{"id":296,"date":"2020-09-02T06:59:30","date_gmt":"2020-09-02T06:59:30","guid":{"rendered":"https:\/\/www.sagaratechnology.com\/blog\/?p=296"},"modified":"2023-03-27T07:33:54","modified_gmt":"2023-03-27T07:33:54","slug":"the-basic-principles-of-api-application-programming-interface-2","status":"publish","type":"post","link":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/","title":{"rendered":"The Basic Principles of API (Application Programming Interface)"},"content":{"rendered":"\n<p id=\"cf68\">API stands for application programming interface, a concept that applies everywhere from command-line tools to enterprise Java code to Ruby on Rails web apps. An API is a way to programmatically interact with a separate software component or resource.<\/p>\n\n\n\n<p id=\"3680\">Unless you write every single line of code from scratch, you\u2019re going to be interacting with external software components, each with its own API. Even if you do write something entirely from scratch, a well-designed software application will have internal APIs to help organize code and make components more reusable. And there are numerous public APIs that allow you to tap into functionality developed elsewhere over the web.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-69e2cc771804d\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-69e2cc771804d\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#What_is_an_API\" >What is an API?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#API_Guidelines_and_Basic_Principles\" >API Guidelines and Basic Principles<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#Vocabulary\" >Vocabulary<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#Versioning\" >Versioning<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#Support_Multiple_Media_Types\" >Support Multiple Media Types<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#Caching_and_Concurrency_Control\" >Caching and Concurrency Control<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#Standard_Response_Codes\" >Standard Response Codes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#Security_Considerations\" >Security Considerations<\/a><\/li><\/ul><\/nav><\/div>\n<h2 id=\"ac23\"><span class=\"ez-toc-section\" id=\"What_is_an_API\"><\/span><strong>What is an API?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"d748\">An API is defined as a specification of possible interactions with a software component. An API defines functionalities that are independent of their respective implementations, which allows those implementations and definitions to vary without compromising each other. Therefore, a good API makes it easier to develop a program by providing the building blocks.<\/p>\n\n\n\n<p id=\"fee5\">When developers create code, they don\u2019t often start from scratch. APIs enable developers can make repetitive yet complex processes highly reusable with a little bit of code. The speed that APIs enable developers to build out apps is crucial to the current pace of application development.<\/p>\n\n\n\n<p id=\"6568\">Developers are now much more productive than they were before when they had to write a lot of code from scratch. With an API they don\u2019t have to reinvent the wheel every time they write a new program. Instead, they can focus on the unique proposition of their applications while outsourcing all of the commodity functionality to APIs.<\/p>\n\n\n\n<h2 id=\"d88b\"><span class=\"ez-toc-section\" id=\"API_Guidelines_and_Basic_Principles\"><\/span><strong>API Guidelines and Basic Principles<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"4f35\">Some of the guidelines and basic principles described below are subjective but they are essential in today\u2019s API development. They provide fundamental benefits and help to stay at par with industry-wide adoption of best practices:<\/p>\n\n\n\n<h3 id=\"a8e2\"><span class=\"ez-toc-section\" id=\"Vocabulary\"><\/span><strong>Vocabulary<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p id=\"a324\">This refers to the standard naming conventions one should follow while naming each <a href=\"https:\/\/www.sagaratechnology.com\/blog\/api-what-it-is-and-how-it-works\/\">API<\/a> endpoint. They should be human-readable, easy to understand, and follow the HTTP standards.<\/p>\n\n\n\n<h3 id=\"f06f\"><span class=\"ez-toc-section\" id=\"Versioning\"><\/span><strong>Versioning<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p id=\"d8fb\">By versioning, you are allowing various consumers to access your published APIs in two different variations. Though Version management adds complexity to the existing APIs, they do however help in better management of API endpoints, thereby serving various consumers through different mediums. There are two different ways to implement this:<\/p>\n\n\n\n<ul>\n<li>URL \u2014 For e.g., api.myorg.com\/v1\/users<\/li>\n\n\n\n<li>Accept Header \u2014 requesting for specific version via request\/accept header<\/li>\n<\/ul>\n\n\n\n<h2 id=\"c146\"><span class=\"ez-toc-section\" id=\"Support_Multiple_Media_Types\"><\/span><strong>Support Multiple Media Types<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"2417\">At any point in time, a given object or resource can have multiple representations. This is necessary so that various consumers can request the content or resource in the manner that they would like. Having said that, it is not necessary to support all media types, only the ones that are required based on specific use cases.<\/p>\n\n\n\n<h2 id=\"b31c\"><span class=\"ez-toc-section\" id=\"Caching_and_Concurrency_Control\"><\/span><strong>Caching and Concurrency Control<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"3db9\">Caching improves performance, thereby providing faster access to frequently accessed resources and eliminating the load on backend services. However, caching comes the challenge of managing concurrent access. Therefore, it is essential to manage the caching in a better way using HTTP standards such as:<\/p>\n\n\n\n<ul>\n<li>ETag \u2014 Entity tagging. Equivalent to versioning each entity for updates<\/li>\n\n\n\n<li>Last-Modified \u2014 Contains the last modified timestamp<\/li>\n<\/ul>\n\n\n\n<h2 id=\"fda7\"><span class=\"ez-toc-section\" id=\"Standard_Response_Codes\"><\/span><strong>Standard Response Codes<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"3b23\">This responsibility lies with business owners as it affects the business needs of consumers of your APIs. The contract definition should contain all possible error codes that could occur with each API.