If you’re wondering, “What is an API?” you may not have heard the term before. Or perhaps you have a vague idea of what an API is or some understanding of what they do. In either case, we’re here to help: let’s dive in.
API definition
API stands for Application Programming Interface. In basic terms, APIs are a set of functions and procedures that allow for the creation of applications. They access the data and features of other applications, services, or operating systems.
Essentially, they’re a go-between for different software platforms. They allow two unrelated applications to “talk” to each other.
Watch this video to learn what an API is from Axway’s team of industry-leading experts.
For example, let’s say you’re a stockbroker, knee-deep in the financial markets and trading. An API may link a set of automated trading algorithms to the trader’s preferred trading broker platform. This allows you (the trader) to see real-time quotes and price data or conduct electronic trades.
Good APIs make it easier to develop a computer program by providing all the building blocks, which are then put together by the programmer. In fact, APIs are often compared to Legos for this reason, because you can mix and match and reuse them infinitely to build new services.
So, what is an API exactly?
Let’s get down to it and go deeper and pick it apart:
- What is an API?
- What makes it different?
- Why is it so popular?
First of all, the API is not the database or even the server; it’s the code that governs the server’s access point(s). An API is like a common language, a communications mechanism between developers.
Real-world examples of APIs
One real-world example of API use is buying movie tickets online. You go to the movie site; you enter your movie, name, and credit card information, and lo-and-behold, you print out your tickets.
But have you asked yourself what’s going on between entering your information to receiving your ticket? APIs, that’s what! They are the glue of the digital world, collaborating behind the scenes with other applications, making “calls” to each other to deliver data that’s needed as requested.
This type of integration is called “seamless” because you never know when a software role passes from one application to another.
Other examples of API in our day-to-day lives include:
- Weather apps pulling forecast data from national meteorological services
- Ride-sharing apps like Uber using Google Maps for route mapping
- Spotify recommending a new song using listening history APIs
- Banking apps checking real-time account balances
- Social media login using “Sign in with Google/Facebook”
- Travel booking sites comparing flight prices across airlines
- Smart home devices controlling lights/thermostats via smartphone apps
- Food delivery services tracking order status in real time
One useful analogy is to think of APIs as a hotel concierge. When you stay at a hotel and need something – especially in the days before Yelp reviews – you would speak to the concierge to get connected.
This could be something internal provided by the hotel, like dinner reservations at the hotel restaurant, or external like golf or theater tickets. The concierge simplifies your access to these different services.
APIs are essentially the concierge of the digital world — they enable businesses to speak the same language, and they power the global digital economy.
Why do we need an API?
Imagine the following scenario: You (as in, your application, or your client, say a web browser or mobile app) want to access another app’s data or functionality.
Perhaps you want to access all tweets that mention the #jimmychoo hashtag. You could email X and ask for a spreadsheet of all these tweets. But then you’d have to find a way to import that spreadsheet into your application. It’s not a very efficient way to get the job done.
Why? Even if you stored them in a database, as we have been, the data would become outdated very quickly. It would be impossible to keep it up to date.
It would be better and simpler for X to provide you a way to query their application to get that data so that you can view or use it in your application. It would stay up to date automatically that way.
The API provides access to data, so this data can be included in different applications. Instead of attempting to format a big file in a local application to extract a little bit of data, an API delivers the data you’re looking for without needing additional investigation or manipulation. It’s a much more efficient way to find the information you’re seeking and plug it in.
History of APIs: SOAP XML V/S REST JSON APIs
So, where did APIs originate? It depends on who you ask. Salesforce.com launched the first online API on February 7th, 2000, according to the API Evangelist. But the Salesforce APIs were not intended to be made public.
It’s also been said that eBay started creating them for their own use that same year. So, Salesforce and eBay are often given credit for introducing the oldest APIs in history, but the story doesn’t begin there.
During the 2000s, SOAP Services were leveraged for some of the same use cases… and then Roy T. Fielding came along.
Who Is Roy T. Fielding?
