API's are the interface for an application to talk to other applications. This is defined as a set of rules describing how one application can interact with another, and the mechanisms that allow such interaction to happen. This is in contrast to a user interface meant for a human to interact with an application. Read more on Wikipedia.
- Web APIs: That work over HTTP for applications to communicate over the internet
- Software APIs
- Command line
- Hardware APIs
The Wikipedia API is a useful public web API. Play with it at the API sandbox. Find other APIs on the ProgrammableWeb API directory.
Documentation APIs are documented well to explain how external applications can communicate with it. Without this the API is
Request Message The first step is for an external application to call the API with a message to communicate.
- Endpoint: This is the HTTP URI where where the API can be called. The Wikipedia API endpoint is
https://en.wikipedia.org/w/api.php?.- Version: Allows external applications to reliably communicate with an API whose features keep changing. This is usually indicated in the endpoint url like
../api/v1/..
- Version: Allows external applications to reliably communicate with an API whose features keep changing. This is usually indicated in the endpoint url like
- Header: Identifies the type of request message to the API. It is usally one of these HTTP verbs
- GET: Requests for some information
- POST: Create some new information
- PUT: Edit some information
- DELETE: Remove some information
Response Message
- Header: Identifies the nature of the message. Any errors are reported here as status codes:
- 200: OK, the body should have your expected response
- 400: Not OK, the request was not understood
- 403: Forbidden, the authentication probably failed.
- 404: Not found
- 500+: Server error, communication to the server failed
- Body: Has the contents of API reply message that was requested for.
Request limits Most APIs have limits on how many requests are allowed per minute. This makes sure the API is not overloaded by any single requester.
Response limits Data APIs usually have a limit on how many features or data points can be requested in a single call. This helps keep responses compact and not overload the browser with too much data.
Authentication
Many APIs track the usage of the requester by requiring authentication in the form of a username and password, or a unique access token. Failure to authenticate correctly will result in a Error 403.
Cross-origin resource sharing (CORS) For security reasons a web page cannot request data from an external location that is not on the same server. For instance a web page cannot embed fonts from another web page without the necessary permission to do so. The mechanism to allow such resource sharing over different locations is called CORS.
Test APIs Postman is chrome extension that allows one to easily test APIs.
Write a node API A simple server side API can be written in javascript using Node and Express. Tutorial.
API Course Take this free API course from Zapier to understand how APIs work.