#### Q1. What is an API? Give an example, where an API is used in real life.
Ans: An application programming interface, or API, enables companies to open up their applications’ data and functionality to external third-party developers, business partners, and internal departments within their companies. This allows services and products to communicate with each other and leverage each other’s data and functionality through a documented interface. Developers don't need to know how an API is implemented; they simply use the interface to communicate with other products and services. API use has surged over the past decade, to the degree that many of the most popular web applications today would not be possible without APIs.

An API is a set of defined rules that explain how computers or applications communicate with one another. APIs sit between an application and the web server, acting as an intermediary layer that processes data transfer between systems.

Here’s how an API works:

* A client application initiates an API call to retrieve information—also known as a request. This request is processed from an application to the web server via the API’s Uniform Resource Identifier (URI) and includes a request verb, headers, and sometimes, a request body.
* After receiving a valid request, the API makes a call to the external program or web server.
* The server sends a response to the API with the requested information.
* The API transfers the data to the initial requesting application.


Example of API is used in real life

* Third-party payment processing: For example, the now-ubiquitous "Pay with PayPal" function you see on ecommerce websites works through an API. This allows people to pay for products online without exposing any sensitive data or granting access to unauthorized individuals.
* Travel booking comparisons: Travel booking sites aggregate thousands of flights, showcasing the cheapest options for every date and destination. This service is made possible through APIs that provide application users with access to the latest information about availability from hotels and airlines. With an autonomous exchange of data and requests, APIs dramatically reduce the time and effort involved in checking for available flights or accommodation.

#### Q2. Give advantages and disadvantages of using API.
Ans: Advantages of using APIs:
 
* Automation: with APIs, computers rather than people can manage the work. Through APIs, agencies can update work flows to make them quicker and more productive.
* Application: because APIs can access the app components, the delivery of services and information is more flexible.
* More scope: with an API an application layer can be created which can be used to distribute information and services to new audiences which can be personalized to create custom user experiences.
* New data available: an API allows all of the information generated at the government level to be available to every citizen, not just a select few.
* Efficiency: when access is provided to an API, the content generated can be published automatically and is available for every channel. It allows it to be shared and distributed more easily.
* Integration: APIs allow content to be embedded from any site or application more easily. This guarantees more fluid information delivery and an integrated user experience.
* Personalization: through APIs any user or company can customize the content and services that they use the most.
 * Adaptation: needs change over time and APIs help to anticipate changes. When working with this technology, data migration is supported better, and the information is reviewed more closely. In short, APIs make service provision more flexible.
 
Disadvantages of using APIs:
* Security Risks: APIs can be vulnerable to security breaches if they are not properly secured or if they are used to access sensitive data. Hackers can exploit vulnerabilities in APIs to gain unauthorized access to systems or steal data.
* Maintenance: APIs require maintenance and updates to ensure they are running smoothly and securely. This can be time-consuming and costly, especially if there are multiple APIs to maintain.
* Complexity: APIs can be complex to use and require a certain level of technical expertise. This can make it difficult for non-technical users to understand how to use them.
* Dependency: Applications that rely on third-party APIs are dependent on the availability and reliability of those APIs. If the API goes down or experiences performance issues, it can affect the functionality of the application.

#### Q3. What is a Web API? Differentiate between API and Web API.
Ans:
A Web API, also known as a web service, is an API that is specifically designed for use over the internet. It uses HTTP requests to communicate with clients and can be accessed using a web browser or other software application. Web APIs are commonly used for sharing data and functionality between different software applications.

The main difference between a generic API and a Web API is that a Web API is accessed over the internet, whereas a generic API can be accessed locally on a device or within a closed network. A Web API typically uses the HTTP protocol to make requests and receive responses, while a generic API can use a variety of different communication protocols, such as TCP/IP, UDP, or serial communication.

Another difference is that Web APIs are often designed to be consumed by a wider range of clients, including web browsers, mobile devices, and other software applications. They typically use web-based technologies, such as XML, JSON, and REST (Representational State Transfer) to communicate with clients.

In summary, while all Web APIs are APIs, not all APIs are Web APIs. Web APIs are specifically designed to be accessed over the internet and typically use HTTP to communicate with clients, while generic APIs can be accessed locally or within a closed network and can use a variety of different communication protocols.

#### Q4. Explain REST and SOAP Architecture. Mention shortcomings of SOAP.
Ans: 
REST: representational state transfer\
REST is a set of architectural principles attuned to the needs of lightweight web services and mobile applications. Because it's a set of guidelines, it leaves the implementation of these recommendations to developers.

