You may not know what an API does. You may not know what it stands for. But everyday APIs are working behind the scenes to provide you richer digital experiences. The movie ticket you bought online, the blogger’s recipe you shared on Facebook, and the cheap flight you booked on Expedia are all thanks to APIs.
By helping to deliver seamlessly integrated user experiences from one device to the next, APIs present a wealth of business opportunities. Before discussing how APIs could advance your business, let’s take a closer look at what APIs are and why they’re proliferating so quickly.
What is an API?
An API, short for Application Programming Interface, is a software-to-software interface. APIs provide a secure and standardized way for applications to work with each other and deliver the information or functionality requested without user intervention.
That’s great news for end users (and third-party developers, but we’ll get to them in a minute). Because APIs do all the heavy lifting in the background, digital experiences remain virtually effortless.
Real-World API Example
Say you want to see the latest box-office hit. Your first step might be searching where and when it’s playing on an online ticketing site like Fandango.
After typing in your zip code and selecting a date, you click “go” and, voilà, a list of showtimes at nearby theaters appears within seconds. Here’s what it looks like to the end user.
Although you stay on Fandango’s site the whole time, there are multiple applications at work to make your search possible. When you click “go,” the site uses APIs to request access to each theater’s database.
This is called an API call. Those APIs then retrieve the requested information so that Fandango’s site displays the most relevant results for you.
As expectations for such effortless user experiences grow, companies are increasingly looking to APIs to deliver more value to consumers in less time. By leveraging APIs to access another company’s data, piece of code, software, or services, you can extend the functionality of your own product while saving time and money. This is essential not only for meeting and anticipating the increasingly sophisticated needs of consumers but also for staying agile in the marketplace.
How do APIs work?
APIs are sets of definitions and protocols that allow software components to talk and interact with each other using a simple set of commands. Acting as messengers, APIs deliver one application’s request to another and return a response in real time.
If the server (the application providing the resource) can do what the client (the requesting application) asked, then the API will bring back the resource needed or a status code that roughly translates into mission accomplished! If the server can’t do what the client asked — maybe the client requested a resource that doesn’t exist or that it doesn’t have permission to access — then the API will return with an error message.
Controlling access to the server in this way is crucial. Rather than give you all of a program’s information or code, an API provides you only with data that has been made available to external users.
An API call is the process of a client application submitting a request to a server's API. An API call also comprises everything that happens after the request is submitted, including when the API retrieves information from the server and delivers it back to the client.
Most clients want the server to carry out basic functions. These requests may be written as URLs so that the communication between client and server is dictated by the rules of Hyper-Text Transfer Protocol (HTTP). The four most basic request methods to a server are:
- GET: To retrieve a resource
- POST: To create a new resource
- PUT: To edit or update an existing resource
- DELETE: To delete a resource
Still confused? Let’s try an analogy. How APIs work is often compared to ordering food at a restaurant, in which you, the diner, represent the client, the waiter represents the API, and the chef represents the server. You look over the menu, pick the meal you want, and place your order with the waiter. The waiter brings your request to the chef. The chef executes on it. Then, the waiter brings you your meal and you enjoy it all the better for not having had to make it yourself.
But let’s say too many guests show up at the restaurant and there’s not enough space to accommodate them. Let’s say this keeps happening as the restaurant grows in popularity. What then? That’s where API keys come in.
What is an API key?
An API key is a unique identifier used to authenticate calls to an API. The key is made up of a string of letters and numbers that identify the client (remember this is the application or site making the request). The key can grant or deny that request based on the client’s access permissions, and track the number of requests made for usage and billing purposes.
While not as secure as authentication tokens, this method has some advantages over basic authentication, which only requires a username and password.
By restricting access only to those with keys, a company can control the number of calls made to its API and ensure that only a specific, trusted group of clients can access its server’s resources.
Continuing our example above, think of an API key like a reservation and the API as an exclusive restaurant. By enforcing that patrons must have a reservation to eat at the restaurant, you can keep the number at capacity so that the kitchen can adequately and efficiently serve every guest. Similarly, by allowing only clients with an API key to access and use your resources made available via the API, you help ensure your software is used safely and can handle the number of requests coming in.
What are APIs used for?
A better question might be what are APIs not used for. Want to embed Instagram photos on your e-commerce app? There’s an API for that. Want to provide instant access to thousands of hotels on your travel blog? There’s an API for that. Want to integrate a Yoda translator on your Star Wars fan fiction site? If you can believe it, there’s an API for it.
Generally speaking, business applications of APIs include:
- Data sharing: Any time a program needs to get data from a third party (e.g., a travel app compiling flight times from airlines, an e-commerce site getting your payment information from a payment processor), data can be shared through an API.
