Professional Documents
Culture Documents
e-ISSN 2476-9266
p-ISSN: 2088-9402
Doi:10.17933/jppi.2019.090201
Naskah Diterima: 16 January 2018; Direvisi : 21 May 2019 ; Disetujui : 18 September 2019
Abstract
Indonesia places the fifth position of the most internet users in the world. Consequently, data transaction
through HTTP protocol saw an increase. An open API can facilitate Indonesia's users to access data and build
application through HTTP protocol. In this paper, 38 open APIs were investigated and classified by using five
criteria, namely technology, authentication, scope, source, and approval request. In general, the open APIs
in Indonesia employ RESTful as a web service and JSON format as data format. In term of authentication,
API key is a common method in most of open APIs.
85
Jurnal Penelitian Pos dan Informatika, Vol.09 No 2 December 2019: page 85-96
open government to drive its citizens' involvement in This section describes a list of public APIs that are
used in Indonesia.
development. Moreover, the open government can
A. BukaLapak
enforce all administrative units to involve the citizen
Bukalapak API is an e-commerce API which is
in the development planning process through
officially developed by Bukalapak1 Development
"Perencanaan Pembangunan (development
team. The API provides open API to develop
planning)" forum [21]. Meanwhile, on an economic
innovative third-party software Development
viewpoint, based on Global B2C E-Commerce
Competition. Bukalapak API provides products,
Report 2016, Indonesia experienced approximately
transactions, and users. Bukalapak API uses REST
60% E-commerce sales growth in 2015[3]. Piao
technology to communicate between Bukalapak
concluded that an open API platform could facilitate
server and clients and uses JSON format for
the development of the innovative application for
communication.
third-party developers namely 1) establishing a
B. MatahariMall API for Seller
business without significant investment both in
Similar to Bukalapak, MatahariMall API is also
software and hardware; 2) contributing to driving
an e-commerce API which is officially developed by
traffic to the platform[4]. As a result, the open API
the MatahariMall2 Develompment team. The API
technologies potentially broaden the E-commerce
documentation provides various resources reference
business model and boost the sales growth of the e-
for product management modules and order
commerce business.
management modules from a Seller Center API.
However, to date, Indonesia is lacking open API. In
Both modules are at a high level and intended for
1 2
https://www.bukalapak.com/ https://www.mataharimall.com/
86
Indonesia’s Public API (Nur Aini Rakhmawati et al)
D. Bisatopup
H. Hot Thread Kaskus (Un-official)
Bisatopup API enables a user to create apps for
Hot Thread Kaskus API is an unofficial Kaskus6
purchasing mobile phone prepaid credits, Internet
forum API Developed by Bayyu7 using a web
Packages, electricity tokens, Game Vouchers and
scraping technique. The API was developed using
bills payment through bisatopup.com. The API
REST technology and using the JSON format for
consists of Product List, Product Price, Check Bills.
communication between clients and server.
Bisatopup officially develops the API by using the
REST technology and JSON format for I. Data Jakarta
communication. Jakarta smart city8 Is one of the initiatives for
3 6
https://www.tiket.com/affiliate https://www.kaskus.co.id/
4 7
https://midtrans.com Bayyu.net
5 8
https://ipaymu.com/ http://api.jakarta.go.id/
87
Jurnal Penelitian Pos dan Informatika, Vol.09 No 2 December 2019: page 85-96
Indonesia open government. Jakarta API that is TIKI, etc. RajaOngkir API employs RESTful where
developed by Jakarta Smart City. It provides a public the data are taken from each of the expedition
data service in Jakarta as such as data on the region, websites to maintain data accuracy.
hospitals, CCTVs, busway routes, etc. The API uses
O. Jadwal Shalat
REST technology and JSON format for
This API presents prayer time schedule by city
communication between client and server.
or date. The API is located on
J. Kaskus API https://www.wahidganteng.ga/api/jadwal-sholat.
Kaskus API is an API for accessing the most popular This API developed by Wahid.
forum in Indonesia. Kaskus API base URI is located
P. Ayo Donor PMI
at https://www.kaskus.co.id/api/oauth (without
Ayo Donor PMI API can capture Indonesian
trailing slash) and will be referred to BASE_URI.
Red Cross' activities, particularly in terms of
The API is RESTful. Data is exposed in the form of
bloodstock. This API consists of Blood Stock, and
URIs that represent resources and can be fetched
Blood Transfusion schedule. This API is developed
with HTTP clients (like web browsers). This API is
by iBachor.
developed by Kaskus Development team.
