- The Full-Stack Developer’s Roadmap Part 1: Frontend
- The Full-Stack Developer’s Roadmap Part 2: Backend
- The Full-Stack Developer’s Roadmap Part 3: Databases
- The Full-Stack Developer’s Roadmap Part 4: APIs
- The DevOps Roadmap: Fundamentals with CI/CD
- The DevOps Roadmap: 7 Best Practices in CI/CD
- The DevOps Roadmap: Virtualization
- What is an API?
- What are API protocols?
- How were requests made before APIs?
- Why API’s are so important?
- What are microservices?
- What is cloud? Why it’s so popular?
- What is cloud-native?
- What is API Gateway?
These might be the questions you might have asked yourself while browsing through endless stretches of the internet. You might be familiar with the terminologies or maybe have some working experience with a few of them, but something isn’t adding up.
Even If you aren’t aware of any of the terms, it’s okay. In this post, we’ll go through all of these questions, and by the end of the blog, you will be comfortable explaining these concepts to someone inexperienced.
Sounds Interesting? Let’s dive in once and for all!?
What is an API?
Whenever you check the weather, your mobile phone sends a request to the server, the server interprets the request and sends the requested data to your device. The transfer happens through an intermediary called API.
API (Application Programming Interface) is a software intermediary that allows two applications to talk to each other and exchange computing resources and data.
The majority of exchange takes place along a specific set of API architectural design called REST (REpresentational State Transfer). It’s popular (like 69% of all API’s are REST) because you can receive data using JSON, XML or plain text and it removes any predefined standards. If you’re curious to know more, you can read that here.
In a restaurant when you’re sitting, you will be greeted by a waiter whose sole purpose is to take care of your needs.
Now let’s think the waiter as our API and yourself (the customer) the weather app. The kitchen can be considered as the server which will receive the request from the application via API.
The waiter has an important task now. The task of taking specific input (items from the menu) and returning the specific output, i.e. cooked dish from the kitchen to you.
Suppose you request the waiter of something which is not on the menu or in some other language which he’s unable to understand. He/she might say that the request can’t be facilitated. The same happens with API’s; you must know the type of request it takes, queries, parameters.
Now, after ordering if the waiter provides you with a token which you can utilize after 48 hours, you will get mad. You are there to eat food and not gather tokens. The same happens with API’s; you must know the structure of the expected response so you can parse and get what you want.
How were requests made before APIs?
Remove the waiter from the above picture. Now how will you order the food at the same restaurant?
Well, you will have to shout with other hundreds of customers on the counter to get your food. Then you have to tally what you got is what you ordered alongside having to pay for the food. Looks fun?
This was how every request was managed before, i.e. in a chaotic way.
Why API’s are so important?
Provides a Layer of Security
If you have used “Sign in with Google” or anything of that sort – how do you think it works?
Does Google provide their proprietary code to millions of application developers who implemented sign in with google into their application?
No, this will be hard for developers to implement, and it will take years to get the code due to the sheer volume of applications.
On the perspective of security, all the user data can be compromised if one application is compromised by cyber-attack.
API calls come handy here. When you successfully sign in with your Google credentials into the application, the Google server communicates a message (sharing the necessary data) to the application that the following user can be granted authorization.
NOTE: The actual process is way more complex, and this is heavily simplified for easier understanding. Read more about how authorization is granted here.
Optimize development time and complexity
When you’re building your back-end, you don’t care about the front-end or vice versa. API’s provide the benefit of focusing on a task without thinking about another feature. You can link them later to build a complete and working application.
For example, do you think Twitter’s android app and website are different applications?
They’re not. The Twitter app and the website client are linked with the same back-end. The front-end for both the clients is developed and then linked to the back-end using APIs providing efficient communication throughout different clients.
If you think of implementing a machine learning model to your application, will you write the code in the same language your whole codebase is written or will you use python?
For sure, most users will get their eyes to python because of the vast library (pre-written code which specializes in certain thing) support it has to offer. You can’t change your whole codebase to another language for just using libraries it has to offer nor can you translate these libraries efficiently.
Then should we ditch the plan of implementing the model? Not necessarily. We can link different parts (e.g. front-end, back-end and so on) of applications using API’s and create an efficient application faster. This approach of building applications is called microservices approach, and we will dive deeper into this later in this post.
If you have an application which is built on monolithic architecture, i.e. everything in one codebase it becomes hard to debug when your application is generating an error.