- App integrations: When two digital applications work in conjunction, — HubSpot and Gmail, for example — it's likely that an API is involved.
- Embedded content: To embed a piece of content that is not hosted by the same company as the website itself – like a YouTube video or a third-party script like Google Analytics — a request is made to the owner of the embedded content to retrieve it.
- Internal systems: APIs aren't only for sharing data externally. Businesses frequently divide their software infrastructure into smaller components that communicate with each other through APIs, like in a microservice architecture.
These examples hit upon some of the most common reasons companies use APIs. Below, we dive into more examples of APIs and their business applications.
Without searching an API marketplace, or even knowing much about APIs, you’ve probably heard of a few. Below we’ll look more closely at several examples so you can understand what information and functionality is available through them.
If you work for a brand that loves Twitter, you can use the social media platform’s APIs to drive user engagement on your site.
Twitter has a whole platform offering APIs that allow you to dig through Twitter’s massive archive. You can use Twitter APIs to find old Tweets, embed Tweets and timelines within your website or app, programmatically create and manage ad campaigns, filter and stream Tweets in real time, deliver personalized customer service through direct messages, subscribe to the real-time activities of more than 15 accounts via webhooks, and more.
There’s also a ton of technical resources and tools available to help you harness the full potential of its global communication network.
Instagram’s platform offers a range of APIs to help your business with content publishing, metrics and analysis, and more.
One potential use case is to embed user-generated Instagram photos on your app. User-generated content, sometimes shortened to UGC, is a strong form of social proof that can entice leads to convert.
Developers plug into this platform to build apps and services that target three groups: individuals looking to share their own content with third-party apps; brands and advertisers needing to understand and manage their audience and media rights; and broadcasters and publishers wanting to discover content and get digital rights to media or share it with proper attribution.
YouTube APIs enable you to add a functionality to your site or app and access YouTube’s expansive library of videos.
Let’s walk through just a few reasons you might want to use one of the many YouTube APIs available: to play videos directly in your app; to let users search content, upload videos, and create and manage playlists; to gain insight into how users are interacting with your videos and channel; to schedule live broadcasts; and much more. You’ll need to get a YouTube API key to unlock its potential.
HubSpot’s platform appeals to businesses with three main needs: those looking to build an app and put it in front of thousands of potential users, those looking to create a custom integration between their app and HubSpot’s application, and those looking to build or extend the functionality of their website.
Gathering data from different transactional software, storing contacts, and engaging with third-party tools and custom apps in one CRM are just a few ways that HubSpot APIs can help your business.
If you’re in the music industry, you may want to use the Spotify Web APIs to add music player functionalities to your website or application.
Using Spotify’s multitude of APIs, you can get complete access to the Spotify Data Catalogue, including albums, musical artists, and tracks. To retrieve user-related data such as private playlists, users must authorize your app to access their Spotify accounts.
The functionalities are nearly identical to what you would find on the native Spotify platform. With the Browse API, for example, your users can access genres, categories, new releases, and playlist recommendations. Spotify also offers Episodes, Follow, Library, and Playlists APIs.
Stuck? Spotify published a list of example apps so you can see how their APIs have been used in the past.
The Google Maps APIs are an essential tool for anyone building a location-based app. If you’re building a real estate app, for example, you can use the Google Maps APIs to include a street view of the property.
The Google platform has an expansive library of APIs with an unlimited amount of uses. Want to allow users to request directions? How about including Places on your website? There’s even an API for you if you’re building a ridesharing app. Google has divided the APIs by usage and platform (web, iOS, or Android), so be sure to choose the correct one for your project.
Like most of the examples listed here, these APIs are paid based on monthly usage. The high level of functionality they offer makes them well worth the price.
The PayPal platform has an expansive library of APIs that you can use to integrate PayPal functionality into your website or app without requiring users to access the PayPal website.
Some APIs that are available to you include the Billing Plans API, the Catalog Products API, the Disputes API, and the familiar Invoicing, Orders, and Payments APIs.
If you’re building an ecommerce website or creating a website for a membership-based organization, the PayPal APIs will help you manage every step of all transactions. Should you ever feel stuck, PayPal has a strong support base where you can access frequently asked questions and procure the help of other developers working on PayPal integration projects.
There is a vast wealth of APIs available today. Some for operating systems, others for websites, and so on, but to fully appreciate their potential in the digital economy, let’s take a closer look at how APIs are classified by who they are shared with and why.
Types of APIs
- Private APIs
- Partner APIs
- Open APIs
- Composite APIs
These names are intuitive so we’ll just briefly touch on each type below.
Private APIs are only made available to the workforce to boost productivity and transparency. In other words, developers working for the company can use these APIs as needed but third-party developers can’t.
In fact, because these APIs aren't documented in a publicly released software development kit (think, starter kit for creating software applications on a specific platform) or at all in some cases, they are often completely hidden from the public. Many companies do eventually go public with their private APIs.
Partner APIs are shared externally but only with those who have a business relationship with the company providing the API. The logic of partner APIs, similar to that of public APIs, is rooted in the idea of “if you scratch my back, I’ll scratch yours.”
Think of the traffic app Waze, for example, which uses APIs to exchange data with municipalities and other partners about road closures, accidents, construction delays, potholes, and working vehicles, such as snowplows and garbage trucks.
Some businesses favor partner APIs over public ones because they want greater control over who has access to the resources they are exposing and a greater say in how those resources get used. For example, Pinterest has adopted a submission-based approach to providing access to new data services via its API, requiring partners to submit a request detailing how they would like to use the API and what underlying data it would grant them before being granted access.
Open APIs, also known as public APIs, are available for external consumption and, as a result, are often much more restricted in the assets they share than private or partner APIs. While some open APIs are free, others require a subscription fee to use, which is often tiered based on usage.
There are countless advantages to making APIs public, but we’ll focus on two major ones for now. By sharing APIs beyond organizational boundaries, companies learn lessons about support, documentation, and authentication schemes that improve the adoption of its APIs and also encourage third parties to create apps, add-ons, or integrations with the APIs that not only make their products more valuable but also make the APIs more valuable.
Composite APIs allow you to bundle calls or requests to get one unified response from different servers. If you need data from different applications, you would use a composite API.
Alternatively, you can use this type of API to set off an automatic chain of calls and responses without requiring your intervention.
Take this example from Stoplight. Let’s say you want to create an order within a shopping cart API. You may think that’ll take one request, but in fact there are several requests that need to be made. First, you need to create a customer profile. Then you need to create the order, add an item, add another, and change the status of the order. Instead of making five separate API calls in succession, you can make one using a composite API.
Why use an API?
Now that we know that businesses can use APIs to securely request and share content, services, and functionalities with both internal and external audiences, you might be thinking why would a company pay another for access to resources that it could create on its own? Why would that company agree to share its assets, particularly with competitors? Or why would it put in all the work of making an API just so its own workforce could use it?
All good questions. Before we dive into the answers, let’s split up the benefits of APIs into two groups: API consumers and API providers.
Benefits to API consumers
You may use APIs to request access to another server’s resources or you may use your own APIs to automate certain tasks. Either way, you fall under the mantle of API consumers. These consumers benefit from using each type of API in several ways.
Many companies consume their own APIs. Why? Using APIs internally enables the workforce to streamline operations, foster collaboration, and strengthen transparency across the company. Amazon founder and CEO, Jeff Bezos, understood the vast potential of internal APIs back in 2002 when he sent an email instructing every team to communicate through APIs moving forward. Following what has been coined “The Bezos Mandate,” developers built or turned their well-developed software components into APIs, establishing consistent and well-managed ways of exchanging data and capabilities across the company as a result.
By allowing developers — whether third-party or internal members of your workforce — to reuse software components, APIs empower them to focus on developing new solutions rather than repeat work that’s already been done. Let’s revisit the example above. Without the Google Maps API, developers at OpenTable would have to dedicate their time and resources to drawing their own map and providing real-time map data to include this feature on its site. Worse still, no matter how much time they put in, it would be nearly impossible to make it as detailed or reliable as Google’s existing solution. So, instead of wasting their time trying to reinvent the wheel, APIs enable developers to focus on creating new tools and functionality that deliver more value to their users.
Benefits to API Providers
Now that you’re convinced of the benefits of using APIs, let’s turn our attention to why you might want to create and then share one with partners or the general public.
Simply put, becoming an API provider unlocks business opportunities and other benefits that build upon those of simply consuming APIs. Let’s look into each one below.
The easy answer is money. Google, Yelp, Facebook, and thousands of other companies make their APIs public and monetize them so that they become additional lines of revenue. In fact, at some companies, APIs are the major source of revenue. According to a recent report by MuleSoft Inc., 35 percent of today’s technology leaders generated more than a quarter of their organizations’ revenue as a direct result of APIs.
By sharing what you do really well with the broadest possible audience, a network of users beyond your employees and customers—including third-party developers and consumers—will become reliant on the data and functionality provided by your APIs. Ultimately, this will improve the usage and adoption of your main platform. In other words, APIs not only expand your customer base, they generate new market opportunities in the digital economy.
Amazon Web Services (AWS) is among the most notable examples. This platform, which essentially allows any company or developer to run its applications on top of Amazon’s technology infrastructure platform via APIs, is used by millions of customers around the world and is credited with transforming Amazon from an online bookstore to a global digital giant.
