Application Programming Interface (API) is a software intermediary that allows two applications to talk to each other. Whenever you use an app like Instagram, Facebook, or Twitter, whenever you send an email, or whenever you check the weather on your smartphone, you’re using APIs.
An API is a collection of defined rules that explains how computers or applications communicate. APIs sit between applications and the web servers, acting as an intermediary that processes data transfers between systems.
Here’s how an API works:
An API call retrieves information—also known as requesting information.
This request is processed by an application to the web servers via the APIs URI and includes a request verb and headers.
When a valid request comes in, the API makes an HTTP request to the external program or website.
The server sends to the API with the requested information.
The API transfers the data to the initial requesting application.
The data transfer will vary depending on which web service is being used, but the request and response all happen through an API. Whereas a UI is designed for use by people, APIs are designed for computers or applications.
APIs offer security by default because they’re positioned as middlemen between applications and the services they consume. When making API calls, you normally need authentication credentials to prevent unauthorized access to the server. An API gateway can limit access so that only authorized users can use the service. During an exchange, HTTP headers, cookie, or query string parameters add extra security layers to the data exchanged.
For example, consider an API offered by a payment processing service. Customers can enter their card details on the front end of an application for an eCommerce store. The payment processor doesn’t require access to the user’s bank account; the API creates a unique token for this transaction and includes it in the API call to the server. This ensures a higher level of security against potential hacking threats.
Common API examples
Because APIs allow companies open up access to their services while maintaining security and control, they have become an important part of modern business. APIs allow businesses to diversify the software programs they consider. For example, rather than limiting themselves to Google Suite, a business may consider looking for software where the application program interface for Google Calendar’s integration syncs with their preferred tool.
Here are some types of APIs you might encounter:
- Universal logins
- Third-party payment processing
- Travel booking comparisons
- Google Maps API
Types of APIs by availability
Private APIs. Application software interfaces are designed for making improvements within an organization. Developers who work for a company often use these APIs to integrate their company’s IT system or application, build new systems, or create customer facing apps using existing systems. Even though an app may be publicly available, the interface of the app is not accessible to anyone but the developer. Private APIs allow companies to fully control their API usage.
Partner APIs. Partner APIs are openly advertised but shared with business partners whose agreements with the publisher allow them access to the API. Common use cases for partner APIs include integrating software between two companies. A company that grants its partners with access to data benefits from extra revenue streams by granting them access to data. At the same time as ensuring that the exposed digital assets are protected, it can also monitor how they’re used, ensure that third-party solutions using its APIs provide a good user experience, and maintain company identity in its apps.
Public APIs. Also known as developer-facing or external, these APIs are available for any third-party developers. A public API program allows for increasing brand awareness and receiving an additional source of income when properly executed.
There are two types: Open (free of charge) APIs and commercial ones. The Open API Definition states that all features of such APIs are open and free for use by anyone. For example, it’s possible to build an app that uses the API without explicit approval by the API supplier or mandatory license fees. The definition also says that the API description and related documentation must be open and free for anyone to use, and that the API itself can be freely used to develop and test applications.
Commercial API users pay for subscriptions or use APIs on a per-use basis. One way for publishers to monetize their content is by offering free trials, so users get to evaluate the APIs before buying subscriptions. Learn more about how business benefit from opening their APIs to the public in our detailed article on the API economy.