APIs can be categorized by access type, which determines who can access them, as opposed to their design patterns like REST or GraphQL. There are four main types of APIs based on access: private, partner, public, and open. Private APIs are used internally within a company and focus on integration and automation, often without strict adherence to standard development rules. Partner APIs are shared with trusted business partners under specific agreements and rules, sometimes involving fees. Public APIs are accessible to anyone, similar to open APIs, but include usage rules and may charge fees, offering a middle ground between open and partner APIs. Open APIs are freely accessible without agreements or fees, though they may not necessarily be open source. Composite and unified APIs stand apart as they are defined by their functionality rather than access type, with composite APIs processing multiple requests as one, and unified APIs simplifying data schemas across various systems. When developing a new API, it's advised to start with strict security and gradually relax it to meet user needs, avoiding potential dissatisfaction from users if previously free data becomes monetized.