What is an API?

Speed counts in the cloud. But without seamless connections between applications, data and services, potential remains untapped. This is exactly where APIs come into play - they are the backbone of modern software architectures and enable standardized access to digital resources.

With the STACKIT API, the Schwarz Group's European cloud platform provides powerful program interfaces that companies can use to automatically create, manage and integrate applications - securely, documented and GDPR-compliant.

Whether for infrastructure management, service management or the development of your own solutions: STACKIT's API offers developers maximum flexibility without compromising on data protection and security. Read on to find out how your company can benefit from this.

• API (Application Programming Interface): A program interface via which software components exchange information. APIs enable automated processes and the integration of different applications and systems.
• CLI (Command Line Interface): A text-based interface through which developers interact with APIs - often used in cloud development.
• Cloud management: The control and monitoring of cloud resources - often automated via APIs and integrated into existing software environments.
• JSON (JavaScript Object Notation): A data format used to transfer information in REST APIs - readable by humans and machines.
• Program interface: Synonym for API - enables communication between software components, often via the internet or an internal network.
• REST (Representational State Transfer): A widely used architectural principle for web APIs that relies on standardized HTTP requests (e.g. GET, POST, PUT). Most modern APIs - including STACKIT - are based on REST and support mobile applications.
• Service: A single digital offering within a cloud platform - e.g. a database, a server or a monitoring tool.
• SOAP (Simple Object Access Protocol): An XML-based protocol for exchanging structured information. Used for APIs in certain business applications, but is more complex than REST.
• STACKIT API: The central interface for managing STACKIT products. Among other things, it enables the setup, modification or deletion of cloud resources such as servers, databases or storage services.
• Token / authentication: Security mechanisms that control access to APIs - for example via a personal API token that is generated when logging in.

An API - short for Application Programming Interface - is a defined programming interface through which applications communicate with each other. It provides functions with which external systems can access services or data without knowing their internal logic. For companies, this means that complex software becomes modular, scalable and easier to integrate.

APIs are omnipresent: whether retrieving weather data, logging in via a third-party provider or accessing cloud resources - an API is used in the background every time. In modern IT architectures, they are the key to exchanging information and connecting individual services.

APIs as a bridge between systems

At their core, APIs offer a standardized way to call up functions - similar to a plug on an electrical device. Access is precisely regulated: Only defined data and functions are available, everything else remains protected. This principle protects sensitive content and increases security. STACKIT uses APIs to make its cloud products efficient to use. Modern standards such as REST and JSON are used. This makes it possible to set up new servers, configure applications or control backups - directly from your own code.

REST vs. SOAP - two paths to the goal

REST-based APIs dominate software development today. They are lightweight, work with familiar web standards (HTTP, URLs) and are particularly suitable for mobile applications, web services and microservices architectures.

SOAP, on the other hand, is mainly used in traditional corporate environments, such as ERP systems. It offers extended functions such as transaction security, but is more complex to use.

STACKIT clearly relies on REST, as this architecture offers a modern, simple and widely used method for accessing cloud services. Developers benefit from clear structures, well-documented endpoints and quick access.

Focus on security: access only for authorized users

Security is also a key issue for APIs. STACKIT uses authentication mechanisms such as API tokens, role-based access and encrypted transmissions to ensure that only authorized persons and systems are granted access to interfaces. In addition, customers can restrict API access in a targeted manner - for example via IP filters, time-limited tokens or integration into existing identity solutions.

API-First - a new development model

More and more companies are adopting the API-first approach when developing new applications: the interface is designed first, followed by the actual applications. This approach increases the reusability of components, promotes integration into other systems, including with partners, and shortens the development time. With STACKIT's well-documented API architecture, this path is also open to your teams - whether for the development of services, the integration of external partners or the automated management of your resources.

The STACKIT programming interface was developed to make direct access to your cloud resources as easy and secure as possible for you and your partners. With the following recommendations, you can improve your workflows, increase security and get the most out of your application and infrastructure.

1. Use documentation consistently: STACKIT's official API documentation provides detailed information on all available endpoints, parameter descriptions, response codes and examples of typical web applications. This is an indispensable resource, especially when integrating into your own applications or setting up automation. Example: Would you like to set up a new server or database service via API? The documentation not only provides the right schema, but also tips on authentication and configuration.
2. Make authentication secure: Personal tokens are used when logging in via the API. These should never be stored in plain text or publicly accessible in code repositories. Instead, use secure environment variables and role-based access controls. STACKIT also offers the option of regularly renewing or specifically blocking tokens - an important measure for your security management.
3. Targeted use of automation: A major advantage of the STACKIT API is the ability to automate recurring processes - such as starting up new development environments, scaling resources during peak loads or making backups available. These automations can be integrated into CI/CD pipelines or controlled via scripts - and thus provide a reliable basis for recurring processes. This increases efficiency and reduces human error, especially for complex applications.
4. Monitor and deploy resources in a targeted manner: With the STACKIT API, you can not only create your cloud resources, but also manage them - for example, pause or delete temporary environments to save costs. Regularly check which services are being actively used and adjust configurations if necessary. Example: A test environment that is only needed during the day can be automatically deactivated at night - directly via the interface.
5. Tackle errors in a targeted manner: The API provides structured feedback in the event of errors - for example through HTTP status codes or explanatory JSON messages. Use these actively in the code to be able to react automatically to problems (e.g. in the event of failed logins or invalid entries). This improves the reliability of your application and enables stable interaction between all components.

STACKIT's API provides companies with a modern, secure and powerful program interface that can be used to automatically create, manage and scale cloud resources.

Thanks to its REST architecture, clear documentation and comprehensive security, it enables simple integration into existing applications and workflows. You always retain control - over functions, access rights and resources used.

STACKIT impresses with an infrastructure with data centers in Germany and Austria that meets the highest requirements for data protection, reliability and compliance. For developers, IT teams and partners, the API offers direct access to all relevant services - whether servers, databases or management functions.

The STACKIT API is the perfect interface for anyone who wants to develop their applications flexibly, integrate existing solutions or build new products in the cloud. Secure, documented and immediately available.

What exactly can I control with the STACKIT API?

The API provides access to numerous STACKIT Cloud services - such as setting up and managing servers, databases, networks and storage services. Administrative tasks such as configuring security rules or reading status information are also possible. The functions are continuously being expanded.

How secure is the API?

The STACKIT API uses modern authentication methods such as API tokens and supports encrypted communication. Access can be restricted to certain roles, IP addresses or time windows. All data remains in certified data centers within Germany and Austria - fully GDPR-compliant.

Is the API also suitable for automated workflows?

Yes, the API is ideal for use in CI/CD pipelines, scripts and automations. Many customers and partners use it to set up development and test environments, scale systems or monitor processes - quickly and repeatably.

What support do developers receive?

STACKIT provides extensive technical documentation available. It contains information on all available endpoints, examples, error codes and authentication mechanisms. Technical support is also available for individual questions.

How do I get started with the STACKIT API?

You can get started via the STACKIT Cockpit, where you can log in and create personal API tokens. You can then use the REST API directly via HTTPS - for example via cURL, scripts or your preferred tool. The documentation provides step-by-step examples and explains how to efficiently integrate individual services into your applications.