What does API authentication ensure?

API authentication primarily focuses on verifying the identity of users or systems attempting to access an API. This means it checks credentials, such as API keys, tokens, or other forms of identification, to confirm that the entity requesting access is who they claim to be. By implementing authentication mechanisms, APIs can ensure that only authorized users or systems can interact with them, enabling secure access to resources and services.

In contrast, ensuring the integrity of data being transmitted relates more to data validation and security protocols like encryption, rather than authentication itself. Limiting the number of requests made to an API is a feature of rate limiting, which controls how often an API can be called, preventing abuse or overuse. Tracking user activity involves monitoring and logging actions taken by users over time, often for analytics or security purposes, but this is not the central purpose of authentication.