When you want to check the weather on your smartphone you just press the weather app on your smartphone and you immediately receive information about the weather. What you might not notice are all the gears that start to turn in order to make this happen.
One of the important parts is that the weather data is being retrieved from a location on the internet that provides this data in the form of an API. However, without a connection to this API, you would receive nothing and you would still be wondering what kind of weather it would be the next few days. API’s are everywhere and without them, the quick access to information and services on the web would be very limited. API stands for Application Programming Interface. It is a communication contract that allows your application on your device (app) to communicate with another application, for example as a trigger from just pressing a single button. In other words: it allows different software programs to communicate with each other.
The Metaphor
Imagine you want to get a cup of Latte Macchiato from a coffee machine. In the menu you can press the button saying “Latte Macchiato” and the coffee is being served to you within seconds. Pressing the button “Latte Macchiato” can be interpreted as your personal interface (API) to the coffee machine. All the complexities behind the coffee machine are hidden inside the machine and you are not bothered with it: the machine does all the work and the only work you have to do is to press the button that refers to the type of coffee you want to have.
APIs are not a technology of the last few years
Back in the early ‘90s, when the PC world was ruled by MS-DOS, I got my first Personal Computer. In order to operate a PC, I had to insert quite a lot of manual commands myself. In other words: to prepare my own coffee, I had to take a lot of steps to actually get it. There was no “one button magic” in order to get a program running. The more complex the software was, the more complex the coding would be in order to get users to properly use the software. This had a dramatic impact on the developing time of software because of the complexity of the coding and the huge amount of coding lines.
Nowadays, DOS can still be used in Windows but most normal users don’t use it anymore. However, in the picture below I just wanted to show how many steps you might have to take to actually start using a program. In this case, starting up the setup of the Windows support to assist.
As you can see you need to enter quite some commands to search for the right directories that will lead in the end to the right command word to start up the program. Of course, most commands can be skipped if you know the location of all directories but in case you need a program on a location that you hardly use, the time it takes to find it might be quite extensive. What people might not know is that MS-DOS provides you with a low-level API that gives you the opportunity to provide commands to the system.
This means that APIs have been around for a long time but nowadays they are far more high-level and intuitive than in the past. These are the APIs that you will find in modern OS’s and on the internet like the weather app I previously discussed.
How does an API work in practice?
If you push on the weather app of your mobile telephone, the weather application connects to the internet and is navigated to the specific API service. This service connects to a webserver where the webserver retrieves the data request you provided through the API service. After that, the web server connects to the correct database (the database that stores all the details regarding the weather). The database returns the required data through the web server and the API back to your mobile telephone after which you will see the weather report you were looking for. Below figure shows this process:
A practical example: booking a flight
If you want to book a flight, you can download an app for a travel service. After installing the app on your device, you can start the app and enter the travel date and destination. After that, the request is sent to the airline API by the internet and this API connects to the webserver of the airline which is connected with the database or internal API of the airline. This database or internal API stores for example available seats, baggage options, prices, etc. and returns this through the webserver and the API to the app on your device.
Then the second step is done: the selection and booking of your flight. You click the seat you want and the baggage options and you send this information through the airline API. This time the API leads you to a different location: the counter where you place the order of your flight. After the order is registered you receive a confirmation of the registration through the API.
The final step has to be taken now: at the virtual counter of the airline, you have to do the payment. This is done by selecting the payment method you want to use (for example, credit card or bank card). However, the airline does not take care of the payment service. This is done by a different service provider: a FinTech company. The API of the FinTech company connects to the webserver of the FinTech company that sets up a safe payment portal with the bank or credit card company. After the verification is done, the payment is completed and your ticket is booked.
API types
There are four types of API that are commonly used in web-based applications:
Public APIs
Open and available for use by any outside developer or business. Public APIs typically involve moderate authentication and authorization. Additionally, these APIs are sometimes commercialized/monetized by imposing a per-call cost to utilize the public API.
Partner APIs
A partner API is only available to specifically selected and authorized external developers or API consumers. A partner API is meant to facilitate B2B (business-to-business) activities. An example of this is a business, sharing its customer data with external CRM firms. A partner API can connect with the internal customer data system with those external parties: no API use is permitted.
Internal APIs
An internal (or private) API is only for use within a company, to connect systems and data within the business. An example is an internal API that connects an organization’s payroll and HR systems.
Composite APIs
These APIs combine two or more APIs to create a sequence of related or connected operations. Composite APIs can be very handy if you want to address complex or tightly-related API actions. If you manage to do this properly it can increase speed and performance over individual APIs.
API protocols and architectures
In order to exchange commands and data, clear protocols and architectures are required. There are three categories of API protocols or architectures. For now I will only mention them but in future posts I will explain them in more detail:
- REST
- RPC
- SOAP
How APIs help to secure your data
Back to the coffee machine example. If you are standing in front of the coffee machine and you would like to order a soda, you can’t get it because it’s not an option. In other words: you have to choose something from the menu. Because of this, only required data is exposed. The machine does not need to know your name, your address, your age, etc. to get you a Latte Macchiato.
An API uses the same concept. An API normally works based on action-related information and nothing more. In its turn, the webserver is also not exposed to your device. Both parties communicate only the small packages of data, required to provide the service that is requested.
The use of smartphones without APIs
I think that in a world without high-level APIs, a smartphone would not exist. Imagine you have to manually type all kinds of commands in a Linux command prompt (if you use an Android telephone) or in an iOS command prompt (if you use an iPhone) on your telephone to get the information you are looking for. It would also be a challenge to find the right information at the right location. You would need to go manually through all kinds of databases in search of the right piece of information you are looking for. A lot of people would prefer other (quicker and less complex) options to gather their information and would not consider it worthwhile to use a mobile telephone for this.
Final Thoughts
The way of communication between users and machines by using APIs has made the life of programmers much easier but has also caused a revolution in the IT industry because a lot of coding jobs vanished with the introduction of APIs and the automation of programming because of this.
APIs were one of the key drivers in the evolution of web 1.0 into web 2.0 and created a new wave of possibilities for both users and programmers. I am sure that APIs will play their part in the evolution of Web 2.0 into Web 3.0 as well. However, Web 3.0 will force APIs to evolve themselves as well. I hope this post helps to give you a bit more understanding of how API’s work in general and the part they play in our current society.
Feel free to contact me if you have any questions or if you have any additional advice/tips about this subject. If you want to keep in the loop if I upload a new post, don’t forget to subscribe to receive a notification by e-mail.
