Don't forget to hit the ⭐ if you like this repo.
Group Gadgeteen
- Goo Ye Jui (A20EC0191)
- Kelvin Ee (A20EC0195)
- Lee Jia Xian (A20EC0200)
- Lee Ming Qi (A20EC0064)
- Ong Han Wah (A20EC0129)
- Definition
- How it works
- Types of APIs
- API Protocol and Architecture
- API Authentication and Security
- API Documentation
An API, or application programming interface, is a set of defined rules that enable different applications to communicate with each other. It acts as an intermediary layer that processes data transfers between systems, letting companies open their application data and functionality to external third-party developers, business partners, and internal departments within their companies.
The definitions and protocols within an API help businesses connect the many different applications they use in day-to-day operations, which saves employees time and breaks down silos that hinder collaboration and innovation. For developers, API documentation provides the interface for communication between applications, simplifying application integration.
APIs work by enabling different software applications to communicate and exchange data with each other. APIs act as a layer of communication between applications, allowing them to interact and share resources without needing to understand the underlying code or data structures.
Here is a general overview of how an API works:
- The client application makes a request to the API by sending a message using a specific protocol (such as HTTP).
- The API receives the request and processes it. This may involve checking the client's credentials or parameters, validating the request, and performing any necessary data manipulation or processing.
- The API then sends a response back to the client application, typically in the form of a data object or message.
- The client application receives the response and processes it. This may involve displaying the data to the user, storing it for later use, or using it to perform some other action.
APIs are sometimes considered contracts, where documentation is an agreement between the parties, “If party 1 sends a remote request structured a particular way, this is how party 2 software will respond.”
Types of API | Description |
---|---|
Public APIs |
|
Partner APIs |
|
Private APIs |
|
a. RESTful APIs
- REST (Representational State Transfer) is an architectural style for designing networked applications.
- RESTful APIs are built based on the principles of REST.
- RESTful APIs use HTTP methods (GET, POST, PUT, DELETE) to perform operations on resources identified by URLs (Uniform Resource Locators).
- RESTful APIs are stateless, meaning each request is independent and doesn't rely on previous requests or stored states.
- They commonly use JSON (JavaScript Object Notation) or XML (eXtensible Markup Language) as data formats for request and response payloads.
b. SOAP APIs
- SOAP (Simple Object Access Protocol) is a protocol for exchanging structured information in web services.
- SOAP APIs use XML to define message formats and rely on the XML-based SOAP envelope for packaging requests and responses.
- They often use HTTP, SMTP, or other protocols for message transport.
- SOAP APIs are more heavyweight compared to RESTful APIs and require more bandwidth and processing power.
c. GraphQL APIs
- GraphQL is a query language for APIs and a runtime for executing those queries with existing data.
- GraphQL APIs allow clients to request specific data and shape the response according to their needs.
- Unlike RESTful APIs, where clients typically receive fixed data structures, GraphQL APIs provide more flexibility and efficiency in data retrieval.
- GraphQL APIs are language-agnostic and can be used with various programming languages and frameworks.
- API Authentication: APIs often require authentication mechanisms to ensure that only authorized clients can access protected resources.
- Common authentication methods include API keys, tokens (OAuth, JWT), and username/password combinations.
- API Security: APIs need to be secured to protect sensitive data and prevent unauthorized access.
- Security measures include using HTTPS/SSL for encrypted communication, input validation, rate limiting, and implementing access controls and authorization.
- API documentation is crucial for developers to understand how to use an API effectively.
- Good documentation provides clear instructions, detailed descriptions of endpoints, request/response formats, and examples.
- Popular tools for API documentation include Swagger, OpenAPI, and Postman.
Please create an Issue for any improvements, suggestions or errors in the content.
You can also contact me using Linkedin for any other queries or feedback.