by | January 12, 2017


When your typical end user wants some information from the web, they open a browser, find out where the information lives, click on a URL or link that will take them to that location and then browse around until they find out the information they are seeking. When your typical application wants some information from the web, it utilizes an API that has been developed by the website where that information can be found.

An API or Application Programming Interface is a set of instructions that your application sends to another one to get that application to perform a task for it.  The advent of APIs opened up a world of functionality between applications that enhances websites tremendously. When you visit the website of a restaurant or theater that you want to go to, you’ll often find a map pointing out exactly where they are. This map is often provided via Google Maps or some other existing map application that the restaurant or movie theater has embedded on their website. An API sent to the map application with information about where you are located has the map application return the addresses of several locations near you, along with a map with pins embedded to give you a better idea of where they are. You can interact with the map, zooming in and out or moving left, right, up and down to find the best route to get to your destination. All of this is available through the use of APIs.

Download our eBook, Testing in the API Economy & Why it’s Critical to your Organization

APIs are secure and reliable because they are defined by the ‘target’ application. In the example above the organization providing the map, the application creates the API, including defining all the variables that the API will use. The organization then makes the API available, either for a fee or for free, to anyone who wants to call the target application inside their own application.  In short, the API allows your application to have another application do things for it through a clearly defined set of commands.
APIs are secure because they restrict transactions between applications to a specific set of functionality. They have to be written properly, in the language expected by the target application, and can even require a token or other embedded piece of code that gives the target application permission to execute the instructions. APIs without the required token are not executed and the rogue API can be logged as part of a security plan to identify attacks.

APIs are reliable for many of the same reasons. The API is defined by the coders creating the application and the definition includes proper coding instructions, the language that the API has to be written in (like JSON), and the variables that each API will address. If your coders create their API calls adhering to the API definitions provided by the target, then they should work every time.

Facebook Photo Credit: https://stacksocial.com/sales/complete-api-bundle

Apica Product Team