Building usable API layer requires balancing between security and usability. Operating API endpoints includes addressing fraud and delivering privacy-by-design. Modern management frameworks and gateways guarantee stateful operations whether the APIs themselves are stateful or not.