Workato allows for callable recipes to be turned into an API endpoint. This means that your callable recipes can be called and used by someone who doesn't need to have access to your Workato account, provided that:
1) They have a confidential API token generated by you.
2) The callable recipe they're trying to call is active and they have been enabled for access by the API owner.
API calls can be made from Workato receipes in other accounts (using the HTTP Connector) or by tools, programs and scripts that are completely outside of Workato.
API Management tools in Workato allow a Workato user to control and monitor access to APIs associated with their account's recipes. API Management is available from the Tools menu.
API Management Tool
An endpoint is a single callable REST interface. It has an associated public URL. Calls to the URL initiate a recipe that has a Callable Action as a trigger.
Endpoints are organized into API Collections. An API Collection is a set of Endpoints that can be managed together.
A client is a user to whom access to one or more API Collections can be granted.
A single client can have one or more Access Profiles. An Access Profile specifies one or more API Collections to which the client has access, and is optionally associated with an Access Policy.
An Access Policy can be used to set restrictions on the usage of an API. A single policy can be associated with one or more Access Profiles.
An API token grants access to all the API Collections within an Access Profile. Technically, an API token is a string that is passed in the HTTP header with the name "API-Token."
See the following pages for more details on API management: