Skip to main content 7nolikov | Dmitrii Novikov

What is API?

Application Programming Interface is a tool that allows different software applications to communicate with each other. Think of it as a bridge that connects systems, enabling them to share data and perform tasks without knowing the details of how the other system works.

For example, when you book a flight online, the travel website uses an API to get flight details from the airline’s database.

Mermaid diagram start

API_ServerClientAPI_ServerClientHTTP Request (GET/POST)HTTP Response (200 OK / 404 Not Found)

Mermaid diagram end

Types of APIs

1. Web APIs

These are the most common and allow communication over the internet using protocols like HTTP. Examples include REST APIs and GraphQL APIs.

Mermaid diagram start

HTTP Request
HTTP Response
Client
Web API
Database
External Service

Mermaid diagram end

2. Library APIs

These let developers use functions from a library (e.g., a math or graphics library) within their application.

Mermaid diagram start

Application
Library API
Function 1
Function 2
Function 3

Mermaid diagram end

3. Operating System APIs

These allow applications to interact with the operating system, like accessing files or managing memory.

Mermaid diagram start

FileSystemOS_APIApplicationFileSystemOS_APIApplicationRequest file accessFetch fileFile dataReturn file content

Mermaid diagram end

4. Database APIs

These allow applications to query and update databases.

Mermaid diagram start

SQL Query
Query Result
Application
Database API
Database

Mermaid diagram end

API Implementations

1. REST (Representational State Transfer)

REST APIs are simple, stateless, and work over HTTP. They use methods like GET, POST, PUT, and DELETE for operations. Example: A weather app fetching data from a weather API using a GET request.

Mermaid diagram start

REST_APIClientREST_APIClientGET /weatherJSON Response { "temp": 25°C }

Mermaid diagram end

2. GraphQL

GraphQL is a query language for APIs that allows clients to request specific data, making it flexible and efficient. Example: A shopping app requesting only product names and prices from an API.

Mermaid diagram start

GraphQL_ServerClientGraphQL_ServerClientQuery { product { name, price } }{ "name": "Laptop", "price": 1200 }

Mermaid diagram end

3. SOAP (Simple Object Access Protocol)

SOAP APIs use XML and have strict standards, often used in enterprise applications like payment gateways.

Mermaid diagram start

SOAP Request
XML Response
Client
SOAP API

Mermaid diagram end

4. gRPC

A modern API framework that uses Protocol Buffers for faster communication, often used in microservices.

Mermaid diagram start

Service_BgRPCService_AService_BgRPCService_ARequest serialized dataTransfer binary dataReturn responseDecode response

Mermaid diagram end

API Lifecycle

Understanding the API Lifecycle helps in managing APIs effectively from inception to retirement.

Stages:

  • API Design: Planning the structure and functionality of the API.
  • Development: Writing the code and building the API.
  • Testing: Ensuring the API works as intended and is free of bugs.
  • Deployment: Making the API available for use.
  • Monitoring: Tracking the performance and usage of the API.
  • Versioning: Updating the API to add features or fix issues without disrupting existing users.

Mermaid diagram start

API Design
Development
Testing
Deployment
Monitoring
Versioning

Mermaid diagram end

API Security

APIs are vulnerable to attacks like SQL injection, DDoS, and data breaches. Security measures like authentication, authorization, and encryption are crucial to protect APIs.

Stages:

  • Client: The user or application making the API request.
  • API Gateway: Manages incoming requests and routes them appropriately.
  • Authentication Service: Validates the security token provided by the client.
  • API Server: Processes the request if authentication is successful.
  • Database: Stores and retrieves data as needed.

Mermaid diagram start

Request with Token
Validate Token
Token Valid
Process Request
Send Data
Response
Forward Response
Client
API Gateway
Authentication Service
API Server
Database

Mermaid diagram end

API Rate Limiting

Rate limiting restricts the number of requests a client can make to an API within a specific time frame, preventing abuse and ensuring fair usage.

Mermaid diagram start

API_ServerRate_LimiterAPI_GatewayClientAPI_ServerRate_LimiterAPI_GatewayClientalt[Within Limit][Exceeded Limit]API RequestCheck Rate LimitAllow RequestForward RequestResponseSend ResponseReject Request429 Too Many Requests

Mermaid diagram end

API Versioning

API versioning is crucial to maintain backward compatibility and allow for changes without breaking existing client applications.

Mermaid diagram start

Deprecated
API v1
Client
API v2
New Features
Old Features

Mermaid diagram end

Explanation:

  • API v1: The original version of the API.
  • API v2: An updated version introducing new features while maintaining old functionalities.
  • Client: Can continue using the deprecated v1 or migrate to v2.

API Gateway Architecture

API gateways act as a single entry point for multiple APIs, providing security, monitoring, and routing capabilities.

Mermaid diagram start

Client
API Gateway
Authentication Service
Rate Limiter
REST API
GraphQL API
gRPC API
Service A
Service B
Service C

Mermaid diagram end

Explanation:

  • API Gateway: Acts as a single entry point for all API requests.
  • Authentication Service: Handles user authentication.
  • Rate Limiter: Manages request rates to prevent abuse.
  • REST, GraphQL, gRPC APIs: Different types of APIs managed by the gateway.
  • Services A, B, C: Backend services handling specific functionalities.

Real-World API Integration Example

Demonstrate how multiple APIs work together in a real-world scenario.

Mermaid diagram start

DatabaseData_APIAuth_APIFrontendUserDatabaseData_APIAuth_APIFrontendUserLogin RequestAuthenticate UserAuth TokenRequest Data with TokenFetch DataData ResponseSend DataDisplay Data

Mermaid diagram end

In this flow:

  1. The User sends a login request to the Frontend.
  2. The Frontend communicates with the Auth_API to authenticate the user.
  3. Upon successful authentication, the Auth_API returns an authentication token.
  4. The Frontend uses this token to request data from the Data_API.
  5. The Data_API fetches the required data from the Database and returns it to the Frontend.
  6. Finally, the Frontend displays the data to the User.

Why APIs Matter

APIs are essential because they:

  • Enable software systems to work together seamlessly.
  • Simplify complex tasks by hiding implementation details.
  • Allow businesses to build integrations and create better user experiences.

APIs power everything from social media integrations to payment systems, making them a cornerstone of modern technology.