Correct JSON API or JSON RPC

What is the JSON API?

Surely many in the know.

JSON - JSON text data exchange format
API - API API

Keywords here: data exchange interface.
')

A, what then is JSON-RPC?

JSON - we already know.

RPC - Remote RPC Procedure Call

We conclude that JSON-RPC is: remote data exchange.

Surely this data exchange will occur with a certain interface, i.e. with API.

And what's the problem?! You ask. And the fact that some programmers are developing JSON API, that is, the interface, forget about JSON-RPC. And the next invention of the bicycle begins. The frontend programmer says: “I will give you such a json”, and Backend the programmer answers: “and I will return this json for you”. And everything would be fine, but it would be nice to remember that smart people have long ago developed standards, or rather, data exchange protocols. And not some very complex, but very simple: JSON-RPC

Probably many, if not to say that almost everyone knows and even uses these protocols. Written a bunch of servers, etc. But personally, not everything suited me in the existing protocols. They seemed to me not flexible enough and not completely logical. As you may have guessed, I decided to invent my json-rpc-1.5 bike.

The main differences from the existing protocols are:

• Optional “sign” parameter - Signature or Token
• In requests, instead of the “param” parameter, the “data” parameter is used, since we always send data, not just parameters.
• In all answers, the result parameter is always returned and the description of the result of the query “success” or “error” is in it.
• All data in the responses come in the parameter "data"
• You can use aliases to name request and response parameters.

It could seem. that the differences are minor, but they are fundamentally important.
By the way, this protocol appeared in practice, i.e. creating json api I used the approach described in this protocol.

PS:

After receiving a bunch of negative comments and minuses, I decided to check again, maybe I really, what am I doing wrong? Naturally, everything I write here is my personal opinion and I do not impose anything on anyone. I will give a couple of examples:
1. Sample request JSON API Yandex Direct :

{ "method": "GetClientInfo", "param": ["agrom"], "locale": "ru", "token": "0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f" } 

They can also read the tokens: Authorization tokens

2. Example from Sberbank API Payment from a mobile application using Apple Pay
I will not bring the JSON request, it is big, you can look at the link.
It is important that the JSON request contains "paymentToken". Here is a link to Apple's token generation requirements.

It is important to understand that API tokens and signatures are often used, naturally along with other security methods. And those who work with all sorts of APIs know this very well.