What is an API?

An API (Application Programming Interface) is a contract between systems — it defines how they communicate without exposing how they’re built internally.

Think of it like a restaurant menu: you (the client) don’t need to know how the kitchen works — you just need to know what’s available and how to order it. The menu is the API.

Interview Angle

When asked “What is an API?”, go beyond the dictionary definition. Emphasise loose coupling: the caller doesn’t care how the server is implemented — only that the contract is honoured. This separation is what lets frontend and backend teams work independently, and what allows third-party integrations at scale.

Detailed Explanation

Abstraction

Hides internal complexity so developers can use a system’s capabilities without knowing how it works.

Interoperability

Enables different systems and devices to share data regardless of their underlying technology.

Efficiency and Productivity

They allow developers to leverage existing platforms and services, significantly reducing the time and resources needed for software development.

Scalability

APIs facilitate the scaling of systems and services by allowing them to handle requests from an increasing number of users or applications.

Types of APIs

1. Web APIs: Designed for the web and can be accessed over the HTTP protocol. Examples include REST APIs, SOAP ( Simple Object Access Protocol), and GraphQL.
2. Library-based APIs: Provided by software libraries, offering predefined classes and functions for developing software applications.
3. Operating System APIs: Provide routines and graphical user elements for programming applications that run on specific operating systems, like Windows API.
4. Hardware APIs: Enable applications to interact with hardware components, like sensors and devices, without needing direct access to the hardware.

Interview Angle — REST vs GraphQL

“What’s the difference between REST and GraphQL?” is a favourite API design interview question. REST exposes resources (GET /users/123); GraphQL exposes a query language (you ask for exactly the fields you need). REST is simpler and more cacheable. GraphQL shines when clients need flexible, nested data or when you want to avoid over-fetching. Know the trade-offs, not just the definitions.

API Comparison

Type	Examples	Description
Web APIs	REST (OpenWeatherMap), SOAP (PayPal), GraphQL (GitHub)	REST: stateless HTTP. SOAP: structured protocol. GraphQL: fetch exactly what you need.
Library-based APIs	jQuery, React	Pre-built functions for DOM manipulation, UI building, and event handling.
OS APIs	Win32, POSIX	OS-level access to windows, threads, processes, and system calls.
Hardware APIs	Android Sensor API, Web Bluetooth API	Access device hardware (sensors, Bluetooth) from application code.

Common Uses of APIs

• Social Media Integration: Websites and apps integrate social media functionalities, like sharing, posting, or authenticating users, through APIs.
• Payment Systems: E-commerce sites use payment APIs to process transactions through third-party services like PayPal or Stripe.
• Data Services: Services offer APIs to provide access to vast amounts of data, such as weather information, stock market trends, or geographic data.

Common Gotchas

• REST is not a protocol — REST is an architectural style (stateless, resource-oriented). HTTP is the transport. You can use HTTP without being RESTful.
• Authentication vs authorisation — authentication answers “who are you?” (API keys, JWTs, OAuth). Authorisation answers “what can you do?” (scopes, roles). A valid token doesn’t mean unrestricted access.
• Rate limits vs quotas — rate limits are time-windowed (100 requests/minute); quotas are cumulative (10,000 requests/day). Both protect different things; know the difference.
• Breaking vs non-breaking changes — adding a new response field is usually non-breaking. Removing a field, renaming it, or changing its type is breaking. Version your API when you need breaking changes.
• Idempotency matters — GET and DELETE should be idempotent (same result if called multiple times). POST creates a new resource each time; use PUT or PATCH for updates.

FAQs

Q: How do I use an API? A: Send a request to the server using the API’s documented protocol and handle the structured response.

Q: Are APIs secure? A: API security depends on implementation. Most modern APIs use authentication tokens and encryption.

Q: Can APIs change? A: Yes — APIs are versioned. Breaking changes require client-side updates; non-breaking changes usually don’t.

Q: Is using an API free? A: It depends — some are free, others charge per use or require a subscription. Free APIs often impose rate limits.

Key Takeaways

• An API is a contract between systems — the caller knows what to ask for; the implementation stays hidden
• REST, SOAP, and GraphQL are all Web API types — each has different trade-offs for different use cases
• REST is an architectural style, not a protocol; HTTP is the transport layer
• Authentication (who are you?) and authorisation (what can you do?) are always separate concerns
• Version your APIs for breaking changes; protect them with rate limits and quotas

Every Bit of Support Helps!

If you have enjoyed this post, please consider buying me a coffee ☕ to help me keep writing!