Q. Halal Product MUI
K. Tanggal Lahiran Pasaran Zodiak
Halal Product MUI is an API for searching halal
This API developed by iBachor is used to learn
products registered by the Indonesia Ulema Council
the signs of zodiacs based on date of birth. It also
(MUI). The API provides information including
shows details on date of birth, age, and birthday.
product names, certificate number, manufacturers,
L. Cek Resi and validity period of the halal certificate. This API
This API is used for tracking receipt of the is developed by iBachor9. The Halal data are
popular expeditions companies in Indonesia such as obtained from the MUI halal product website. The
JNE, SiCepat, and Wahana. Cek resi API is located API uses RESTful, which provides access to halal
on https://www.wahidganteng.ga/api/cek-resi. information.
9
https://bachors.github.io/
88
Indonesia’s Public API (Nur Aini Rakhmawati et al)
S. Emergency Contact (Police, Firefighter, services of data access and report of Lapor! API.
Hospital) Lapor! Data Access is in JSON format for
information includes the commodity name, unit, and developing the API.
the price. This API was developed by iBachor1 by Y. API Pemilu
scrapping the table of stapple commodities price on
In 2014, Indonesian Association for General
Indonesia's Ministry of Trade's website. It also uses
Elections and Democracy (Perludem), is one of civil
RESTful web service and JSON to provide access to
society organizations that utilizes and optimizes
users.
general election data and information [20]. In
U. Song Lyrics collaboration with the Asia Foundation, Perludem
iBachor also developed an API for searching implements the API for collecting the general
song lyrics by using RESTful as a web service and election data. The collected data is converted to
10 11
https://farizdotid.com/ http://widnyana.web.id/
89
Jurnal Penelitian Pos dan Informatika, Vol.09 No 2 December 2019: page 85-96
1. Operational Fund Management. eCash is used by implementing RESTful web services and JSON.
employee/member account of the organization for BCA APIs are using OAuth 2.0 as the authorization
debiting contributions, claims and deposits from framework. To obtain an access token, a user has to
employees/members to a company. be authorized by a client_id and client_secret. A
2. Receipt of Payment eCash can be used to make signature is used by BCA to verify that attackers do
payments to the Company's Partner (Merchant) not alter the request. This api provides the following
by the eCash holders. It is intended for people services: 1) balance information; 2) account
who do not have a debit or credit card. statement; 3) fund transfer; 4) create payment; 5)
payment status; and 6) general information (foreign
Bank Mandiri Developer officially develops
exchange rate, deposit rate, and nearest ATM
Mandiri e-cash based on RESTful web service
locator).
technology and supported by JSON format as
response protocol. CC. Open Data Kota Bandung
Open Data Kota Bandung developers developed
AA. API BPJS Kesehatan
an API based on CKAN API12. CKAN Action API is
API BPJS Kesehatan is an official API which is
a powerful, RPC-style API that exposes all of CKAN
developed by Social Security Administrative Body
core features to API clients. CKAN API also uses
(BPJS) based on RESTful and JSON technology. To
RESTful web service. The parameters for the API
access the API, a user is required to have a
functions are given in the JSON dictionary. CKAN
Consumer ID and Consumer Confidential data. The
will also return its response in a JSON dictionary.
service consumer only stores consumer-confidential
information to maintain security. The Consumer DD. API Data KPU
confidential information generates a Signature (X- The open data KPU provides web service and
signature). A list of services provided by this API JSON. The data provided includes general election,
are: 1) Finding participants based on the BPJS card; constituency, candidacy, candidate, general election
2) Finding participants by identity card number or results, etc.
NIK; 3) Searching referral data by reference number; EE. Online Pajak
4) Searching referral data based on BPJS card; 5)
As an extension of Online Pajak, its developer
Searching list of referenced patients based on the
developed several open APIs that can be used by
referral date; 6) Making SEP, etc.
third-party client integrator. To access online tax
BB. API BCA services through the API, Online Pajak provides an
Bank BCA develops a list of open APIs which can additional authentication layer. The setup process
be used by third-party developers such as business consists of two steps: 1) create an API key to
banking API, Sakuku API, and General Information. authenticate the market and 2) create a User ID for
BCA developers officially developed those APIs by new user to this market's users list. Online Pajak is
12
https://ckan.org/
90
Indonesia’s Public API (Nur Aini Rakhmawati et al)
used for the preparation, payment and reporting of location, cash withdrawal, balance information,
types of tax returns: VAT, Income 21 and Income third party transfers, payment transfers.
Tax 23.
