What is an API? Complete Guide with Examples & How to Build Your Own
Contents
What is an API?
An API (Application Programming Interface) is a set of rules that allows software applications to communicate. APIs define how requests should be made, what data is expected, and how responses are returned.
Think of an API as a waiter at a restaurant: you tell it what you want, it brings it from the kitchen, and returns it to you.
How APIs work
API workflow in plain terms:
- Client sends a request to the API (e.g., "Give me the list of users").
- API validates the request and forwards it to the server or database.
- Server processes the request and sends data back to API.
- API returns the response to the client.
Common HTTP verbs: GET, POST, PUT, DELETE.
Types of APIs
- REST API: Most common; uses HTTP and JSON.
- GraphQL: Clients request exactly the data they need.
- WebSocket APIs: Real-time two-way communication.
- SOAP: XML-based enterprise APIs.
Real-world examples of APIs
- Weather apps fetch live data from a Weather API.
- Login with Google/Facebook uses OAuth APIs.
- Payment services like Stripe or PayPal APIs.
- Google Maps API for geolocation or directions.
Common mistakes when using APIs
- Not handling errors correctly (
404,500, etc.). - Exposing sensitive API keys publicly.
- Not validating input data from users.
- Ignoring rate limits.
Useful API tools
- Postman: Test APIs interactively.
- Swagger: Document and design APIs.
- Insomnia: Alternative for API testing.
Build a simple API — Express.js example
Here's a minimal copyable Node.js + Express example:
// index.js
const express = require('express');
const app = express();
const PORT = 3000;
app.use(express.json());
let users = [
{ id: 1, name: 'Priyanuj' },
{ id: 2, name: 'Mia' }
];
// GET /api/users
app.get('/api/users', (req, res) => res.json(users));
// POST /api/users
app.post('/api/users', (req, res) => {
const { name } = req.body;
if (!name) return res.status(400).json({ error: 'Name required' });
const newUser = { id: Date.now(), name };
users.push(newUser);
res.status(201).json(newUser);
});
app.listen(PORT, () => console.log(`API running on http://localhost:${PORT}`));
Test using curl http://localhost:3000/api/users or Postman.
Security & best practices
- Authenticate users (JWT, API keys, OAuth).
- Validate all input to prevent attacks.
- Rate-limit API requests.
- Always use HTTPS.
- Version your API (
/api/v1/). - Document your API for developers.
Conclusion
APIs are the backbone of modern software. With this guide, you can start experimenting by building simple REST APIs, testing with Postman, and understanding security essentials. Over time, you'll be able to create scalable, secure, and reusable APIs for web or mobile apps.
0 Comments