APIs basically provide interconnections that enable communication and integration between different applications.
APIs can be attacked by hackers in multiple ways hence, protecting APIs, especially public ones, has become a necessity for secure data handling.
One of the essential ways to do the same is by using strong authentication and authorization. Obsolete and insecure methods can become the primary cause of broken authentication.
Further, API calls should be monitored closely to prevent unauthorized access. Encryption can be used for a safer entry process. In simple words, providing as many layers as one can, will mitigate the risk.
Using software such as "User Behavior Analytics" can draw a line between good and bad requests on APIs and protect it from unwanted access. Apart from that incoming calls can be scanned for any malicious activity.
It is being recommended by many esteemed organizations that effective API security measures should be implemented to keep them protected from attackers and above mentioned best practices can play a vital role in the same.