II. API-H2H Bisnis
FF. Open Data Kota Banda Aceh This API is used for ODEO13 Affiliation to join
Developer of Open Data Kota Banda Aceh their business. API authentication employs tokens.
developed API based on the CKAN API. The CKAN For the JSON format, each request must also include
API also uses a web service and parameters in the an authorization header in the format of token =
JSON dictionary, and CKAN will also return the base64 (MID + ':' + SECRET_KEY) Authorization:
response in the JSON dictionary. The services The carrier responds 401 for an invalid request. It is
provided are 1) checking a site, 2) displaying unnecessary for appending an Authorization header
metadata from a dataset along with data source, 3) in XML format because only MID and
displaying a list of UUIDs from a dataset, displaying SECRET_KEY are required when XML body is
a list of all group names, category list, license list, sent.
revision list, displaying datasets based on latest
JJ. Klik Indonesia API
updates, etc.
Klik Indonesia API is a single sign-on and app
GG. BRI API monetizing services developed by Solusi Dua Satu14.
BRI develops several open APIs that can be used The API uses a REST technology and is available in
by third-party developers such as business banking JSON format.
API, Sakuku API, and General Information. The
KK. Panel-Pedia API
APIs are based on REST and JSON. The BRI’s APIs
Panel-Pedia API is an API for selling a bogus
use OAuth 2.0 as the authorization frame. To obtain
endorsement in social media post as such as
an access token, users must be authorized by
Facebook’s likes, Twitter follows, Instagram likes,
client_id and client_secret. A signature is used by
etc. Panel-Pedia API is developed by Panel-Pedia15
BRI to verify the request not modified by the
using the REST technology and available in JSON
attacker. Some services provided by BRI API are 1)
format.
balance information; 2) mutation info; 3) forex info;
4) make payments; 5) payment status; and 6) general LL. Satu Data Indonesia API
information (foreign exchange rates, and deposit Satu Data Indonesia API is an open data API
rates). initiated by Unit Kerja Presiden Bidang
Pengawasan Pengendalian Pembangunan (UKP-
HH. ATM Bersama API
PPP) or President Staff for monitoring and assessing
This API also implements REST and JSON.
development as a commitment for open government
There are several services provided by this API,
partnership16. The API provides data from the
such as bank code in Indonesia, shared ATM
13 15
https://www.odeo.co.id/ https://panel-pedia.com
14 16
https://kb.klikindonesia.or.id http://data.go.id/tentang/
91
Jurnal Penelitian Pos dan Informatika, Vol.09 No 2 December 2019: page 85-96
ministries of Indonesia, government institutions, easy to understand and is used to represent simple
local government and developed based on CKAN data structures and associative arrays (called
API and available in JSON format. objects). Transmission of structured data through a
network connection to a process called serialization,
OPEN API CRITERIA
often uses JSON. Its main application is on AJAX
In this section, we describe a list of criteria used for web application programming by acting as an
the classification of the mentioned open APIs. There alternative to the traditional use of XML format.
are five criteria, namely technology, authentication, JSON is based on a set of JavaScript
scope, source and approval request. These criteria programming languages (specifically, the third
were selected for their obvious appearance on API edition of standard ECMA-262, December 1999
retrieval. [10]). JSON is a data format independent of a
17 https://data.kpu.go.id/open/v1/doc.php 21 http://docs.ppob.apiary.io
18 http://apidoc.achilles.systems/
19 http://data.bandaacehkota.go.id
20 http://docs.briapi.apiary.io
92
Indonesia’s Public API (Nur Aini Rakhmawati et al)
using HTTP and interacting with the WWW. The OO. Scope
REST allows designing simple XML + HTTP The scope of our work is the scope API, based on
interfaces that do not follow REST principles but the location where the APIs are implemented at the
instead follow the model of RPC (Remote Procedure national or regional level.
Call)[11].
PP. Source
NN. Authentication
Data provided by an open API can be obtained
There two authentication methods that are widely from either origin sources or scraping websites,
used in the open APIs are Oauth and Apikey. which can be explained as follows:
Further explanation on both methods are as follows: 1. Origin Sources
1. OAuth
Origin sources are persons or organizations who
OAuth is an open protocol for sharing personal created data. The knowledge of the source is for data
resources (e.g. photos, videos, address lists) stored integrity and validity.
on a website with other sites without the need to 2. Scraping
provide a username and password. This process uses
Scraping is a technology solution to extract data
a token, not a username and password, for their data
from web sites, in a quick, efficient and automated
is hosted by a particular service provider. Each token
manner, offering data in a more structured and easier
grants access to a specific site against a specific
way to use the format [18]. Some software
source for a specified duration. [12]
companies have designed different tools that enable
OAuth provides access to third-party sites to
other people to use scraping techniques. These tools
access their information stored on other service
provide an attractive and powerful user interface like
providers without having to share their access or
web data extractors, data harvester, crawling tools, or
overall data permissions. How it works is similar to
web content mining tools.
