An application program interface (API) is code that allows two software programs to communicate with each other. An API defines the correct way for a developer to request services from an operating system (OS) or other application and expose data within different contexts and across multiple channels. In the early days of Web 2.0, the concept of integrating data and applications from different sources was called a mashup.
Any data can be shared with an application program interface. APIs are implemented by function calls composed of verbs and nouns. The required syntax is described in the documentation of the application being called. For example, on a real estate website, one API might be used to publish available real estate properties by geography, while a second API provides the visitor with current interest rates and third API brings in a mortgage calculator.
Exposing data with an API can improve the customer experience because it provides greater functionality and scope of services within a single application or other digital property. By anticipating the customer's needs as they relate to searching for real estate, for example, the company that publishes the website is not only increasing the value it delivers to users, it is also opening up opportunities for new business partnerships with related service providers.
APIs are made up of two related elements. The first is a specification that describes how information is exchanged between programs, done in the form of a request for processing and a return of the necessary data. The second is a software interface written to that specification and published in some way for use.
The software that wants to access the features and capabilities of the API is said to call it, and the software that creates the API is said to publish it.
APIs take three basic forms: private, public and partner.
Private APIs, or internal APIs, are published internally for use by the company's developers to improve its own products and services. Private APIs are not exposed to third parties.
Public APIs, or open APIs, are published publicly and can be used by any third-party. There are no restrictions on these APIs.
Partner APIs can only be used by specific parties with whom the company agrees to share data. Partner APIs are used within business relationships, often to integrate software between partnering companies.
Local APIs are the original form, from which the name came. They offer OS or middleware services to application programs. Microsoft's .NET APIs, the TAPI (Telephony API) for voice applications, and database access APIs are examples of the local API form.
Web APIs are designed to represent widely used resources like HTML pages and are accessed using a simple HTTP protocol. Any web URL activates a web API. Web APIs are often called REST (representational state transfer) or RESTful because the publisher of REST interfaces doesn't save any data internally between requests. As such, requests from many users can be intermingled as they would be on the internet.
Program APIs are based on remote procedure call (RPC) technology that makes a remote program component appear to be local to the rest of the software. Service oriented architecture (SOA) APIs, such as Microsoft's WS-series of APIs, are program APIs.
Traditionally the applications that publish APIs have to be written in a programming language, but because APIs are increasingly generalized, additional validation of an API's structure is important.
Good API design is critical for successful API use, and software architects spend considerable time reviewing all the possible applications of an API and the most logical way for it to be used.
The data structures and parameter values are of particular importance because they must match between the caller of an API and its publisher.
There are many benefits of using APIs. Because APIs are essentially a set of rules, Private APIs can improve internal development processes by standardizing how developers write application code. Using the same rules and formats can make code more streamlined and transparent. Standardization also facilitates collaboration between developers as they build software components with the intent to integrate with APIs. This, in turn, can support feature development and reduce time to market.
Public and partner APIs offer a variety of business benefits. By allowing third-parties to leverage their data (even in a limited sense, as with Partner APIs), companies increase their brand exposure. Companies can grow their customer database and even increase their conversion rate by aligning their services with other trusted brands. Companies can also monetize their APIs so that they become a line of revenue unto themselves. This is a common tactic for online payment gateways like PayPal. Companies that use PayPal's APIs are willing to pay for the ability to use a trusted payment system.
The web, software designed to exchange information via the internet and cloud computing have all combined to increase the interest in APIs in general and services in particular.
Software that was once custom-developed for a specific purpose is now often written referencing APIs that provide broadly useful features, reducing development time and cost and mitigating the risk of errors.
APIs have steadily improved software quality over the last decade, and the growing number of web services exposed through APIs by cloud providers is also encouraging the creation of cloud-specific applications, internet of things (IoT) efforts and apps to support mobile devices and users.
Although applications that call APIs have traditionally been written in programming languages, the internet and the cloud are changing that. Web APIs can be called through any programming language, but can also be accessed by webpages created in HTML or application generator tools.
The increased role the web plays in our lives and business activities has resulted in an explosion in the REST model and the use of simple programming tools, or even no programming at all, for API access.
Operating systems and middleware tools expose their features through collections of APIs usually called "toolkits," and two different sets of tools that support the same API specifications are interchangeable to programmers, which is the basis for compatibility and interoperability claims. Microsoft's .NET API specifications are the basis for an open source Linux equivalent middleware package now supported by Microsoft, for example.
The internet is currently the primary driver for APIs, and companies like Facebook, Google and Yahoo publish APIs to encourage developers to build on their capabilities. These APIs have given us everything from new internet features that browse the sites of other services, to mobile device apps that offer easy access to web resources.
New features, such as content delivery, augmented reality and novel applications of wearable technology, are created in large part though these APIs.
Cloud computing introduces new capabilities in dividing software into reusable components, connecting components to requests and scaling the number of copies of software as demand changes.
These cloud capabilities have already begun to shift the focus of APIs from simple RPC-programmer-centric models to Restful web-centric models, and even to what is called "functional programming" or "lambda models" of services that can be instantly scaled as needed in the cloud.
The trend to think of APIs as representing general resources has changed terminology. Whereas APIs are expected to be used as a general tool by many applications and users, they are said to be services, and will normally require more controlled development and deployment.
SOA and micro services are examples of service APIs. Services are the hottest trend in APIs, to the point where it's possible that all APIs in the future will be seen as representing services.
Like all software, APIs have to be tested. The purpose of testing is validation of the published APIs against the specifications, which users of those APIs will use in formatting their requests.
This testing is usually done as a part of application lifecycle management (ALM), both for the software that publishes the APIs and for all the software that uses them. APIs also have to be tested in their published form to ensure that they can be accessed properly.
API management is a step beyond what's normally associated with software development. It's the set of activities associated with publishing the API for use, making it possible for users to find it and its specifications and regulating access to the API based on owner-defined permissions or policies.