Internet & ToolsAn APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses. is a way for one program to use another program's features. Think of it like a menu at a restaurant, you don't need to know how to cook, you just order from the menu and the kitchen does the work. APIs power everything from weather apps to payment processing to social media logins.
What is an APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses.?
API = Application Programming Interface
It's a contract that defines:
- What operations are available
- What data format to use (usually JSONWhat is json?A text format for exchanging data between systems. It uses key-value pairs and arrays, and every programming language can read and write it.)
- How to authenticate (prove who you are)
- What errors mean
When you use an API, you're saying: "I want to use your functionality, but I don't need to see your code. Just tell me what requests to make and I'll handle the restWhat is rest?An architectural style for web APIs where URLs represent resources (nouns) and HTTP methods (GET, POST, PUT, DELETE) represent actions on those resources.."
Real-world API examples
| Service | What your app sends | What you get back |
|---|---|---|
| Weather API | City name or coordinates | Current temperature, forecast |
| Google Auth | OAuth token request | User's email and profile |
| Stripe | Payment card details | Success/failure confirmation |
| Google Maps | Address or coordinates | Map tiles, directions |
Without APIs, every developer would need to build everything from scratch. Want weather data? Build your own weather stations. Want maps? Survey the world yourself. APIs let you stand on the shoulders of giants.
What is RESTWhat is rest?An architectural style for web APIs where URLs represent resources (nouns) and HTTP methods (GET, POST, PUT, DELETE) represent actions on those resources.?
REST = Representational State Transfer
REST isn't a technology or a standard, it's an architectural style. It's a set of conventions for building APIs using HTTPWhat is http?The protocol browsers and servers use to exchange web pages, API data, and other resources, defining how requests and responses are formatted. in a predictable way. RESTful APIs are intuitive because they follow patterns you already understand.
The six REST principles
Client-server architecture: The client and server are separate. They can evolve independently as long as they keep the same interface.
StatelessWhat is stateless?A design where each request contains all the information the server needs, so any server can handle any request without remembering previous ones.: Each request contains all the information needed to process it. The server doesn't remember previous requests. This makes APIs scalable, any server can handle any request.
Cacheable: Responses can be cached. If you request /users/123 twice, the second response might come from a cache, not the server.
Uniform interface: Resources are identified by URLs. You use HTTP methods (GET, POST, PUT, DELETE) to act on them. Responses are self-descriptive.
Layered system: The client doesn't know (or care) if it's talking directly to the server or through intermediaries like load balancers or CDNs.
Code on demand (optional): Servers can send executable code to clients (rarely used in practice).
RESTful URL structure
REST organizes resources hierarchically using URLs:
/users → All users (collection)
/users/123 → Specific user (resource)
/users/123/posts → Posts by user 123
/users/123/posts/456 → Specific post by user 123Nesting shows relationships. It's intuitive, if you understand /users/123, you can guess what /users/123/posts means.
HTTP methods in REST
REST uses HTTP methods to define actions on resources:
| Method | URL | Action | Description |
|---|---|---|---|
| GET | /users | Read all | List all users (possibly paginated) |
| GET | /users/123 | Read one | Get user 123's details |
| POST | /users | Create | Create a new user |
| PUT | /users/123 | Update all | Replace user 123 completely |
| PATCH | /users/123 | Update some | Change specific fields of user 123 |
| DELETE | /users/123 | Delete | Remove user 123 |
See how predictable this is? Once you learn the pattern, you can interact with any REST APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses..
A complete RESTWhat is rest?An architectural style for web APIs where URLs represent resources (nouns) and HTTP methods (GET, POST, PUT, DELETE) represent actions on those resources. APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses. example
Blog API endpoints:
| Method | Endpoint | What it does |
|---|---|---|
| GET | /posts | List all posts (paginated) |
| GET | /posts/5 | Get post #5 |
| POST | /posts | Create new post |
| PUT | /posts/5 | Update post #5 completely |
| PATCH | /posts/5 | Update part of post #5 |
| DELETE | /posts/5 | Delete post #5 |
| GET | /posts/5/comments | Get comments on post #5 |
| POST | /posts/5/comments | Add comment to post #5 |
Request and response format
Request:
GET /api/users/123 HTTP/1.1
Host: api.example.com
Authorization: Bearer token123
Accept: application/jsonResponse:
HTTP/1.1 200 OK
Content-Type: application/json
{
"id": 123,
"name": "Alice",
"email": "alice@example.com",
"posts": 42,
"createdAt": "2023-01-15T10:30:00Z"
}Notice the Accept: application/json header, the client is saying "I want JSONWhat is json?A text format for exchanging data between systems. It uses key-value pairs and arrays, and every programming language can read and write it. back." And the server responds with Content-Type: application/json confirming that's what it's sending.
Why JSONWhat is json?A text format for exchanging data between systems. It uses key-value pairs and arrays, and every programming language can read and write it.?
JSON (JavaScript Object Notation) is the standard format for APIs because it:
- Is easy to read and write
- Is lightweight compared to XML
- Works with all programming languages
- Is native to JavaScript (most popular web language)
- Maps cleanly to objects in most languages
{
"user": {
"name": "Alice",
"age": 25,
"active": true,
"hobbies": ["coding", "gaming"],
"address": {
"city": "Paris",
"country": "France"
}
}
}APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses. authenticationWhat is authentication?Verifying who a user is, typically through credentials like a password or token.
Most APIs require authentication to identify who's making the request and control access.
| Method | Header example | Best for |
|---|---|---|
| API Key | X-API-Key: abc123xyz | Server-to-server calls |
| Bearer Token (JWT) | Authorization: Bearer eyJhb... | User-facing apps |
| OAuth 2.0 | Redirect-based flow | "Login with Google" buttons |
POST /getUsers or GET /deleteUser/123. They also tend to ignore pagination (returning all 10,000 records at once), skip error response bodies (returning just a status code with no message), and forget to version the API. If Copilot generates an endpoint, check: does it use the right HTTP method? Does it return proper error messages? Does the list endpoint support ?page= and ?limit=? A well-designed API should handle the unhappy path, not just the happy one.RESTWhat is rest?An architectural style for web APIs where URLs represent resources (nouns) and HTTP methods (GET, POST, PUT, DELETE) represent actions on those resources. vs other APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses. styles
| Style | Best for | Pros | Cons |
|---|---|---|---|
| REST | Standard CRUD operations | Simple, standard, easy to cache | Can require multiple requests |
| GraphQL | Complex data needs | Get exactly what you need | Steeper learning curve |
| gRPC | Microservices | Fast, type-safe, efficient | Requires HTTP/2, less browser support |
| WebSocket | Real-time updates | Bidirectional, persistent | More complex, harder to scale |
RESTWhat is rest?An architectural style for web APIs where URLs represent resources (nouns) and HTTP methods (GET, POST, PUT, DELETE) represent actions on those resources. best practices
Design:
- Use plural nouns:
/usersnot/user - Use nesting for relationships:
/users/123/posts - Keep URLs lowercase with hyphens:
/user-profilesnot/userProfiles - Version your APIWhat is api?A set of rules that lets one program talk to another, usually over the internet, by sending requests and getting responses.:
/v1/users,/v2/users
Responses:
- Return helpful error messages with details
- Use appropriate status codes
- Include paginationWhat is pagination?Splitting a large set of results into smaller pages so the server and client only handle a manageable chunk at a time. for lists:
/users?page=2&limit=20
Security:
- Use HTTPSWhat is https?HTTP with encryption added, so data traveling between your browser and a server can't be read or tampered with by anyone in between. always
- Validate all input
- Rate limit to prevent abuse
- Document your API (OpenAPIWhat is openapi?A standard format for describing REST APIs - their endpoints, parameters, and response shapes. Tools can generate documentation and client libraries from it automatically./Swagger is standard)
Quick reference
| Concept | Convention | Example |
|---|---|---|
| Resource naming | Plural nouns | /users, /posts |
| Get one | GET + ID | GET /users/123 |
| Create | POST to collection | POST /users |
| Update | PUT/PATCH + ID | PUT /users/123 |
| Delete | DELETE + ID | DELETE /users/123 |
| Nested resources | Parent/child | /users/123/posts |
| Filtering | Query params | ?status=active |
| Pagination | Query params | ?page=2&limit=20 |