At the same time all of this was going on (in 2000), Roy Fielding introduced what we know as modern web APIs, with his dissertation, “Architectural Styles and the Design of Network-based Software Architectures.” Other forms were developed later, producing a whole new industry of online social and corporate collaborations.
Fielding is a computer scientist and a prominent figure in the networked software industry. As a graduate student at the University of California Irvine, Fielding invented a robot for the web called MOMspider for a class project. You can easily tell he wasn’t a typical student.
After that, he came up with some of the underlying principles for developing the WWW, which he originally called the “HTTP Object Model,” but later renamed it while working on his Ph.D. He decided to call it Representational State Transfer or “REST.”
REST provides a lighter-weight alternative to SOAP. Many developers found SOAP cumbersome and hard to use. REST is easy to understand, and it’s simple to write and document. As Roy Fielding himself put it, “REST was originally created to solve my problem: how do I improve HTTP without breaking the Web?”
This ease of use also makes it easy for other developers to understand and write applications.
REST makes efficient use of bandwidth, as it’s much less verbose than SOAP. It supports many data formats, but the predominant use of JSON means better support for browser clients.
JSON sets a standardized method for consuming API payloads so that you can take advantage of its connection to JavaScript and the browser. So, what is JSON, and why do we use it?
What Is JSON?
JSON stands for JavaScript Object Notation and is a way of representing data that looks like JavaScript objects.
Let’s take a look at a very typical JavaScript Object for a Restaurant on Yelp, which might look a bit like this:
Neat. This is fairly easy to read — our data is stored as key/value pairs. This means we can see the key on the left and the value on the right. The key stays the same for each restaurant object, but the value would be different.
A different restaurant would have a different address, but its properties would be the same — it would always have a name, address, zip, phone, and email.
JSON is everywhere in the modern web, mobile, and IoT applications. It’s readable, lightweight, and works super well with applications written in JavaScript, as it is JavaScript. But it is also comparatively easy to get applications written in other languages to read and generate it — including Java.
This means that an API that returns JSON can be accessed by an application written in Java, Ruby, Python, JS, PHP, etc. This makes APIs developer-friendly, highly scalable, and platform-independent.
Aha! Scalable! Platform Independent! Good words, powerful words, $$ words.
With developer buy-in, APIs started exploding in importance, and organizations began leveraging them with great success. So much so that APIs became a strategic necessity for businesses.
Who creates these APIs?
Large tech companies, especially social media companies, frequently make their aggregate data available to the public. Stripe, Twilio, X, and Slack are some well-known examples of companies that leverage APIs for their interactions.
But it’s not just digital natives and social media companies. APIs are also maintained by government organizations, banks, healthcare organizations, conferences, publishing houses, software startups, manufacturing companies, eSports leagues, and even individuals.
They share anything from social media content to trivia questions, rankings, maps, song lyrics, recipes, parts lists, and more.
Axway’s State of Enterprise API Maturity report highlights some of the key reasons companies are building APIs:
Beyond the operational value of these digital assets, nearly half (47%) of decision-makers are particularly interested in creating new revenue streams and improving business performance when deciding to build an API.
APIs are everywhere
Here’s an example of what happens in an internet minute.
So many of these interactions are made possible by APIs, which explains why they’ve grown enormously popular in recent years. Almost all (98%) of the enterprise decision-makers surveyed in the enterprise API maturity survey mentioned earlier anticipate the number of APIs used by their organization to increase over the next 12 months.
As I mentioned earlier, they offer simplicity and efficiency, but a couple of other critical changes in the industry helped grow their popularity.
- First, the enormous growth of mobile apps that frequently talk to back ends over the web.
- Second, the rapidly emerging “Internet of Things” (IoT) promises to bring connectivity to common devices we use in our everyday lives.
These days, an API’s speed, extended reach, and 3rd party integrations make them key business drivers.
Throw in an API’s ability to be customized to fit any developer’s needs, and you can see why they’re everywhere.
See also: Six ways to enhance the API developer experience with an API marketplace
Types of APIs
Designing, implementing, and maintaining APIs for the Web is critical to many companies’ business models. And one API doesn’t fit all. There are four main types of APIs that are often used (of course, there are more):
- Open APIs (also called Public APIs) are publicly available for everyone to use.
