## [Python & APIs: A Winning Combo for Reading Public Data](https://realpython.com/python-api/)

#### Getting to Know APIs
- **API** stands for *application programming interface*. In essence, an API acts as a communication layer, or interface, that allows different systems to talk to each other without having to understand exactly what the others do.
- Working of API: You usually make a request for information or data, and the API returns a response with what you requested.
- An **endpoint** is a part of the URL that specifies what resource you want to fetch. Well-documented APIs usually contain an **API reference**, which is extremely useful for knowing exactly which endpoints and resources an API has and how to use them.

##### HTTP Headers
- **Accept**: What type of content the client can accept
- **Content-Type**: What type of content the server will respond with
- **User-Agent**: What software the client is using to communicate with the server
- **Server**: What software the server is using to communicate with the client
- **Authentication**: Who’s calling the API and what credentials they have


##### HTTP Methods
- When calling an API, there are a few different methods, also called verbs, that you can use to specify what action you want to execute. `POST`, `GET` `PUT` and `DELETE` (`C`reate, `R`ead, `U`pdate and `D`elete: `CRUD`)

##### Query Parameters
- Sometimes when you call an API, you get a ton of data that you don’t need or want. To add a query parameter to a given URL, you have to add a question mark (?) before the first query parameter. If you want to have multiple query parameters in your request, then you can split them with an ampersand (&).

```python
query_params = {"gender": "female", "nat": "de"}
requests.get("https://randomuser.me/api/", params=query_params).json()
```

#### [OAuth](https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth)
- To break it down simply, OAuth is where:
    1. App requests authorization from User
    2. User authorizes App and delivers proof
    3. App presents proof of authorization to server to get a Token
    4. Token is restricted to only access what the User authorized for the specific App
(read when needed)

##### Pagination
- Sending lots of data back and forth between clients and servers comes with a price: *bandwidth*. To make sure that servers can cope with a lot of requests, APIs typically use pagination.
- In very simple terms, **pagination** is the act of splitting large amounts of data into multiple smaller pieces.
- For APIs in particular, this is normally handled with the help of query parameters, mainly the following two:
    1. A page attribute that defines which page you’re currently requesting
    2. A size attribute that defines the size of each page

##### Rate Limiting
- Given that APIs are public facing, and anyone can use them, people with bad intentions often try to abuse them. To prevent such attacks, APIs use a technique called **rate limiting**, which restricts the number of requests that users can make in a given time frame.