Even More Innovation
Yes, I’m listing this again, but with a twist. Above, we discussed how API consumers benefit from using third-party solutions that allow them to focus their time and resources on making their own products better rather than reinventing the wheel.
More often than not, however, the relationship between API consumers and providers is much more give-and-take. You may recall that in the early days of Twitter, its user interface was a little clunky. Then TweetDeck, an independent app at the time, came along and built a better user interface on top of the Twitter platform using its public API so that all users could have better Twitter experiences. That’s called a win-win-win, my friends.
How to Use an API
So you’re ready to try your luck with APIs. Now what? Before implementing your own API at your company, it makes the most sense to use others' APIs. Let’s walk through the basics of how you’d get started using an API.
1. Select an API.
First things first, you’ll want to find an API you could incorporate into your business. You might already have your eye on an API, particularly if you’re interested in one of the big wigs like the Facebook API. You might also want to search by cost — you may want to start with a free API before exploring paid APIs, for example.
Once you have an API selected, get your reading glasses on. It’s time to look through the API documentation.
2. Get an API key.
As mentioned, an API key is used to identify yourself as a valid client, set access permissions, and record your interactions with the API.
Some APIs make their keys freely available, while others require clients to pay for one. Either way, you’ll most likely need to sign up with the service. You’ll then have a unique identifier assigned to you, which you will include in your calls.
Always key your key private, like you would a password. If your key leaks, a bad actor could make API requests on your behalf. You may be able to void your old key and get a new one if such a breach occurs.
3. Review the API documentation.
API Documentation is essentially an instruction manual about how to effectively use and integrate with an API. In addition to providing all the information required to work with the API, like whether or not you need an API key, it usually includes examples and tutorials.
Refer to the documentation for how to get your key, how to send requests, and which resources you can fetch from its server.
It’s hard to understate the importance of good API documentation — a company might offer a powerful API, but if developers can’t quickly learn how to use it, it’s not very valuable
4. Write a request to an endpoint.
Next up, you’ll write your first request. The easiest method is to use an HTTP client to help structure and send your requests. You’ll still need to understand and get some information from the API’s documentation, but you won’t need much coding knowledge to be successful.
At this stage, online tutorials can come to the rescue. For example, this YouTube video explains how to use an API to pull location data from Google Maps and then use those coordinates to find nearby photos on Instagram.
5. Connect your app.
Chances are, the API you're interacting with is a specific type of API that is considered easier to use than others. These APIs are called REST APIs.
REST APIs conform to the constraints of a software architectural style called “Representational State Transfer” that make the APIs relatively easy to use and discover. REST makes data and functionality available as resources, which are represented by unique URLs. To request a resource via a REST API, like the Open Weather Map API, you just need to provide its URL.
In a typical REST API, a resource will have two URL patterns assigned to it: a plural (to refer to all the resources) and a singular (to specify a single resource). These are also referred to as endpoints. Can you guess why? Because they go at the end of the URL.
Each endpoint is also assigned a list of actions the client can request of the server. So, a plural endpoint may be for listing or creating resources, and the singular endpoint may be for retrieving, updating, and canceling a specific resource. The client would have to include the correct HTTP verb (GET, POST, PUT, DELETE) in its request to tell the server what action to take.
The client and server can use three data formats to pass this information back and forth:
REST API Example
WordPress has a REST API that enables developers to create, read, and update WordPress content remotely by carrying JSON objects back and forth between clients and servers. In other words, by allowing developers to easily structure the way they want to get data into and out of a server, they can spend less time accessing the data they need and more time creating better user experiences.
REST vs. SOAP
REST is usually put head-to-head with Simple Object Access Protocol (SOAP), another way to build applications that work over HTTP. REST is considered a simpler alternative to SOAP because it requires writing less code to complete tasks and follows a less rigid structure and logic than SOAP. Another reason people love REST: it provides plenty of conventions but leaves many decisions up to the person designing the API.
Here’s a simple test if you’re deciding between REST and SOAP for your API: if you want flexibility, go with REST. If you want standardization, go with SOAP.
The Future of the Digital Economy
There are many business advantages to both consuming and providing an API, but let’s keep it simple. The main reason? To connect your application to the rest of the software world. These connections can empower all types of organizations, from start-ups to government agencies, to create new business models that spur more innovation and ideas in today’s digital economy.
In this way, APIs are not only changing the way companies do business. They’re changing the way companies think about business.
This post was originally published in October 2019 and has been updated for comprehensiveness.
Originally published Apr 28, 2021 7:00:00 AM, updated April 28 2021