- Partner APIs are custom designed by enterprises to offer access to business partners to reserve or buy specific items, such as tickets or vouchers.
- Private (or Internal) APIs are not for public consumption but used for internal processes.
- Composite APIs: these combine diverse data and service APIs. They help speed up the course of implementation by essentially bundling multiple API calls together. (more on composite APIs here)
Beyond considering the types of APIs by their intended audience, API protocols can be broken up in different patterns and styles, too. You were just introduced to SOAP and REST earlier, but there’s also gRPC, GraphQL, events… and more to come.
We discuss these types and patterns in much more depth here: Types of APIs | Different APIs Explained With Concrete Examples for 2024
API risks and evolution: what’s next?
The rapid expansion of APIs parallels the larger trend of our lives and business becoming increasingly digitized; the internet minute shown above is a vivid snapshot in time.
While they enable extraordinary digital services — from real-time patient data sharing between hospitals and insurance systems to global inventory tracking or election monitoring — the very convenience of APIs can also open up serious vulnerabilities.
In addition to the sheer proliferation of APIs, the introduction of new types (such as GraphQL or AsyncAPI) adds to the challenge organizations face in governing and securing their APIs. this was made clear in our recent survey, when 78% of enterprise decision-makers admitted they don’t know how many APIs they have in their IT ecosystem.
What’s more, 74% say that more than 20% of their organization’s APIs are unmanaged.
In the face of ever-present security risks, the rapid growth of APIs makes the need for a comprehensive, centralized, and automated inventory increasingly urgent.
It’s precisely because they are the invisible infrastructure making our interconnected world function seamlessly that APIs merit such close scrutiny.
Learn more: How to meet API security standards efficiently
Looking to the future, APIs are also a key ingredient for leveraging artificial intelligence services: as Axway Catalyst Emmanuel Methivier points out, AI models will typically go for the shortest route to a faster response. And that’s a key feature of APIs!
“The result will be a kind of competition for access to services, with the simplest being prioritized by generative AIs… Services that are well API-fied and well exposed via an AI-driven marketplace will undeniably be more successful than those that require heavy CPU minutes to activate,” says Methivier.
As more and more organizations look to take advantage of AI’s transformative potential, Axway Chief Product Officer Vince Padua notes, they need to remember that AI requires high-quality, accessible data — neatly exposed as well-documented, neatly categorized APIs.
“Unfortunately, for many enterprises, data exists in silos—spread across on-premises systems, cloud environments, and even third-party platforms. This fragmentation makes it challenging to get data ready for AI, stalling AI projects before they even get off the ground.
This is where Axway comes in. Axway’s portfolio enables enterprises to be AI-ready by solving the data and business process challenges that block progress, ensuring data is accessible, secure, and well-governed, and that business processes are streamlined and adaptable for AI initiatives.
By providing the integration, data governance, and security infrastructure needed to ensure AI has access to the right data at the right time, Axway helps enterprises prepare for AI success.”
How Axway enables AI-ready data across complex enterprises
Key takeaways
Here’s what you need to remember about APIs:
- APIs give the developer the ability to make an API call, or “request”, to obtain information.
- APIs are reusable and can be infinitely remodeled to create new apps and services.
- APIs make connections and product shopping possible at a rapid speed, such as booking a hotel or ordering a movie ticket.
- APIs provide key insights into real-time possibilities for analytics delivery on the spot.
- APIs are an extremely popular tool that can fast-track your business.
Here at Axway, we know APIs are the building blocks of modern business, so we’ve designed the Amplify API Management Platform to automate their discovery and management. Because it functions as a focused server that regulates traffic, an API gateway is a required component of a secure API architecture.
The only open, independent platform for governing APIs across teams, the hybrid cloud, and third-party ecosystems, Amplify lets you manage your API services in a federated way and simplifies API production and consumption, so organizations can focus on what they do best.
Download the latest API maturity report today to learn how far along enterprises are in their API journey and gain actionable insights for your own strategy.
Follow us on social