Open in app

Sign in

Write

Sign in

“Strengthening API Basics”

Ayush Sahu
6 min readJan 23, 2023

--

So first of all, what is an API?

An API is a set of programming code that enables data transmission between one software product and another. It also contains the terms of this data exchange.

In simple words, an API, or application programming interface, is a set of defined rules that enable different applications to communicate with each other. It acts as an intermediary layer that processes data transfers between systems, letting companies open their application data and functionality to external third-party developers, business partners, and internal departments within their companies.

API

How does an API work?

The working principle of an API is commonly expressed through the request-response communication between a client and a server. The client is any front-end application that a user interacts with. The server is in charge of backend logic and database operations. An API works as a middle layer between the client and the server, making it possible to send data requests and responses.

Also, APIs are sometimes considered contracts, where documentation is an agreement between the parties, “If party 1 sends a request, structured in a particular way, then this is how party 2 software will & should respond.”

API working and positioning in a Web App

API examples:

  1. YouTube API
  2. Google Maps API
  3. Twitter Bots
  4. Log-In Using XYZ
  5. Weather Snippers
  6. Pay with PayPal
  7. Vulkan

and so much more.

API documentation:

No matter how many opportunities for creating or extending software products API gives, it would remain an unusable piece of code if developers didn’t understand how to work with it. Well-written and structured API documentation that explains how to effectively use and integrate an API in an easy-to-comprehend manner will make a developer happy and eager to recommend the API to peers.

The API documentation is a reference manual with all the needed information about the API, including functions, classes, return types, and arguments.

Numerous content elements make good documentation, such as

  1. a quick start guide
  2. authentication information
  3. explanations for every API call (request)
  4. examples of every request and return with a response description, error messages, etc.
  5. samples of code for popular programmatic languages like Python, Java, JavaScript, or PHP
  • SDK examples (if SDKs are available) illustrating how to access the resource, etc.

API Types:

There are four different ways that APIs can work depending on when and why they were created.

REST APIs — These are the most popular and flexible APIs found on the web today. The client sends requests to the server as data. The server uses this client input to start internal functions and returns output data back to the client. Let’s look at REST APIs in more detail below.

SOAP APIs — These APIs use Simple Object Access Protocol. Client and server exchange messages using XML. This is a less flexible API that was more popular in the past.

RPC APIs — These APIs are called Remote Procedure Calls. The client completes a function (or procedure) on the server, and the server sends the output back to the client.

Web-socket APIs — These APIs are another modern web API development that uses JSON objects to pass data. A WebSocket API supports two-way communication between client apps and the server. The server can send callback messages to connected clients, making it more efficient than REST API.

API Structure & It’s components:

  1. Endpoint : In simple An API endpoint is the end of an API connection, where an API call is received. An API endpoint is a digital location exposed via the API from where the API receives requests and sends out responses. Each endpoint is a URL that provides the location of a resource on the API server.
  2. Methods : GET (to retrieve data from a resource), POST(to create a new resource on the backend), PUT(to update a resource by replacing its entire content completely), PATCH(to update data partially and not entirely), DELETE(to delete a resource completely).

3. Headers : Headers are used to provide some metadata related to the request, and don’t directly specify which data you want to retrieve

4. Body : A request body is data sent by the client to your API. A response body is the data your API sends to the client.

5. Parameters : Parameters are options you can pass with the endpoint to influence the response. There are several types of parameters: header parameters, path parameters, and query string parameters.

Status codes :

100–199 — Information Response — These are sent to tell the client the first part of their request has been accepted and they should continue sending the rest of their request. These codes are no longer very common.

200–299 — Success — This range of status codes is used to tell the client their request was successful.

300–399 — Redirection — These are used to redirect the client’s request to another resource. This can be either to a different webpage or a different website altogether.

400–499 — Client Errors — Used to inform the client that there was an error with their request.

500–599 — Server Errors — This is reserved for errors happening on the server-side and usually indicate quite a major problem with the server handling the request.

How is an API made?

API can be created in a lot of languages like Javascript, Golang, Python, Nodejs etc.

Important folders or parts of an API :

  1. Route : Route consists of information on how Web API matches a URI to an action.
  2. Controller : Controller receives the work, decides who should do it, then passes off the request to be completed.
  3. Models : Models consists of what kind of data is needed and the format it is most suitable for our API.

How to keep your API Secure?

  1. Using HTTPS connection protocol instead of the old, insecure and boring HTTP.
  2. Using O Auth, as it is a standard for authorization of users of the API
  3. Never leave sensitive data in common places like documentations or URLs.
  4. Using password hashing, so even if it is compromised, no one can crack it easily!

Why use an API?

APIs serve numerous purposes. Generally, they can simplify and speed up software development. Developers can add functionality like a recommender system, accommodation booking engine, payment processing, or image recognition feature, from other providers to existing solutions or build new applications using services by third-party providers.

Whatever the case, specialists don’t have to deal with source code, trying to understand how the other solution works. They simply connect their software to another one. In other words, APIs serve as an abstraction layer between two systems, hiding the complexity and working details of the latter.

.

.

.

Thanks for reading till the end, have a nice day ahead.

Feel free to reach out to me for any queries regarding content or any help via linkedIn : https://www.linkedin.com/in/ayushsahu77/

API

--

--

Ayush Sahu

Written by Ayush Sahu

1 Follower

Security Analyst | Top 2% @TryHackMe | Microsoft AZ-900 Certified | Postman Student Expert | Google Cloud | Ex-Salesforce Developer | 1x Hack-a-thon Winner

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams