## <u> Assignment 17 - 18th Feb </u>

#### Q1. What is an API? Give an example, where an API is used in real life.

An application programming interface (API) is the medium by which different software interact. 
It is a set of subroutine definitions, protocols, and tools for building software and applications.

For someone who is not tech-savvy, think of an API as a waiter for the software world. Strangely enough, a waiter and an API have some parallels when it comes to their function.

To illustrate, a waiter takes orders from customers and brings those orders to the kitchen. After preparation, the waiter then brings the customers their food.

In this way, the waiter serves as a middleman of sorts, facilitating communication between the table they're waiting on and the kitchen which prepares food.

APIs are used to abstract the complexity of back-end logic in a variety of software systems.

It's a little bit difficult to truly understand API without knowing their real-life applications. 
Below are couple of API examples, demonstrating various types of APIs.

- **Twitter Bots**
If you spend a significant amount of time on Twitter, then you've probably come across a bot at one point or another. Twitter has numerous bots that utilize the Twitter API to perform automated tasks.

- **Weather Snippets**
Ever do a Google search for the weather? A good search input likely resulted in a pop-up weather snippet right front and center on your Google search page.

- **Pay with PayPal**
Another popular API example is PayPal. PayPal is a fintech service that allows users to connect personal financial information to their PayPal account. This paves the way for easier, more secure money transfers.


#### Q2. Give advantages and disadvantages of using API. 

**Advantages**
- First, using an API saves development time and money. Whether a company opts for public APIs, private APIs, or Partner APIs, the costs of implementing, monitoring, and maintaining an API are far less than building everything from scratch. No time and no funds wasted.
 
- API supports traditional CRUD (Create Read Update Delete) actions as it works with HTTP verbs GET, PUT, POST, and DELETE.

- API helps you to expose service data to the browser

- It is based on HTTP, which is easy to define, expose in REST-full way.

- More importantly, APIs are more secure since it is harder – if not impossible in some cases – to hack or brute-force your way into. For example, using Google Login or Facebook Login APIs instead of creating the functionality for a platform from scratch means using a technology that uses Google’s or Facebook’s security measures. But also this is a technology that has been tested over and over again by millions of users. Why reinvent the wheel? 


**Disadvantages**
- As always with any online application, security is an issue if compromised, because sensitive data is at a risk. 
- Any unforeseen sudden changes with the API can be crippling to those who are dependent on them. Think about the Google Login API. If that open API is the only way a user can access their account, when it fails, the user is locked out. However, a company can easily avoid this situation by offering multiple login options, such as Login with Google, or Login with your Email. 
- It does not access from browser.
- Some web services are simple to use, but there are some flaws of using it.
- Any time one creates a service to handle a variety of customers, there is a demand for specialized machine requirements.
- The HTTP protocol is not reliable, so it does not offer any guarantee of delivery of the response

- Some APIs have poor documentation and sometimes no support. This means that when developers want to implement them, they might have a lot of issues. And with no support, there is no one there to help them through the process. So, before implementing and external API, companies and developers should make sure they have all the documentation they need and there is a support system in place.

- Last but not least, the owner of an API might change their Terms and Conditions overnight. This means that whether they notify their users about this change or not, both the company’s data, as well as their users’ information, are at risk. So before using an external API, open API and Partner APIs included, it is highly recommended that the provider should be vetted in advance to minimize the risk of data breach.

#### Q3. What is a Web API? Differentiate between API and Web API.

A web API is an application programming interface for either a web server or a web browser. It is a web development concept, usually limited to a web application's client-side (including any web frameworks being used), and thus usually does not include web server or browser implementation details such as SAPIs or APIs unless publicly accessible by a remote web application.

**The key differences between API and Web API**

- Web API is a collection of open source protocols and standards used for exchanging data between systems or applications, whereas API is a software interface that allows two applications to interact with each other without any user involvement.
- Web API is used for REST, SOAP, and XML-RPC for communication, while API is used for any style of communication.
- Web API supports only HTTP protocol, whereas API supports TCP,SMTP,HTTP/S protocol.
- Web SPI supports XML, while API supports XML and JSON.
- All Web services are APIs, but all APIs are not web services.


#### Q4. Explain REST and SOAP Architecture. Mention shortcomings of SOAP.

**<u> REST Architecture</u>**

REST stands for **RE**presentational **S**tate **T**ransfer. REST is a software architectural style that defines the set of rules to be used for creating web services. Web services which follow the REST architectural style are known as RESTful web services. It allows requesting systems to access and manipulate web resources by using a uniform and predefined set of rules. 

**A Restful system consists of a:**
- client who requests for the resources.
- server who has the resources.

**Architectural Constraints of RESTful API:**
There are six architectural constraints which makes any web service are listed below

- Uniform Interface
- Stateless
- Cacheable
- Client-Server
- Layered System
- Code on Demand


**<u> SOAP Architecture</u>**

SOAP is an acronym for **S**imple **O**bject **A**ccess **P**rotocol. It is an XML-based messaging protocol for exchanging information among computers. SOAP is an application of the XML specification.

The SOAP web services architecture is based on interactions between three components: 

**The service provider**
The collection of software that provides a web service.
**The service requester**
The collection of software that is responsible for requesting a web service from a service provider.
**The service registry**
- The service registry is a central location where service providers can publish their service descriptions and where service requesters can find those service descriptions.
- The registry is an optional component of the web services architecture because service requesters and providers can communicate without it in many situations. For example, the organization that provides a service can distribute the service description directly to the users of the service in a number of ways, including offering the service as a download from an FTP site.

**Shortcomings of SOAP**
- API Calls are not Cached
An API call is a process of sending a request when an API has been set up with the necessary endpoints. The information is transferred, processed, and feedback is supplied as a result of the process. It is not feasible to cache SOAP API requests.
- Extremely Complicated
SOAP is substantially more sophisticated than REST. It is also less adaptable. For developers who aren't very experienced, this could be a problem. Performance may be slowed as a result of the substantial processing required.
- No Choice of Data Formats
SOAP's support for data formats is likewise severely constrained. HTML, JSON, YAML, XML, and more formats are supported by REST. SOAP, on the other hand, only supports XML.
- Requires More Bandwidth
SOAP is often slower than REST, and it also consumes more bandwidth due to its complexity. It's also a limiting issue in the technology's efficacy for some applications.

#### Q5. Differentiate between REST and SOAP

There is no direct comparison between **SOAP** and **REST** APIs. But there are some points to be listed below which makes you choose better between these two web services.  

<table style='float:center;'>
    <tr>
        <th style="text-align:center;"><strong>SOAP API</strong></th>
        <th style="text-align:center;"><strong>REST API</strong></th>
    </tr>
    <tr>
        <td style="text-align:left;">Relies on SOAP (Simple Object Access Protocol)</td>
        <td style="text-align:left;">Relies on REST (Representational State Transfer) architecture using HTTP.</td>
    </tr>
    <tr>
        <td style="text-align:left;">Transports data in standard XML format.</td>
        <td style="text-align:left;">Generally transports data in JSON. It is based on URI. Because REST follows stateless model, REST does not enforces message format as XML or JSON etc.</td>
    </tr>
    <tr>
        <td style="text-align:left;">Because it is XML based and relies on SOAP, it works with WSDL</td>
        <td style="text-align:left;">It works with GET, POST, PUT, DELETE</td>
    </tr>
    <tr>
        <td style="text-align:left;">Works over HTTP, HTTPS, SMTP, XMPP</td>
        <td style="text-align:left;">Works over HTTP and HTTPS</td>
    </tr>
    <tr>
        <td style="text-align:left;">Highly structured/typed</td>
        <td style="text-align:left;">Less structured -&gt; less bulky data</td>
    </tr>
    <tr>
        <td style="text-align:left;">Designed with large enterprise applications in mind</td>
        <td style="text-align:left;">Designed with mobile devices in mind</td>
    </tr>    
</table>