What is an API?

A short history of API

API is one of the common terms in the programming and development area. If you are new to web development, probably you are not familiar enough with APIs and their applications. API stands for Application Programming Interface. A web service or API is essentially the interface between a resource or operating system and the applications that request it. Simply put, a programming interface is a set of functions that one program can call from another.

I found the API descriptions more obscure than explicit and understandable. If we want to make it simple, we can say APIs are tools. They are the software intermediary that providing communications between 2 applications. Via APIs, applications can easily talk to each other. First, let me give a summary of how they formed.

Before the introduction of computer systems in various industries, the human being was considered to be the one who was supposed to have the highest interaction with computer software, so that no matter what the software did, from editing images to sending emails, the human was the focus of attention as the entity that was supposed to work with the software.

Overtime, for some reason like simplicity and rapidity, the software themselves has been interacting without human intervention. Unlike the human that needs to see a specific button to click on it to get the intended data, computer software doesn’t need to have a user-friendly UI for communication with each other and this is where the concept of API Formed.

Many believe that the term API has been widely used since 2000, when Dr. Roy Fieldings defended his doctoral dissertation.
But the beginning of the API development experience in terms of the user interface was first introduced in the 1970s. One of the great advances of that time was the development of Message Oriented Middleware. IBM MQSeries was one example of this software.

In the late 1980s, OOP (object-oriented programming) programs were introduced. In the 1990s, with the development of OOP software and the advent of the World Wide Web (WWW), other web services became seriously available to the public. Since then, we have seen the emergence of programs such as JavaScript and the SOA architecture system. The advent of this software led to big steps in this market.

After the introduction of the World Wide Web and the HTML programming system, after 2000, with the introduction of the REST architecture and the introduction of Dr. Roy Fieldings’ project, the story of the APIs took on a new color and flavor and was pursued differently than before.

But the turning point in the age of APIs came after 2010 when the use of the Web service became widespread.

APIs in the modern era

When I think of the web, I think of a large network of interconnected servers. Every page on the Internet is stored somewhere on the remote server. In general, a remote server is not uncommon and is only part of a remote computer optimized to process requests.

To better understand this, you can set up a server on your laptop and put the pages of a website on it (in fact, a local server is what developers use to develop websites before they are released to the public).

When you type a site address in your browser, a request is sent to the site servers. As soon as the browser receives the answer, it interprets the code and displays the page.

For the browser (also known as the client), the Facebook server is an API. This means that every time you visit a web page, you connect to multiple remote server APIs. An API is not like a remote server; Rather, it is the part of the server that receives requests and sends responses. It is a way to serve your customers.

You’ve probably heard of companies that sell API packages as a product. Google, for example, sells access to its various APIs like google map or google calendar. Developers can use these APIs for their purposes. Let me give you an example.

Imagine you have designed a mobile application for ordering pizza. For this purpose, you need a map on your application, so the users can set their location and order the pizza on the nearest pizza delivery. Simply, you can use Google Maps API for your purpose. The idea is that the app server communicates directly with the Google server and submits its request to the server with all the details. Your server then receives Google’s response, processes it, and sends the relevant information to the browser, which can be a map to the user.

You can see there are 2 applications (pizza delivery app and google map) talk and communicate with each other in the backend. Google Maps is just an example of thousands of useful APIs that you can use as a new developer. Instead of putting too much energy on complex and repetitive works, you can just easily put your focus on the main product that you want to build without having to write some parts from scratch.

There are two important concepts in API culture that need to be understood

API provider

An IP provider is a person or company that intends to provide certain services through a particular web service. A web service designed by the provider and made available to its users on the Internet.

Consumer (client) API

API consumers are programmers or often software developers who want to design an application for their users based on a web service or based on the needs of the people.

API types in terms of accessibility

Web services are divided into three general categories in terms of access

Open APIs

These web services are available to all developers for free. These types of APIs are usually widely and easily available on the Internet.

Internal APIs

These types of APIs are mostly internal consumption and are only available in one organization or within a specific group.

Partner APIs

This group of APIs are often monetary and are only available to so-called B2B and B2C businesses.

Types of APIs in terms of functionality

Hardware API

These programming interfaces are used to make connections between the hardware of a system (such as the CPU cooling system). Simply put, these APIs play the role of nerves in a system for transmitting commands and translating commands into hardware language. Smart TVs, mobile phones, network cameras, and many other new systems use these types of APIs.

API operating system

These types of APIs are the Layer of Abstraction that sits between the software developer and the operating system.

API programming languages

Programming languages ​​often contain a core (including language syntax, how to build variables, data types, etc.) and are the same, with frameworks making additional features available to programmers as the language API.

Software Development Kit

SDKs are another type of API that are offered by various companies such as Google, Facebook, and others. Developers can use the same SDKs to develop software.

Web API (Web Service)

This type of API is the most useful type of API implemented on the web. Web services, or Web APIs, are protocols that enable interaction between different applications over the Internet and the Web.


As a programmer, when you start to learn the codes with specific languages, building APIs and deployment would be a regular task for you because APIs are the most essential part of web and app development. 

API security measures and the protection of web services are one of the most important aspects of building APIs. Certainly, as communications increase and expand, so does the risk of infiltrating programs. API providers are always required to strike a balance between API security and ease of use.

Note that one of the features of using APIs is the ease of working with them. So if we want to create severe security barriers for an API, we have officially disrupted its functionality. This means that when it comes to API security, providers can no longer use the complex system dependencies or overly rigid management models used in previous generations of IT. There are many sources that publish recommendations to increase the level of security and balance of APIs, given the latest status of attacks in the general Internet space.

Some of the most important security tips in the field of web services

  • APIs must be provided with the least possible permissions. The higher the API permissions, the more likely it is to cause unexpected behavior.
  • Users’ access to any source on the server-side must be blocked by default.
  • The architecture of APIs should be as simple as possible to reduce service error.
  • Secure protocols such as HTTPS should be used as much as possible in API design.
  • We should hash sensitive information as much as possible.
  • As much as possible, the parameters should be validated.

These days, the economics of APIs has become a serious and hot topic in various places. This shows the importance and high volume of transactions and trade in this market. Software developers can save time and money by using APIs on the market.  

Please do tell us, did you find the content above helpful?