Friend: Hey, How are you, buddy?
Me: I am good. Just working on a small project using API's.
Friend: You mean Application Programming interface, right?
Me: Yeah, but do you know the real meaning of that term?
Friend: No, but please explain.
Me: Alright, I will explain it to you but then you owe me a party!
If we go by the definition provided by Wikipedia, it states the following:
"In computer programming, an application programming interface (API) is a set of subroutine definitions, protocols, and tools for building application software. In general terms, it is a set of clearly defined methods of communication between various software components".
It is correctly defined, but still, the meaning is not very clear, because of the language used in the definition. So let’s understand it with the help of one small example.
Real world Example
Consider this API as a waiter in a restaurant. A menu is served to you on the table to choose your favorite food and the Kitchen is the system where your food (request) is prepared. But how does this whole process works? Well, we all know this, don't we? We choose what we want to eat from the menu, we call the waiter, give him/her the order by naming the dishes we want along with the quantity. The waiter then takes our order to the kitchen where the order is made and once it's prepared, the waiter comes back with the delicious delicacy served in a plate or a bowl (depends on what you ordered).
Thus, the API is very much like the waiter. API is the messenger that takes your order(waiter) and tells the system(kitchen) what to do (to prepare food) and in return brings back the response to you, just what you asked for, never wrong (waiter returns with the ordered food).
Another Example...
Let's have another example to clear all of your remaining doubts.
Have you ever visited any website that shows an option for signing up using Facebook or Google? How do you think you are able to log in and proceed ahead to use the application without ever worrying how Facebook or Google share your information with the website, or how this communication happens at all? Through the APIs provided by Facebook and Google. When you click on the button named, Login with Facebook or Google, an API request is sent to these websites, along with your credentials, and your permission allowing the website to use your information provided by Facebook or Google or any other website for that matter. And in the response, Facebook or Google provides the website with your email address, along with some other basic information.
What is API, codewise?
See, APIs are good. But how they work or how can you write APIs for your website. Well API is nothing but a method/function which can be accessed by sending an HTTP request. The request parameters are enclosed as JSON, XML etc when the API is called. And in return, the API (the method or function) returns a response, again in the form of JSON or XML or any other format.
API Security
But all good things must be protected, so should be an API. As the method/function is exposed, hence whoever finds out the URI to access the API, can send a request to it. And many would want to send malicious requests to your server to bring it down.
Since most of the APIs are provided for free, it needs a security layer to keep it safe from various destructive minds. Hence, a new concept called API key was introduced. This key can be considered as a permission that you take from the provider, like from Google, to use their API, like for signing up for your website or any other application.
Free and Paid APIs
There are some APIs that are free to use, but there are also APIs for which you have to pay. For example, if you want to deliver SMS to your users when they register on your website or send them an OTP to verify their mobile number, you will have to use a third-party service to send these SMSs. Most of these third-party services these days, have APIs, which you can use to send SMS, but you have to pay for it.
One last question for you- Whenever you book a flight ticket, you go to various websites like MakeMyTrip, GoIbIbo, Yatra, etc. You hardly ever go to any airlines website to book your ticket. Still, you get your seat booked with the same Air Plane service that you might have booked through their own website. Ever wondered how did this happen?
Yes, Again, it’s because of the API. Gosh! Could we even survive without this? Don't forget to thank your superhero – the API, who manages all your queries without any complaints and returns an appropriate result. It has made your life much simpler and easy. This superhero is great!
You may also like: