API stands for Application Programming Interface. Lets break that down.
- Application - Is the code you or someone else has written.
- Programming - Is the actions that your code will do.
- Interface - Is how your code will interact with the other code.
Think of it as the way that some code wants to be spoken to. For example if I only speak English, if you asked me to do something in Japanese I would return an error (confused look on my face).
We normally talk about APIs at two levels, the first is internal to what you are coding, the second is external.
An example of an internal API is using a package or third party code inside of your code.
Many programming languages and frameworks are extended over time with these third party tools, if you are interacting with something you didn’t write or maintain, then you are using an API.
The second and perhaps most common use of the word API is for external APIs.
When someone says a website has an API, what that means is a developer can send questions to a the website and get something back.
For example, Facebook have an API - I could write a program that could take my user ID on Facebook and ask it to bring back a list of all my friends, I could then take that information and manipulate it with my code.
The main difference between internal and external APIs are that with internal ones the security is assumed to be handled by the person writing the code, since they have access to the code that is stored in the third party code anyway, this is not the case with external APIs.
External APIs need to verify the person who is accessing them, not just to make sure they should be getting the information they asked for, but to make sure they don’t end up flooding the servers with their requests and stopping anyone else from access the information.
In both types of API consistency is really important. Imagine how annoying it would be if sometimes you had to refer to a person as a User and then other times you had to refer to them as a Resource. This mixed language leads to confusing APIs that are hard to maintain and hard to use.
Good APIs should also have decent documentation, this means developers have something to refer to and can see what is and isn’t available on your API.
Why have External APIs
Having your website have an API is an excellent way to future proof the data that is stored on the website. For example if you needed to make an iOS application that used the same data, if you website was using an API it would be easy to allow the iOS app to use the same API.
It also means other developers can build cool stuff that uses your data, which takes the pressure of you to build something!