and why they’re important.
For ProData Skills (Agency) | Client KongHQ
Reading Time: 6 minutesIntroduction
Application Programming Interfaces, or APIs, are one of the core components of the modern distributed application paradigm. Their widespread adoption has been driven by the popularity of cloud usage, the rise of cloud-native applications, and microservices. But what is an API? And more importantly, why should you care?
Whether you’re a developer moving into the microservices world and want some orientation, or an IT decision-maker interested in API economy to save development time, you should start by learning about what APIs are and how they work.
In this article, we’ll briefly discuss the origin and evolution of APIs. We’ll talk about their benefits, opportunities, common features, and some key concepts involved in API development. Finally, we will cover the role of APIs in digital transformations across a spectrum of industries and emerging modern digital ecosystems.
A Basic Definition of APIs
APIs are pieces of software that operate between a calling application (client) and a source application (server) to deliver data (resources) in response to a request. They do this through a defined set of rules (interfaces) and a set of protocols. This allows client applications written in any language to call the API to communicate with the called application and get the resource they want. APIs themselves can be written in most high-level languages. The only things that bind the back-end system, the API, and the calling application are the interfaces that accept requests and provide responses and the protocol that’s used to convey the messages back and forth. APIs abstract the underlying program and encapsulate it in a way that enables its services to be easily consumed by the client application.
A Brief History of APIs
The term “Application Programming Interface” was coined in the 1950s and can be defined as a set of protocols which enable computer programs to exchange data. APIs were originally intended to provide a method to call subroutines for mainframe programs.
Subsequently, the concept expanded to include connection to graphic devices and relational databases. In the 1990s, APIs evolved to encompass Remote Procedure Calls (RPCs), which could call code from remote devices, and Web APIs, which operated with web servers and web pages, supported by the then-new Java language.
By the noughties of this century, APIs had become the lingua franca of the digital economy, allowing tens of thousands of applications to exchange data worldwide across multiple industry sectors and systems.
API Types
There are various ways of categorizing APIs, as we will see later—but chief amongst them is the method of access.
Public APIs are accessible by anyone over the Internet. These APIs are maintained by organizations who have developed, deployed, and now managing the API endpoints. The documentation for these APIs, showing their features and how to access them, is also available in the public domain. An example is Twitter’s public APIs that allow developers to create Twitter-based apps.
Private APIs are internal to an organization. Only applications inside the organization’s network boundary can access them. This is how many enterprises are exposing their legacy applications to the newer apps.
Partner APIs are a mixture of both public and private APIs. Here, an organization creates APIs that are accessible by its own applications—as well as those of their partner organizations. An example of this is tax office APIs available to banks and social welfare systems.
Composite APIs will combine data from several sources, some of which may be public and others private. For example, a composite API can power a government’s digital service platform that uses APIs from different state-run public services.
API Benefits
The major benefit of using an API is the ability it provides to access and consume data and services from thousands of independent services and data sources. This means organizations of all sizes can access these functionalities without having to develop their own specialized applications. Examples of services accessed by APIs include getting data from geolocation services, accessing weather updates or financial data, or log-in services through Google or Facebook.
The language-independent nature of APIs enables rapid development and deployment of small, modular applications providing specific data or service for quick consumption. APIs can also leverage a vast range of already-built third-party services and data sources.
Yet another benefit of APIs involves the monetary side of it. Organizations developing APIs for public consumption can offer a free-tier for regular usage. They can also charge above a certain number of calls to it and for premium features.
API Common Features
There are a number of characteristics common to APIs, irrespective of their type or how they are developed.
First, they have a defined Interface which specifies the actions an API can perform, how a client app can invoke those actions, and what data will be returned as a response.
Second, an API will specify its message format. The API provider stipulates the message format. It specifies the format (e.g., JSON, YAML, or XML) and structure of the data that goes back and forth between the client and the API.
An API specification also includes the network protocol the client uses to make the API request and receive its response. Examples can be HTTPS, gRPC, etc.
