What’s an API
A textbook definition of API is something like this:
API stands for Application Programming Interface, a software interface that allows two applications to talk to each other. It defines the allowed calls or requests, how to make them, what endpoint to send them to, the correct data formats, the rules to follow, etc.
In plain English, an API is a messenger that accepts requests from the “caller” and tells a system what the caller wants to do. Once the system has a response, the API returns it to the caller.
The caller must follow the standards required by the system in shaping its request.
Here is an example from everyday life:
A server at a restaurant is a sort of API. You are sitting at your table and looking at the menu (API’s rules and standards) to order.
In our example, the Kitchen is the system.
The server (or API) approaches you to take your order. You are limited to the options listed on the menu. If you are in a Mexican restaurant, and there is no Pad Thai on the menu, you cannot order Pad Thai!
You give your order to the server, and the server takes your order to the Kitchen (the system).
The Kitchen prepares your food, and the server brings it to you.
What we learned from this example:
- You choose what kind of food you want, and you go to a restaurant that provides that. In the API world, this is the process of finding an API that answers your needs.
- At the restaurant of your choice, you see the options (plus some modifications) that are available to you. We call this API requests.
- The server takes your order, and the Kitchen prepares the food, and again it’s the server that brings the food to you. API is the interface that goes between the caller and the system.
From the above example, you can extrapolate that API calls must follow a specific format, send required data, and expect a response with a structure that the system provides. Chimichanga and Taco look different!
Why we need APIs?
Let’s explain this with another example.
When you book a hotel room, you choose an arrival date, departure date, and a few other variables.
To book your room, you interact with the hotel’s website to access its database. It allows you to find if any rooms are available for your selected dates, and if so, what would it cost you.
In this example, you access the hotel’s website directly. You are limited to this single hotel and its room availability.
What if you use an online hotel reservation service, which has access to many hotels and aggregate the information?
The online service interacts with hotels API and requests a room based on your criteria. Hotels APIs return the response to the online service, and the online service provides you with information in a user-friendly format.
Now you see that the API enables us to communicates with many services.
APIs help us to interact with applications, data, and devices. APIs ultimately create connectivity.
In application development, an API simplifies programming by hiding the complex implementations and only exposing objects or actions the developer needs.
A payment gateway API provides a developer with a simple form to gather the required information for a transaction and send it to the gateway for processing, without requiring the developer to understand the payment processing details and protocols that are occurring behind the scene.
For example, let’s look at Authorize.Net.
Authorize.Net is a payment gateway, which provides developers with an API.
As a developer, when you integrate your application to Authorize.Net, you have effectively created a platform that could use almost all major credit card processors to process credit card transactions.
Your customers could be using Frist Data or TSYS for their processing. However, your integration in Authorize.Net is all they need to process credit cards. Authorize.Net API connects your merchant to their processor.
APIs in general and payment APIs, in particular, have become so valuable that they comprise a large part of business’ revenue.
Major payment providers like TSYS, Clearent, Elavon, First Data, just to name a few, make money from their APIs. The API allows these companies to apply a cost per transaction, service fees, and many other venues to generate revenue.
In a more general arena, Stripe, PayPal, and Square with their APIs have created platforms for many small businesses and individuals to accept credit card processing and a matter of minutes.
API and Security
When we are using an API to interact with a service, our application and the service provider never communicate directly. Small packets of data travel between the two modules and carry the information. We have a fully secure system of communication by restricting access to the API by using authorization and authentication methods.
Your iPhone’s data is never fully exposed to the iCloud, and likewise, the iCloud is never fully exposed to your phone. Instead, each communicates with small packets of data, sharing only that which is necessary.
What we call Modern APIs to have characteristics that make them extraordinarily valuable and useful:
- Adherence to standards such as REST and HTTPS
- Through standardization, they provide security, scalability through better monitoring
- Well documented for consumption and versioning
If you have an application and still have not developed an API for your application, I encourage you to consider creating an API.
In my next article, I walked you through the process of building an API.