While accounts are known to be recognized by their public keys, internally on-chain, they are uniquely identified by fixed-length accounts hashes derived from those public keys. Because of that, in certain contexts, we may know the account hash but not the public key. CSPR.cloud maintains the mapping between account hashes and the corresponding public keys to be able to "de-anonymize" the former when needed by requesting the public key as an optional property.
Let's have a look at the Transfer API, for example. The Transfer object only provides the recipient account hash:
Note the to_public_key property that was added in the second response. It contains the public key that corresponds to the account hash specified in to_account_hash. Please check Transfer Optional Properties to learn about all the optional data that can be included in the Transfer API responses.