Treblle’s 2024 Anatomy of an API finds key API economy trends.

The need for digital transformation, new revenue streams, and increasing decentralization have made API usage proliferate year after year. In the introduction to their most recent Anatomy of an API report, the API intelligence company Treblle examined the skyrocketing popularity of APIs in 2024. “API usage exploded in 2024, primarily driven by the shift to AI and the need to exchange more information in a machine readable format. This, as we all know, is the reason why APIs exist in the first place.”

In this year’s Anatomy of an API report, Treblle analyzed over a billion API calls to over 500,000 endpoints from 15,000 different APIs to create their dataset, revealing all manner of fascinating, valuable insights into the current state of the API industry. We’ve poured over their report to assess some of the leading API trends as we head into 2025!

APIs Are Exploding

The average organization maintains over 1000 APIs. This rapid acceleration in API adoption is largely due to increased AI adoption, cloud-based services, and API-first design. AI adoption is the main reason for API’s popularity in 2024, which has been exponentially driven by the widespread adoption of AI. There has been an 807% increase in AI-related APIs since 2023.

This surge in popularity is a double-edged sword. It’s a sign that more developers and business owners are seeing the value in APIs on the upside. On the other hand, the rush of new developers might not be versed in the latest best practices in API design. There’s been an uptick in APIs written in JavaScript and PHP, for example, due to their popularity. Both have their strengths, but neither one is necessarily the best for creating APIs.

There’s an increasing diversity in industries using APIs, as well. IT services dominate the list, at 48% of the companies surveyed. Finance, health, sales and marketing, government, and telecommunications are some other prominent industries using APIs. There’s also an increasing diversity in countries using APIs. The United States and the UK both make the most API calls, at 17% and 11%, respectively, followed by Germany, the Netherlands, and India. As more industries adopt APIs and send data across international lines, there’s going to be an increasing need for standards of various kinds.

Lack Of Standards

The majority of APIs are organized around REST-based principles. The trouble is that REST is more of a guideline than a set standard, which can cause security issues, improper practices, or poorly performing tools. The lack of standardization also makes it nearly impossible to optimize APIs.

The lack of a clear API standard means there’s no consensus on error codes. For instance, the current best practice recommends returning an HTTP response code instead of just a 200 OK status. Yet, Treblle reports that 10% of 200 OK responses actually contain an error.

A lack of clear guidelines also makes it possible for developers to ignore best practices for naming conventions. It’s recommended that endpoints be named after nouns using plural naming. 77% of endpoints use nouns, but only 16% use plurals. Only 15% use some form of rate limiting, as well. The good news is that 71% use API versioning.

This lack of standardization is causing performance issues in APIs. According to Treblle, the average endpoint load time was 695ms. Of the API calls they monitored, 50% took 150ms or less. This is a 4% decline from 2023, though, suggesting API developers are moving in the wrong direction. Going forward, this could cause a problem, as response times of 150ms or less are optimal for AI.

APIs Are Becoming Increasingly Complex

APIs have nearly doubled in complexity in a single year. In 2023, the average API had 22 endpoints. That number had expanded to 42 by 2024. This is both a blessing and a curse. The rapid surge illustrates the usefulness and popularity of APIs. Larger APIs are harder to secure, though. The increase in endpoints suggests a transition away from microservices in favor of more versatile APIs. Those endpoints are also getting more complex. The number of GET-only requests has fallen by 5%, while the number of POST requests has expanded by 4%.

APIs are Insecure

According to Treblle, the average API has a security score of 40 out of 100. 52% didn’t require any form of authentication, while 55% didn’t use SSL/TLS encryption. One of the greatest API security risks is due to API sprawl — zombie endpoints, the name for API endpoints that are still active yet fall outside of security protocols. The number of zombie endpoints is on the rise, as well. 35% of all endpoints are zombie endpoints in 2024, compared to 24% in 2023.

Combined with the rise in unauthenticated API calls, this suggests an alarming cybersecurity trend. To make matters worse, HTTPS adoption is also on the decline. In 2023, 74% of APIs were using HTTPS. That number fell to 45% in 2024, which could cause problems with encryption.

JavaScript APIs are Below-Average

Treblle reports an average API quality score of 57 out of 100, across all the programming languages they surveyed. JavaScript-based APIs averaged 42 out of 100 by contrast. Express, NodeJS, Fastify, Strapi, or AdonisJS all underperform the average performance monitored by Treblle. Of these, AdonisJS performs the best at 56 out of 100. Based on their criteria, Laraval performed the best out of the SDKs they monitored.

Final Thoughts on 2024 API Trends

The API industry is in an interesting state of transition. API usage is becoming more widespread and mainstream, which is causing a massive surge in the number of APIs created each year. This sudden popularity is paradoxically causing the API industry to move backwards in certain respects. API developers need to follow the latest API best practices if they’re going to be useful for AI or fast enough to power apps. Standardization will allow APIs to be further optimized, making them even faster. With API adoption rising so quickly, it’s vital to implement these best practices now.