You can make API calls to query the data in your live Synergist system. The data returned is subject to the permissions of the username and password passed in the API call. The password can be hashed for additional security. See Hashing - Sha512
The Synergist API also provides read/write access to key areas of the system. Since these calls update Synergist records, we would suggest you develop your 3rd party applications using a test-only development system. This will require a separate 4D server and test data. In this way your live data is protected from any errors created during the development process. Similarly, any major or minor Synergist releases should first be applied to your test environment. A major or minor Synergist release can be identified by a change to the version number (e.g. 12.3 to 13.0, or 12.3 to 12.4). You should then re-test any functionality reliant on the Synergist APIs prior to upgrading your live system to the new release.