Want a pizza? There’s an app for that. Need a ride? There’s also an app for that. Unsure of how to get to where you’re going? You guessed it, there’s an app for that too.
Have you ever wondered how these apps work and how an app can connect you to information from a fast food restaurant, taxi driver and location service? Well, the answer is APIs. Put quite simply, the digital experiences we expect each day simply wouldn’t be possible.
An Application Programming Interface, or API, is the interface software uses to access whatever currency it needs – be it data, server software, or information from any other applications. To illustrate what they do – when a person needs money, they visit an ATM. As the vehicle a person used to get the money they require, in this scenario, an ATM could be compared to an API.
One API doesn’t fit all
One of the greatest challenges around building an API is ensuring that you build one with longevity. Choosing the right API model or type for your app comes down to knowing what APIs are out there.
Let’s start out with public and private APIs.
Public APIs make it possible to share content and data openly between communities and applications. These APIs allow content created in one location to be posted and updated in various other locations in real time. Popular Public APIs include Twitter, YouTube, Flickr and Facebook.
While Private or Internal APIs allow organisations to streamline their business process and integrate internal applications across customers and partners. In order to access the API you need to be part of a small group of developers. The top use cases for Private APIs include credit card companies and the medical field where it is important to have a greater level of security around information sharing.
Moving beyond this, there are also different API architectures; two of the most common of these being SOAP and REST. One great way to explain the difference between the two approaches is to think of SOAP as an envelope and REST as a postcard.
Simple Object Access Protocol (SOAP): This protocol requires extra overheads, more bandwidth and more work on both ends of the connection.
REST (Representational State Transfer): It’s all about simplicity with REST. These APIs are easily cached and updated using a single, uniform interface that is optimised for the Web.
Security in the era of APIs
Whether it’s public or private, REST or SOAP, with all of this information travelling across different interfaces, security is likely to become a concern. To ensure this information is kept safe businesses developing applications need to be thinking about securing user authentication and authorisation, encrypting information and putting procedures in place to guarantee information integrity.
No matter how complex or simple the API, security is an essential element of any application. To limit risks, ensure that:
- You know what kind of security you need and are aware of the risks.
- Security is tested early. And is tested regularly to identify any vulnerabilities.
- Any suspicious behaviour is monitored and addressed before it gets too far.
- Your IT team can implement the necessary security procedures should something go wrong.
APIs influence how we interact with the Internet in so many different ways. Not only do APIs allow developers to build the tools we need to do our jobs more effectively but they also make it possible for developers to create applications that delight customers and keep them coming back for more. Keen to learn more about APIs? We’re the guys to talk to.