Vaibhav Rathod's Notes

Api

5 min read

History

- **How**:
	- The history of APIs (Application Programming Interfaces) began as software systems needed a way to communicate with one another across different platforms. The term "API" started gaining traction in the 1960s but gained significant importance with the rise of web services.
	- The first major API interfaces were introduced in the 1990s with companies offering software platforms and web-based services. As the internet grew, APIs became a standard for remote communication.
	- REST APIs (Representational State Transfer) became popular in the early 2000s, with Roy Fielding's dissertation in 2000 laying the foundational principles.
	- Today, APIs are used extensively across the internet for a variety of purposes, including web services, third-party integrations, and mobile apps.
-
- **Who**:
	- **Roy Fielding**: Credited with popularizing RESTful APIs in his 2000 doctoral dissertation.
	- **Jeff Bezos**: Amazon was one of the first companies to make its services available via API in the early 2000s, driving the growth of cloud computing.
	- **Mark Zuckerberg**: The Facebook API, introduced in 2006, allowed developers to create applications that integrated with the platform, significantly growing the ecosystem.
	- **Google**: Pioneered API offerings such as Google Maps API and Google Maps Geocoding API, which helped set the stage for location-based service APIs.
-
- **Why**:
	- APIs were created to streamline communication between different software systems, enabling developers to build more sophisticated applications that could interact with other platforms, services, and databases.
	- The rise of mobile apps, microservices, cloud computing, and the need for scalability has made APIs a central part of modern software development.
	- APIs enable businesses to monetize their services and data by offering them as services to third-party developers (e.g., APIs for payment processing, social media sharing, etc.).

-

  • Introduction

    • Advantages:

      • Rate Limiting**: Limits on how often an API can be accessed to prevent overuse or abuse. This is often handled via HTTP headers like X-RateLimit-Limit.
      • OAuth & Authentication: APIs often require authentication methods like API keys, OAuth 2.0, or JWT for secure access.
      • Caching: Using headers like Cache-Control to reduce unnecessary calls to the server and improve performance.
      • Webhooks & Event-Driven APIs: Webhooks allow an API to push data to a client or server when a certain event occurs (e.g., a new user registers on a platform).
      • Versioning: Managing different versions of an API to ensure backward compatibility for consumers of the API.

    • Disadvantages:

      • Complex Authentication: Some APIs require complex token systems or OAuth for security, which may increase integration complexity.
      • Rate Limiting: APIs may restrict the number of requests in a time period, making it harder for applications to handle bursts of traffic.
      • Deprecation & Versioning Issues: As APIs evolve, older versions may be deprecated, requiring consumers to upgrade their systems.
      • Latency: Remote APIs might have latency issues depending on the network connection, impacting the responsiveness of an application.

  • Notes

    • Types of APIs:

      • REST (Representational State Transfer): A stateless, lightweight protocol commonly used in web services. It uses standard HTTP methods (GET, POST, PUT, DELETE).
      • SOAP (Simple Object Access Protocol): A more rigid protocol compared to REST, typically used for enterprise-level applications that require strict message formats.
      • GraphQL: A query language for APIs, designed to allow clients to request only the data they need.
      • gRPC (Google Remote Procedure Call): A framework for building high-performance APIs, which uses HTTP/2 and Protocol Buffers for faster communication.

    • Important Notes:

      • Authentication: Always use secure authentication methods such as OAuth or API keys and store them securely.
      • Error Handling: Ensure to handle errors (e.g., 404 Not Found, 500 Internal Server Error) gracefully to avoid system crashes.
      • Throttling: Many APIs implement rate limiting or throttling to prevent excessive load on their servers. Be mindful of these limits during development.
      • Data Privacy: Be aware of the privacy policies and data security regulations (e.g., GDPR) when handling sensitive data through APIs.
    • Data Sharing:
      • Many APIs return data in JSON or XML format, so it’s essential to parse and process the data correctly.
      • Ensure any data shared via APIs is sanitized and validated to prevent security vulnerabilities like injection attacks.
    • Common API Status Codes:
      • 200 OK: The request was successful.
      • 201 Created: A new resource has been created successfully.
      • 400 Bad Request: The request could not be understood due to invalid syntax.
      • 401 Unauthorized: The request lacks valid authentication credentials.
      • 500 Internal Server Error: A generic error indicating a problem on the server side.

  • Libs & Framework

    • Axios (JavaScript): A promise-based HTTP client for the browser and Node.js, widely used for interacting with REST APIs.
    • Link: Axios Docs
    • Requests (Python): A simple, elegant HTTP library for Python. Ideal for making API requests.
    • Link: Request Docs
    • Flask (Python): A lightweight web framework to build simple APIs in Python.
    • Link: Flast Docs
    • Express (Node.js): A minimal and flexible Node.js web application framework that provides robust APIs.
    • Link: Express Documentation
    • Spring Boot (Java): A Java-based framework for building production-ready REST APIs.
    • Link: Spring Boot Documentation
    • FastAPI (Python): A modern, fast framework for building APIs with Python 3.6+.
    • Link: FastApi Docs

Graph View

Backlinks