Finally, API developers must ensure security—for example, by using Web Application Firewalls, Secure API Gateways that use SSL and TLS encryption, input validation, and user authentication wherever necessary.
API Development Today
API development has gone through several phases over the years, culminating in the evolution of the so-called API Economy central to today’s digital world. There are some key terms and concepts to know in order to understand the API landscape today.
API Gateways are specialized software that aggregate all incoming API requests and route them through a management system to the appropriate API. Exactly what an API Gateway does will vary from system to system—but its typical functions include authentication, routing, rate limiting, billing, monitoring, analytics, policies, and alerts. Aggregating these functionalities into a unified platform greatly simplifies management and enhances performance from a service provider’s perspective..
Microservices are a software architecture that divides an application’s different functions into smaller components called services. In contrast with the older, monolithic style of application development in which single applications performed multiple functions, a microservice architecture typically comprises distributed, loosely coupled, semi-autonomous, individual software components for different functions. For example, an application can comprise one service for user account management, another for online merchant integration, and yet another for payment service.
Although APIs and microservices are different, they’re usually paired because microservices typically communicate with each other via their exposed APIs.
High‑traffic applications serve large volumes of concurrent API requests and need to respond to those requests quickly and reliably. Meeting these demands often means deploying numerous servers on-premise or on the cloud. A Load balancer sits in front of these servers and routes client requests across the network, compensating for lost capacity if a server goes down, and generally optimizing requests across the available network resources.
As mentioned, there are many APIs in use today, and APIs use network protocols for communications. The dominant type of APIs today are RESTful (Representational State Transfer). REST is not strictly a protocol or standard so much as a set of architectural constraints or guidelines. When a client request is made, a RESTful API sends a representation of the resource’s state to the requester or endpoint. This information, or representation, is delivered in one of several formats via HTTP: JSON (JavaScript Object Notation), HTML, XLT, Python, PHP, or plain text, with JSON being predominant.
Other API types include SOAP (Simple Object Access Protocol), introduced in the late 90s and, for a time, the dominant API model. It’s still used, but has since been eclipsed by REST. gRPC, developed by Google, is now widely used and is particularly suitable for mobile API development. Originally created by Facebook (now META), GraphQL is a language for querying databases from client-side applications, and is particularly useful for granular data access and mobile API development.
Finally, there’s a distinction between APIs and web services. In brief, all web services are APIs, but not all APIs are web services. Web service APIs usually operate through web browsers and web servers (although technically, it can be via any network). APIs can be implemented across HTTP, but they’re not restricted to that. So there’s a lot of overlap between the two, but it’s important to be aware of the distinction.
The API Economy
A term you may often come across is API economy. According to a Forbes report, nearly 40% of top US companies use more than 250 APIs, with more than US$2 billion invested in API development in 2020. These days everyone with a smartphone and a social media account is constantly drawing on API-linked applications—whether they know it or not. In the enterprise world, Amazon Web Services, Alibaba Cloud, Google, Facebook (Now META), and Microsoft Azure all make their services available through APIs and have large investments in developing the ecosystem. As more and more services are made available and integration continues to increase, the API economy can be expected to continue growing exponentially.
Conclusion
APIs provide unlimited opportunity for service integration, expansion and development. They’re key to participating in the booming, global digital economy and an entry into an almost limitless variety of digital services.
IT leaders who want a deeper dive into the API world or want to optimize their engagement in the API economy can start by exploring our growing number of eBooks on API management and APIOps.
IT developers seeking to traverse the API landscape can start by becoming familiar with REST, and other protocols, as well as exploring the API functionalities of their language of choice. Check out the Kong Learning Lab for state-of-the art learning resources across multiple languages and platforms. Once confident, you can start by downloading and installing the Kong HQ Gateway, which is an open-source API Gateway available for major operating systems. You can also refer to their documentation or explore the Knowledge Centre.
.