When a request for data is sent to a REST API, it’s usually done through hypertext transfer protocol (commonly referred to as HTTP). Once a request is received, APIs designed for REST (called RESTful APIs or RESTful web services) can return messages in a variety of formats: HTML, XML, plain text, and JSON. JSON (JavaScript object notation) is favored as a message format because it can be read by any programming language (despite the name), is human- and machine-readable, and is lightweight. In this way, RESTful APIs are more flexible and can be easier to set up.

An application is said to be RESTful if it follows 6 architectural guidelines. A RESTful application must have:

* A client-server architecture composed of clients, servers, and resources.
* Stateless client-server communication, meaning no client content is stored on the server between requests. Information about the session’s state is instead held with the client.
* Cacheable data to eliminate the need for some client-server interactions.
* A uniform interface between components so that information is transferred in a standardized form instead of specific to an application’s needs. This is described by Roy Fielding, the originator of REST, as “the central feature that distinguishes the REST architectural style from other network-based styles.”
* A layered system constraint, where client-server interactions can be mediated by hierarchical layers.
* Code on demand, allowing servers to extend the functionality of a client by transferring executable code (though also reducing visibility, making this an optional guideline).


SOAP: simple object access protocol\
SOAP is a standard protocol that was first designed so that applications built with different languages and on different platforms could communicate. Because it is a protocol, it imposes built-in rules that increase its complexity and overhead, which can lead to longer page load times. However, these standards also offer built-in compliances that can make it preferable for enterprise scenarios. The built-in compliance standards include security, atomicity, consistency, isolation, and durability (ACID), which is a set of properties for ensuring reliable database transactions.

Common web service specifications include:

* Web services security (WS-security): Standardizes how messages are secured and transferred through unique identifiers called tokens.
* WS-ReliableMessaging: Standardizes error handling between messages transferred across unreliable IT infrastructure.
* Web services addressing (WS-addressing): Packages routing information as metadata within SOAP headers, instead of maintaining such information deeper within the network.
* Web services description language (WSDL): Describes what a web service does, and where that service begins and ends.

When a request for data is sent to a SOAP API, it can be handled through any of the application layer protocols: HTTP (for web browsers), SMTP (for email), TCP, and others. However, once a request is received, return SOAP messages must be returned as XML documents—a markup language that is both human- and machine-readable. A completed request to a SOAP API is not cacheable by a browser, so it cannot be accessed later without resending to the API.


shortcomings of SOAP:
* Highly complex

In comparison to Rest, SOAP is significantly more complex. It's also less flexible. This might present a challenge for developers that are not highly skilled. The extensive processing required may also slow down performance.

* No variety of data formats

SOAP is also extremely limited in its support of data formats. The formats supported by Rest include HTML, JSON, YAML, XML and others. Meanwhile, SOAP only supports XML.

* API calls are not cached

The process where a request is sent after an API is set up with the correct endpoints is referred to as an API call. The process results in the information being transferred, processed and feedback being provided. It's not possible for SOAP API calls to be cached.

* Uses more bandwidth

SOAP is generally slower in comparison to Rest and it also uses more bandwidth given its very complex nature. It’s another limiting factor in the efficacy of this technology for certain projects.

#### Q5. Differentiate between REST and SOAP.
Ans: 
| SOAP | REST |
| --- | --- |
| SOAP is a protocol. | REST is an architectural style. | 
| SOAP stands for Simple Object Access Protocol. | REST stands for REpresentational State Transfer. | 
| SOAP can't use REST because it is a protocol. | REST can use SOAP web services because it is a concept and can use any protocol like HTTP, SOAP. | 
| SOAP uses services interfaces to expose the business logic. | REST uses URI to expose business logic. | 
| JAX-WS is the java API for SOAP web services. | JAX-RS is the java API for RESTful web services. | 
| SOAP defines standards to be strictly followed. | REST does not define too much standards like SOAP. | 
| SOAP requires more bandwidth and resource than REST. | REST requires less bandwidth and resource than SOAP. | 
| SOAP defines its own security. | RESTful web services inherits security measures from the underlying transport. | 
| SOAP permits XML data format only. | REST permits different data format such as Plain text, HTML, XML, JSON etc. | 
| SOAP is less preferred than REST. | REST more preferred than SOAP. | 