The simple reason is due to the sheer size of the codebase it will be hard to find the specific error, and if it’s found and fixed, it’s a gamble whether the application as full doesn’t go offline. Don’t you remember how hard it is to find a missing semicolon or a typo? Multiply that numerous times for a big application having a lot of functionality.
Here API’s come in handy because you can diagnose which specific API is malfunctioning using diagnostic tools and then look into the microservice associated with it. You can test the following service more efficiently as the code base will be way smaller and testing is easier as you wouldn’t jeopardize whole of the application.
How companies innovate with APIs?
Create new revenue channels or extend existing ones
Companies want their bottom line high. One way they do this is by monetizing API calls. Let’s understand this with an example.
Expedia needs data from airlines consisting of seats available on different routes alongside the fare. The travel agency pays the airlines whenever it requests data from airlines via API calls.
Expand the reach of your brand
Companies spend billions on marketing to increase the reach of their brands. One way is to make their API’s public.
Next time you use Uber, you will notice google maps as their geolocation and navigation provider. This is done with the help of public API’s and is a win-win situation for both the parties. Uber doesn’t have to develop a new navigation service which will be very costly, and there is no surety; it will be as good as Google Maps. Remember how bad Apple map failed when it first launched?
Google will, on the other hand, get money as well as data. The data is used to improve its mapping service like predicting traffic in a better way.
Facilitate open innovation or improved efficiency through external development and collaboration.
A lot of business is born on the innovation other companies have made. The whole food delivery service, rideshare and e-commerce with multi-billion dollar valuation has popped out due to the low cost of entry in the business.
Imagine how hard it would have been for Uber engineering team to create a high-quality application, efficient navigation service beside a secure payment gateway when it was at its early stage. It wouldn’t be possible as the amount of money needed to build everything from scratch is humongous.
We can say billions of dollar of income is generated with a simple innovation called API. Isn’t it cool?
Shift from Monolithic to Microservices
If you came this far you’re aware how important and efficient development surrounding API is. Companies too understand this, and the majority of the company are built of hundreds of microservices.
Don’t get me wrong monolithic services works well when there is a small application with limited scalability and innovation like a small school attendance system. But nothing more than that is suitable for a monolithic system.
Modern development cycle happens over the cloud, and they use the full potential of development surrounding API.
The simple answer will be cloud service are very cheap and secure in comparison to building your infrastructure from scratch. This facilitates startups to grow fast as now they can focus on product and not of the amount of server they need to buy when traffic spikes up. Cloud service providers do that on their own, and it’s called elasticity.
The best part?
You have to pay how much you have used. In a monolithic world, you had to crunch numbers to afford a new server which you might never need and also had to worry about outage when traffics peak as you never had enough servers.
What is Cloud-native?
A cloud-native approach is not taking your monolithic app and running it on the cloud. It’s all about the development of an application focused on these 3 points.
- Containerized: Each part (applications, processes, etc.) is packaged in its container. This facilitates reproducibility, transparency, and resource isolation.
- Dynamically orchestrated: Containers are actively scheduled and managed to optimize resource utilization.
- Microservices oriented: Applications are segmented into microservices. This significantly increases the overall agility and maintainability of applications.
Cloud-native computing is an approach in software development that utilizes cloud computing to “build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. – Wikipedia
What is an API Gateway?
We can think of it as an API of API’s with additional features. Don’t jump on me. Let me walk you through.
Let’s suppose you have a company who has 100’s of public API’s and these are used by lot of developers. You want to connect a monetization system and also understand how your API’s are being used to prevent misuse. How will you do that for all of these API’s?
Create a API gateway!
An API gateway is an API management tool that sits between a client and a collection of back-end services. An API gateway acts as a reverse proxy to accept all application programming interface (API) calls, aggregate the various services required to fulfil them and return the appropriate result. – RedHat
Simply saying an API gateway will allow you to decouple requests by decoupling and re-routing each request to the requested API alongside monitoring monetization, misuse and analytics. You can also manage security and limit the rate of response if you sense a DDoS is underway.
In general API gateways are crucial when you have a lot of APIs to manage. Some organizations have internal gateways which focus on limiting access to sensitive API’s which aren’t meant for public consumption and other for the partners to build on.
Where to Go From Here
We’ve covered a lot in this piece, but we’ve only touched the surface of this topic. There’s a lot of depth, and I have attached links for you if you want to dive deeper.
Happy Learning 🙂