
Delivery APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
EasyPost | https://www.easypost.com/ | |||||||
|
Everoad | https://www.everoad.com/en/ | |||||||
|
Shippo | https://goshippo.com/ |
Ecommerce APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
API2Cart | https://api2cart.com/ | |||||||
|
BigCommerce | https://www.bigcommerce.com/ | |||||||
|
Campus Credit | https://campuscu.com/ | |||||||
|
Chec | https://chec.org/ | |||||||
|
Crystallize | https://crystallize.com/ | |||||||
|
Elastic Path | https://www.elasticpath.com/ | |||||||
|
Four51 | https://four51.io/ | |||||||
|
Foxy.io | https://foxy.io/ | |||||||
|
Impala | https://impala.apache.org/ | |||||||
|
Moltin | https://moltin.com/ | |||||||
|
NextPax | https://nextpax.com/ | |||||||
|
OpenChannel | https://openchannel.io/ | |||||||
|
Plaid | https://plaid.com | |||||||
|
Schema | https://schema.org/ | |||||||
|
Semantics3 | http://www.semantics3.com | |||||||
|
Shipitwise | www.shipitwise.com/ | |||||||
|
Shippify | https://www.shippify.co/ | |||||||
|
Snipcart | https://snipcart.com/ | |||||||
|
commercetools | https://commercetools.com/ |
Email API
Fax/Mail/Voice
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
ActualReports | https://actualreports.com/ | |||||||
|
Bandwidth | https://www.bandwidth.com/ | |||||||
|
CloudPrinter | https://www.cloudprinter.com/ | |||||||
|
Gini | https://gini.net/ | |||||||
|
Hsenid Mobile | https://www.hsenidmobile.com/ | |||||||
|
IPerity | https://www.talksome.com/ | |||||||
|
Interfax | https://interfax.com/ | |||||||
|
Lob | https://www.lob.com/ | |||||||
|
Mailchimp | https://mailchimp.com/ | |||||||
|
Phaxio | https://www.phaxio.com/ | |||||||
|
Pwinty | https://pwinty.com/ | |||||||
|
Sipwise | https://www.sipwise.com/ | |||||||
|
Tokbox | https://www.vonage.com/ | |||||||
|
TouchNote | https://touchnote.com/ | |||||||
|
Voicebase | https://www.voicebase.com/ |
GraphQL
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Meteor | https://www.meteor.com/ | |||||||
|
Prisma | https://www.prisma.io/ | |||||||
|
Reindex | https://www.ibm.com/docs/en/netezza?topic=reference-reindex-database | |||||||
|
Tipe | https://tipe.io/ |
Headless CMS API
Headless Ecommerce APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Crystallize | https://crystallize.com/ | |||||||
|
Foxy.io | https://foxy.io/ | |||||||
|
Moltin | https://moltin.com | |||||||
|
Snipcart | https://snipcart.com/ |
Healthcare
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
BloomAPI | www.bloomapi.com/ | |||||||
|
Eligible | https://eligible.com/ | |||||||
|
Healthgraphic | https://www.healthgraphic.com/ | |||||||
|
Imin | https://www.imin.co/ | |||||||
|
Medable | https://www.medable.com/ | |||||||
|
PokitDok | pokitdok.com | |||||||
|
Redox | https://redox.com/ | |||||||
|
TrueVault | https://www.truevault.com/ | |||||||
|
drchrono | https://www.drchrono.com/ |
Human Resources APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
CRIME FINDERS | http://crimefindersinc.com | |||||||
|
Checkr | https://checkr.com/ |
Human as a service APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Amazon Mechanical Turk | https://www.mturk.com/ | |||||||
|
Dell EMC ScaleIO | http://www.scaleio.com | |||||||
|
Figure Eight | http://www.figure-eight.com |
IOT Platforms/Networks/Devices API
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Droplit | https://www.droplit.io/ | |||||||
|
MachineShop | https://www.machineshop.co.uk/ | |||||||
|
Microshare | https://www.microshare.io/ | |||||||
|
Sirqul | https://corp.sirqul.com/ | |||||||
|
Structo | https://www.structo3d.com/ | |||||||
