Whether you know it or not, APIs (application programming interfaces) significantly impact our relationship with technology, allowing applications to share and exchange data seamlessly so we can access multiple pieces of information from a single source. Without API technology, we'd likely get lost far more often (APIs are fundamental to navigation apps like Google Maps), and booking a vacation would be much more complicated (travel booking sites rely heavily on API tech, too).
But while APIs are increasingly prevalent in our personal and professional lives — helping us to get more from our apps and devices while enabling businesses to streamline workflows and boost collaboration — what exactly is the role of an API? How do APIs work? And what do APIs look like in the real world? Let's start by defining an API in the simplest terms possible.
What is an API?
An API is a communication interface that allows applications and software services to communicate and exchange data with each other — essentially allowing one or more apps or software services to "talk" without a developer of one needing to know how the other works. Put simply, API functions as a software intermediary (a kind of "middleman"), passing data from one interface (a mobile application, for example) to another. This allows applications to share and leverage one another's data to provide seamless integration, greater efficiency, and enhanced user experiences.
Think about the last time you visited a restaurant for a fancy meal. When you arrived, a waiter likely handed you a menu with a list of available food and drink options. When the waiter returned, you gave them your order (with specific instructions on how you'd like your meal prepared), and they handed your order to the kitchen. The kitchen prepared your meal, and when it was ready, the waiter fetched it from the kitchen and brought it to your table. You made sure you had everything you'd requested and then blissfully chowed down.
In this scenario, the waiter is essentially performing the role of an API, acting as an intermediary between the application making the request (you) and the source of the 'information' being requested (the kitchen). Like the waiter, an API receives a set of instructions (a request), fetches the requested information from another source, and returns that information to the application. In a (somewhat basic) nutshell, this is the purpose of an API.
How does an API work?
The restaurant analogy does a pretty good job of explaining the function of an API, but effectively an API sits between an application and a web server, performing as an intermediary that facilitates data transfer between one system and another.
Break down how an API works can be divided into four steps:
- First, an application initiates a request to the API to retrieve some specific data or information; also known as an 'API call,' the request is processed by the API's Uniform Resource Identifier (URI)
- Upon receiving the request, the API calls the relevant program or web server, requesting the necessary information.
- The server responds to the API and provides the requested information
- The API transfers the requested information back to the application that initially requested it
Much like the helpful waiter in our restaurant analogy, an API facilitates the transfer of data between a client and the server, acting effectively as a 'go-between.' When booking a flight online, you need to access several pieces of information: flight dates and times, seat availability, price, luggage restrictions, and so on. You don't want to have to fetch all this information yourself, so you use a travel website to do everything for you. In this scenario, the API is the interface (like your waiter) that requests and fetches the required data from the airline's database and delivers the information directly to the website or app.
REST vs. SOAP APIs
To communicate and exchange data between applications, programs, and servers, APIs must be governed by specific architectures and protocols detailing what they can and can't do. The most common of these protocols are REST and SOAP:
REST
REST (which stands for representational state transfer) is a set of architectural API guidelines for lightweight web services and applications. When a request is received, RESTful APIs can transfer information in several formats, including HTML, XML, or plaintext. A good example of a system using the RESTful API (as it's often known) is the cloud-based web hosting provider Cloudways, which allows its users to develop, integrate, automate and manage their servers and web apps through the Cloudways platform.
SOAP
SOAP (simple object access protocol) is a standard protocol that relies solely on XML to deliver messages. Because it is a protocol, a SOAP API imposes in-built rules that increase its complexity and overhead, with compliance standards encompassing atomicity, consistency, isolation, durability (ACID), and security. For example, Microsoft's Excel Web Services SOAP over HTTP as a communication interface between client programs and Excel.
Types of APIs
APIs come in many forms, which vary depending on the scope of use. Developers often work with various API types pertaining to the unique needs of a specific application or organization. The most common API types are:
Public APIs
Similar to open-source software, a public (or open) API is publicly available and provides full programmatic access to any outside developer or organization. Companies like Meta (formerly Facebook) even make their APIs public to monetize them as an additional revenue source; in fact, 35 percent of the leading technology firms generate more than a quarter of their revenue through APIs.
Private APIs
A private (or internal) API is not available to external users; instead, it is intended for use exclusively by a specific organization, connecting internal systems and sharing internal data. An example may be a company using a private API to connect its internal HR and automated payroll systems to exchange data between the two platforms.
Partner APIs
A partner API sits somewhere between a private and a public API; these APIs are explicitly shared between one business and another and are only available to authorize external developers for a specific purpose. Partner APIs form the basis of eBay's Partner Network, allowing sellers to generate trackable affiliate links through unique API calls linked to their unique account IDs.
Composite APIs
A composite API typically combines two or more APIs to address complex requirements or behaviors. It is often used to improve speed or performance to minimize the number of 'round trips' between the client and the server.
Examples of APIs
To help put the role of an API into a little more real-world context, there are plenty of everyday use cases for APIs that will be familiar to many of us. Here are just a few common examples of APIs:
Shared logins
Have you ever visited a website or application and been invited to log in using your Google / Facebook / Linkedin account? This convenient little feature (which saves precious time creating and managing multiple separate logins) is an example of an API in action. By leveraging these platforms' APIs, the application can authenticate a user by checking if they're already logged in to a third-party site — without having to log in to your Google or Facebook account.
Payment providers
Most e-commerce sites will have a convenient "pay with PayPal" option at the checkout. But PayPal isn't just a safe and secure way of transacting online; it's also one of the most prevalent examples of an API in everyday life. As with the previous example, the site doesn't directly access your PayPal account (that would be a serious data security concern) but instead uses API technology to send an "order" request to PayPal and a payment confirmation back to the store.
Travel booking sites
Travel comparison sites like Expedia aggregate vast amounts of data about flights, hotels, and other travel services to showcase the most relevant options based on your search criteria. How do they do it? You guessed it: travel sites employ several third-party APIs to collect data about availability, prices, etc., and share booking information with various airlines and travel companies.
Weather apps
You probably check your weather app at least once a day (more so if you've got a wedding or vacation coming up), but you probably didn't know that they also use APIs to gather data about current and future weather conditions. Weather apps and websites (and even our smart home devices) are simply sending an API request to a weather service so they can display accurate, real-time weather updates.
Maps
Many of us are probably a little too reliant on Google Maps when navigating our way around towns, cities, and countries (it has over 150 million monthly users). Still, the app relies on combining data from a variety of other sources so it can provide directions, traffic updates, and information about nearby businesses and attractions. All of this is only possible through the use of several APIs.
Conclusion
Next time you come across a universal website login, open your iPhone app to check the weather, pay for an online transaction through PayPal, or use Google Maps to find your nearest fast food outlet, you'll know that the technology at your fingertips is powered by an application programming interface (API). APIs come in many forms and are underpinned by specific protocols and architectures. Still, at their heart, they make it easy for applications (such as the mobile apps we use every day) to share and exchange data, empowering us to access information instantly and helping businesses to streamline their operations.