In this work a security API is proposed which can be customized and used by application developers to include a higher level of security in their application. The objective is to make developers create secure applications without concerning much into the core security aspects such as the mechanism, algorithm and reliability of the security protocols used in it. This API is capable of providing an end-to-end encryption when used for communication and also considered as a provider of Security as a Service. It uses an improved Steganography algorithm based on LSB and Complement Image rotation. The core functions are developed using PHP and an API is created for external applications to make API calls, so that the SaaS can be accessed by authorized applications. It is platform-independent, meaning it is not designed to serve just one type of client application (in terms of programming language), it can be accessed by different types of apps. The data is encrypted (if necessary) using a random key and converted into binary format and embedded into a 24-bit RGB cover image. The data is secured in the image which creates no suspicion and provides invisibility, and proven to be secure by performing benchmark tests by comparing stegoimages provided by different algorithms and also resisted statistical and visual attacks. © 2019, Springer Nature Singapore Pte Ltd.