Web API (Application Programming Interface)
What is a web API?
If you have a any server which ready to give data for you, then you have to call this server. So, we want to use something to get data from server, that is called as API. As an example, if you go to restaurant, then you have to tell to waiter what you need to eat like that. Then waiter, go to kitchen and give that order to cooker. After preparing food, waiter give food for you. we can get this scenario for as example when explain API.
According to example, we can get web app or browser as customer, API as waiter and web server as cooker. So, according to our request and API, we can get relevant data from server. But, we can directly connect to our server or database without using API. If we want to get from database, we can query and get data directly. So, why we use web API?
Why we use web APIs?
Main reason is that we can get overall business logic to a centralize position in our application using API. As an example, we can introduce the Facebook. It has more application such as Facebook web app, android app, iOS app, Facebook Lite app that all are connect to centralize position to minimize tasks. If we don’t use web API, then we want to write common code for all each applications. That can be huge redundant thing and when we coming programming world. So, If we use API endpoint for that, then we can get data from that endpoints simply. Then, we can include our common business logic in API. As well as, if we want to change something in code, then we don’t want to change every application codes. we just want to change API code only.
Examples for web APIs
As this reason. modern all of applications using this API, because, that application will extend future, then they want to use API. As examples, Google, Facebook like organizations supply their API endpoint to get data to customer publicly. If we want to get data from google maps, then, we can use Google Maps API to get needed data from google.
We use separate HTTP method to execute CRUD (Create, Read, Delete, Delete) operation in API.
- Create — put
- Read — get
- Update — post
- Delete — delete
Limitations of web APIs
We want to certify security of our API. Because, anyone can use our API performing tasks like deleting our users in server, we want to think about security side. So, we want to use API key when using API. As an example, when we use Gmail API, firstly we want to create a key with logging gmail account. Then, Google know, that key issued to relevant user. In here, Google can validate who is user is using this services. As an example, you can send only mails from your validated gmail account.
When everyone using your database through API, then it will suffer from slow performance. Like that issue can be seen when using API. Performance can reason to limit API requests. API limiting is essential component of Internet security. Because, Attacker can make bunch of requests as DoS attack to block server. Rate limiting can be help to make your API scalable. API owners measure processing limits in TPS (Transactions Per Seconds), then some system can be happen physical limitations on data transference. To prevent like DoS attack (overwhelmed) of server, we can enforce a limit on no. of requests called Application Rate Limiting. API request always has a risk like timing out.