What is an API? What does API mean? Explained in Simple English

API (Application Programming Interface) sounds complicated, but it just means “function”!

Photo by Caspar Camille Rubin on Unsplash

An Analogy

When we are interacting with a computer, we don’t need to care about the inner working of a computer, i.e.

  • how do the computer parts talk to each other?
  • how does programming work?

Why API?

In short, API is a set of functions exposed to us so we can interact with a program.

API Deep Dive

I would categorise API into 2 groups:

  1. Web API

Programming API

These are functions provided by the programming language or library.

console.log('heeyy');console.error('something went wrong');console.info('some info');

Web API

In short, web APIs allow web applications connect to each other. Web APIs are a set of functions exposed by a web app so that other users can interact with the web app, without even seeing the source code of the app.

So what composes of a Web Application?

A web app is essentially a complex system comprises of lots of functions. Imagine if we have created a great tool that could generate subtitles for any video in any language. Our app becomes popular very quickly and now we got a lot of requests asking us to integrate our service onto other platform. For example, a movie hosting platform would like to use our service to automatically transcribe their movies whenever there is a new upload.

Web API: Behind the scenes

So how does a web API work behind the scene? Let’s take a look at a real world example: github.com

Sample response returned by Github’s public API
Web API: Behind the scenes

So what is happening here?

  1. Browser sends a HTTP GET request to github’s server.
    HTTP requests have different types of method:
    GET — To download or read data. In our case here, we are trying to read a list of licenses from Github.
    POST — To create or other miscellaneous operations. For example, login to an app, creating a new Facebook post.
    PATCH — To update. For example: updating profile picture.
    DELETE — To delete. For example: deleting a comment.
  2. The server receives the request, and run a function to search for all types of licenses from its database.
  3. Once found, the server sends back a JSON string to the browser and the browser will simply display it. JSON — JavaScript Object Notation is a string format that looks very similar to JavaScript object. It is widely used to transmit data in web API.

What about Authentication?

Yes. without authentication or restriction, random people around the internet can easily abuse an app’s API in many ways. For example, by firing 1000 requests per second until the server goes down, or freely view others private information without logging in. You wouldn’t want a random stranger to view your Facebook’s chat history, do you?

Typical API authentication methods

1. Secret Key / API key / Bearer Token 🔑

This is the simplest way for users to authenticate themselves. The concept is simple. Whenever a user calls an API endpoint, the user would include a so-called “API key” in the HTTP request.

https://api.mysite.com/posts?apiKey=somesecretapikey

2. Cookie 🍪

First of all, internet cookies are not edible nor tasty. Cookies are small chunks of data that lives inside the browser. If you are using Chrome, you can view all the cookies given to you by Medium.com in the Application panel in the developers tool.

Cookies associated to medium.com
  1. Security cookies to stop attacks like XSS (cross site scripting).
  2. Authenticating users. Let’s talk more about this.

3. JWT (JSON Web Token)

JWT is essentially an encrypted JSON string, where it contains information about the login user.

4. Oauth

Oauth is more advanced than the method described above. It is more secure but highly technical at the same time. Check out my other article if you want to learn more about Oauth.

Additional Resources

https://github.com/public-apis/public-apis — A list of web APIs that you can start using in your next project.

Web Development. https://acadea.io/learn . Follow me on Youtube: https://www.youtube.com/c/acadeaio

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store