API-Application Programming Interface
APIs are a set of rules and protocols that allow two software programs to communicate with each other and exchange data. It acts as an intermediary between the client and the server, similar to a waiter that act as a intermediater between the chef and the customer.
Why APIs Are Important
Efficiency: APIs save development time by allowing developers to use existing functionality instead of building everything from scratch.
Integration: They enable seamless connection and data sharing between diverse systems, platforms, and services (web, mobile, IoT).
Innovation: By exposing data and services securely, APIs foster creativity, allowing external developers to build new applications and services that the original creators may not have envisioned.
Security: APIs add a layer of abstraction and control, allowing organizations to manage access to their backend systems and enforce security policies like authentication and rate limiting.
Automation: APIs allow machines to talk to machines without manual input
How APIs Work
It needs a request and a response cycle over the internet using the HTTP/HTTPs protocol with additional security headers, tokens, or cookies:-
Request: A client (e.g., a mobile app) sends a request to a specific API endpoint (a URL) on a server, often with details about the desired action (e.g., GET data, POST new data) and any required parameters or authentication.
Processing: The API sends a request to the server for processing, such as retrieving and manipulating data.
Response: The server sends a response back to the client, typically in a structured data format like JSON or XML, with the requested data or a status code indicating the result (e.g., 200 OK, 404 Not Found).
Example: If you want to show weather updates in your app, instead of building a weather system, you can simply use the OpenWeatherMap API to fetch the data instantly.
HTTP methods:
The most commonly used HTTP methods, especially in RESTful APIs (Representational State Transfer), are:
GET: Used to retrieve (read) data or a representation of a resource from the server.GETRequests are "safe" (should not change server state) and "idempotent" (multiple identical requests have the same effect as a single one).POST: Used to submit data to be processed to a specified resource, often resulting in the creation of a new resource or causing a change in state on the server.POSTis neither safe nor idempotent, meaning repeated requests can have different side effects (e.g., creating multiple identical records).PUT: Used to update an existing resource or create a new resource if it doesn't exist, at a specific URL. The request body should contain the complete representation of the resource.PUTis idempotent but not safe.PATCH: Used to apply partial modifications to a resource. It is a more efficient alternative toPUTwhen only a small change to a large resource is needed, as it only sends the data to be updated.PATCHis not necessarily idempotent.DELETE: Used to request the removal of a specified resource from the server.DELETEis idempotent, as deleting an already-deleted resource results in the same end state (the resource is gone), though a server might return a 404 Not Found on subsequent attempts.
Types of APIs
APIs can be categorized based on their accessibility and use:
Public APIs (Open APIs): Available to external developers and the general public, such as the Google Maps API or weather forecasting APIs, which allow developers to integrate maps or weather data into their own apps.
Private APIs (Internal APIs): Used internally within a single organization to connect different software components and improve communication and productivity across internal teams.
Partner APIs: Shared only with specific business partners who have the appropriate credentials, facilitating B2B (business-to-business) integration, such as connecting a retailer's website to a payment processor's system.
Composite APIs: Combine multiple data or service APIs into a single, chained request, which can improve performance and reduce the number of calls needed to complete a task.
Popular API Testing Tools
| Tool | Purpose |
| Postman | Manual and automated API testing |
| SoapUI | SOAP & REST API testing |
| JMeter | Load and performance testing |
| Apigee | Enterprise API management |
| vREST | Automated regression testing |
There are four different ways that APIs can work, depending on when and why they were created.
SOAP APIs
These APIs use the Simple Object Access Protocol. Client and server exchange messages using XML. This is a less flexible API that was more popular in the past.
RPC APIs
These APIs are called Remote Procedure Calls. The client completes a function (or procedure) on the server, and the server sends the output back to the client.
Websocket APIs
Websocket API is another modern web API development that uses JSON objects to pass data. A WebSocket API supports two-way communication between client apps and the server. The server can send callback messages to connected clients, making it more efficient than a REST API.
REST APIs
These are the most popular and flexible APIs found on the web today. The client sends requests to the server as data. The server uses this client input to start internal functions and returns output data back to the client. Let’s look at REST APIs in more detail below.
REST stands for Representational State Transfer. REST defines a set of functions like GET, PUT, DELETE, etc. that clients can use to access server data. Clients and servers exchange data using HTTP.
The main feature of REST API is statelessness. Statelessness means that servers do not save client data between requests. Client requests to the server are similar to URLs you type in your browser to visit a website. The response from the server is plain data, without the typical graphical rendering of a web page.