using a credit card and signing a transaction slip,
without giving out its ATM card and PIN. QQ. Approval Request
2. ApiKeyThe When a user wishes to access an API, sometimes
ApiKey is one of the authentication methods to an approval request process pops up, requiring users
access API from another website. Usually in the form to complete it before accessing the API. API may be
of code taped to other applications. Some Open APIs called by the application that creates approval
use ApiKey for access, and few others do not use it. requests in order to submit a newly-created request
To obtain an ApiKey, a user must register to API for the user to the appropriate approver [19] which is
provider. automatically approved, or application should
approve user manually.
93
Jurnal Penelitian Pos dan Informatika, Vol.09 No 2 December 2019: page 85-96
94
Indonesia’s Public API (Nur Aini Rakhmawati et al)
Approval Approval
APIs Scope Source APIs Scope Source
Request Request
Tiket.com National Origin Automatical Source using
API Source ly approved KeyToken
by the Postal Code National Scraping None
system API Pemilu National Origin Automatical
Bisatopup National Origin Automatical Source ly approved
Source ly approved by the
by the system
system Mandiri e- National Origin Manually
Jurnal API National Origin Automatical cash Source using
Source ly approved KeyToken
by the API BPJS National Origin Automatical
system Kesehatan Source ly approved
Midtrans – National Origin Automatical by the
Payment Source ly approved system
gateway by the API BCA National Origin Manually
system Source using
iPaymu National Origin Automatical KeyToken
Source ly approved Open Data Regiona Origin Automatical
by the Kota l Source ly approved
system Bandung by the
Hot thread National Web Manually system
Kaskus (un- scrappin using API Data National Origin None
official) g KeyToken KPU Source
Data Jakarta Regiona Origin Automatical Online Pajak National Origin None
l Source ly approved Source
by the Open Data Regiona Origin Automatical
system Kota Banda l Source ly approved
Kaskus API National Origin None Aceh by the
source system
Tanggal National Scraping None BRI API National Origin Manually
Lahiran Source using
Pasaran KeyToken
Zodiak ATM National Origin Manually
Cek Resi National Scraping None Bersama API Source using
Paket ID National Scraping None KeyToken
Raja Ongkir National Scraping None API-H2H National Origin Manually
Jadwal Shalat National Scraping None Bisnis Source using
Ayo Donor National Scraping None KeyToken
PMI None
Halal Product National Scraping None Klik National Origin Automatical
MUI Indonesia Source ly approved
The departure National Scraping None API by the
of Hajj system
Estimation Panel Pedia National Origin Automatical
Emergency National Scraping None API Source ly approved
Contact by the
(Police, system
Firefighter, Portal Data National Origin Automatical
Hospital) Indonesia Source ly approved
Kemendag National Scraping None API by the
Song Lyrics National Scraping None system
List of local National Scraping None
are in
Indonesia
Lapor! National Origin Manually
95
Jurnal Penelitian Pos dan Informatika, Vol.09 No 2 December 2019: page 85-96
C. Piao and X. Han, “Study on Open APIs of e- O. C. Fernandez, " Web Scraping: Applications and
commerce platforms and design of a third Tools", European Public Sector
party application for Taobao,” Proc. - IEEE Information Platform, Topic Report No.
Int. Conf. E-bus. Eng. ICEBE 2010, pp. 184– 2015/10, 2015.
189, 2010.
P. Gune, A. Deighton, M. Chen, R. Kuo, W. Walcott,
R. P. Nugroho, “A comparison of open data policies " User Interface for Processing Requests for
in different countries,” Delft University of Approval" United States Patent Application
Technology, 2013. Publication, 2010.
Yuhefizar, 10 Jam Menguasai Internet, Teknologi & H. Husein, T. Anggraini, D. Setiawaty, D. Rady,
Aplikasinya + CD. Elex Media Komputindo "API Pemilu: Toward the Smart Election".
Ir. Hendra Wijaya, BS Oracle9i Database. Elex Kusumawardani, R. P., Rakhmawati, N. A.,
Media Komputindo. Wibowo, R. P., Hafidz, I., & Pranantha, D.
(2015). A Prototype of MonVis-Musrenbang:
Ali Zaki & Smitdev Community, SPP AJAX untuk Monitoring and Visualization Application for
Pemula. Elex Media Komputindo. Surabaya Development Plan. ISICO 2015,
2015.
a b David M. Kroenke, Database Processing Jl.2/9.
Erlangga.
96