APIs created with Restlet Cloud can be shared in many different ways. That is why their consumption can be secured by controlling runtime access to your APIs (per method or user group) or limited via IP filtering or rate limitations.


APIs at design time can be either public (the API Description can be accessed by anyone) or private (it is available through access tokens). At runtime, APIs can be invoked by users who belong to the API's consumer groups with sufficient runtime permissions. Some APIs are however open to anyone without authentication. Restlet Cloud provides client SDKs and server skeletons to facilitate APIs invocation by different devices and application.


Restlet Cloud provides you with an Analytics page that gives you information about your API's consumption. You can also keep your community informed via the Messages tab.