|
Temboo | https://temboo.com/ | |||||||
|
ThingSpeak | https://thingspeak.com/ | |||||||
|
Xively | www.xively.com/ |
Infrastructure/Cloud/Serverless APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
AWS Lambda | https://aws.amazon.com/lambda/ | |||||||
|
Algorithmia | https://algorithmia.com/ | |||||||
|
Auth0 Extend | https://goextend.io/ | |||||||
|
Binaris | binaris.com | |||||||
|
CloudBoost | https://cloudboost.io/ | |||||||
|
Cloudflare Workers | https://workers.cloudflare.com/ | |||||||
|
IBM cloud | https://www.ibm.com/cloud?cm_sp=Scheduler--CopyChng2--C | |||||||
|
Netlify | https://www.netlify.com/ | |||||||
|
Pachyderm | https://www.pachyderm.com/ | |||||||
|
Protonet | https://protonet.com/ | |||||||
|
Spotinst | https://spot.io/ | |||||||
|
StdLib | https://www.tutorialspoint.com/ |
KYC APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Facephi | https://www.facephi.com/es/ | |||||||
|
Mitek | https://www.miteksystems.com/ | |||||||
|
Onfido | https://onfido.com/ | |||||||
|
Passbase | https://passbase.com/ | |||||||
|
Trulioo | https://www.trulioo.com/ | |||||||
|
Veratad | https://veratad.com/ |
Login APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Akamai Social | https://janrain-education-center.knowledgeowl.com/home/implementing-social-login | |||||||
|
Auth0 | https://auth0.com/ | |||||||
|
Avatier | https://www.avatier.com/ | |||||||
|
Cloudentity | http://www.cloudentity.com | |||||||
|
Janrain | https://www.akamai.com/ | |||||||
|
Lastpass | https://www.lastpass.com/ | |||||||
|
LoginRadius | https://www.loginradius.com/ | |||||||
|
OAuth.io | https://oauth.io/ | |||||||
|
OKTA | https://www.okta.com/ | |||||||
|
RSA Secure ID | https://www.securid.com/ | |||||||
|
SAP Customer data cloud | https://community.sap.com/topics/customer-data-cloud | |||||||
|
SecureAuth | https://www.secureauth.com/ | |||||||
|
UnifyID | https://unify.id/ |
Marketing/Analytics
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Conductrics | https://conductrics.com/ | |||||||
|
Phizzle | https://www.phizzle.com/ | |||||||
|
Qrvey | https://qrvey.com/ | |||||||
|
Segment | https://segment.com/ | |||||||
|
Sendgrid | https://sendgrid.com/ |
Messaging APIs/CPaas
Open Banking APIs
Payment APIs
Search Engine APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Algolia | https://www.algolia.com/ | |||||||
|
Elastic | https://www.elastic.co/ | |||||||
|
Exalead | https://www.exalead.com/ | |||||||
|
LucidWorks | https://lucidworks.com/ | |||||||
|
Sinequa | https://www.sinequa.com/ |
Smart Home
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Alexa Internet | https://www.alexa.com/ | |||||||
|
Flatout Technologies | www.flatout-technologies.com | |||||||
|
Indigo Domotics | https://www.indigodomo.com/ | |||||||
|
Muzzley | https://www.muzzley.com/ | |||||||
|
Netatmo | http://www.netatmo.com/ | |||||||
|
Sensorist | https://sensorist.com/ |
Streaming APIs
API | Website | SoC2 | PCI | GDPR | ISO27001 | HIPAA | Bounty | Disclosure | |
---|---|---|---|---|---|---|---|---|---|
|
Ably | https://ably.com/ | |||||||
|
DaCast | https://www.dacast.com/ | |||||||
|
Evercam | https://evercam.io/ | |||||||
|
Fanout | https://fanout.io/ | |||||||
|
Firebase | https://firebase.google.com/ | |||||||
|
Gamooga | https://gamooga.com/ | |||||||
|
Hydna | www.hydna.com | |||||||
|
MyStream | https://www.mystream.com/en/ | |||||||
|
PubNub | https://www.pubnub.com/ | |||||||
|
Pusher | https://pusher.com/ | |||||||
|
Streamdata.io | https://www.axway.com/en/streamdataio | |||||||
|
baasil.io | http://www.baasil.io/ |