<\/p>\n\n\n\n<ul>\n<li>Adhere to the standard HTTP response codes<\/li>\n\n\n\n<li>Include both business and developer messages. Developer messages should be optional and contain technical messages that guide debugging and troubleshooting techniques.<\/li>\n\n\n\n<li>Due to security reasons, do not reveal too much about the request (to avoid Cross-Site Request Forgery).<\/li>\n\n\n\n<li>The best practice is to limit the list of potential error codes, as too many error codes lead to chaos.<\/li>\n<\/ul>\n\n\n\n<h2 id=\"9864\"><span class=\"ez-toc-section\" id=\"Security_Considerations\"><\/span><strong>Security Considerations<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"041f\">This does not require much explanation, as security requirements are the basic needs of any application or an API. Keep in mind that your APIs are mostly public, so invest the effort required to secure them. API management platforms (explained in the later section) provide security mechanisms; however, as an API developer, you should be aware of the current trends and industry best practices adopted in addressing security requirements.<\/p>\n\n\n\n<ul>\n<li>Always use SSL<\/li>\n\n\n\n<li>APIs are stateless, so avoid session\/cookie management \u2014 authenticate each request<\/li>\n\n\n\n<li>Authorize based on resource, not on URL<\/li>\n\n\n\n<li>HTTP status code 401 vs. 403: Some may prefer to use code 401 rather than 403 to indicate that either authentication or authorization failed<\/li>\n\n\n\n<li>Follow the guidelines defined by the Open Web Application Security Project (OWASP) Threat Protection<\/li>\n<\/ul>\n\n\n\n<p id=\"ff2e\">API is becoming increasingly important in web development, and its popularity and usage have increased exponentially in the past few years. Hopefully, this article has detailed the basic principles of API. If there are additional notes that I have not included, please mention them in the comments.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>API stands for application programming interface, a concept that applies everywhere from command-line tools to enterprise Java code to Ruby on Rails web apps. An API is a way to programmatically interact with a separate software component or resource. Unless you write every single line of code from scratch, you\u2019re going to be interacting with&#8230;<\/p>\n","protected":false},"author":14,"featured_media":102,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[25,26,27,21,24],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Basic Principles of API (Application Programming Interface)<\/title>\n<meta name=\"description\" content=\"API stands for application programming interface, a concept that applies everywhere from command-line tools.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"The Basic Principles of API (Application Programming Interface)\" \/>\n<meta name=\"twitter:description\" content=\"API stands for application programming interface, a concept that applies everywhere from command-line tools.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2020\/09\/4.gif\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sagara Technology\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Basic Principles of API (Application Programming Interface)","description":"API stands for application programming interface, a concept that applies everywhere from command-line tools.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/","twitter_card":"summary_large_image","twitter_title":"The Basic Principles of API (Application Programming Interface)","twitter_description":"API stands for application programming interface, a concept that applies everywhere from command-line tools.","twitter_image":"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2020\/09\/4.gif","twitter_misc":{"Written by":"Sagara Technology","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#article","isPartOf":{"@id":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/"},"author":{"name":"Sagara Technology","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/person\/e25a7dce1900980898a69a7c63241723"},"headline":"The Basic Principles of API (Application Programming Interface)","datePublished":"2020-09-02T06:59:30+00:00","dateModified":"2023-03-27T07:33:54+00:00","mainEntityOfPage":{"@id":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/"},"wordCount":816,"commentCount":0,"publisher":{"@id":"https:\/\/sagaratechnology.com\/blog\/#organization"},"keywords":["api development","application","interfaces","programming","web development"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/","url":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/","name":"The Basic Principles of API (Application Programming Interface)","isPartOf":{"@id":"https:\/\/sagaratechnology.com\/blog\/#website"},"datePublished":"2020-09-02T06:59:30+00:00","dateModified":"2023-03-27T07:33:54+00:00","description":"API stands for application programming interface, a concept that applies everywhere from command-line tools.","breadcrumb":{"@id":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/sagaratechnology.com\/blog\/the-basic-principles-of-api-application-programming-interface-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sagaratechnology.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Uncategorized","item":"https:\/\/sagaratechnology.com\/blog\/category\/uncategorized\/"},{"@type":"ListItem","position":3,"name":"The Basic Principles of API (Application Programming Interface)"}]},{"@type":"WebSite","@id":"https:\/\/sagaratechnology.com\/blog\/#website","url":"https:\/\/sagaratechnology.com\/blog\/","name":"Sagara Asia Blog","description":"Dapatkan Informasi Seputar Teknologi dan Bisnis","publisher":{"@id":"https:\/\/sagaratechnology.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sagaratechnology.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sagaratechnology.com\/blog\/#organization","name":"Sagara Technology","url":"https:\/\/sagaratechnology.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2021\/10\/sagara-logo.jpeg","contentUrl":"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2021\/10\/sagara-logo.jpeg","width":200,"height":200,"caption":"Sagara Technology"},"image":{"@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/sagara-asia\/"]},{"@type":"Person","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/person\/e25a7dce1900980898a69a7c63241723","name":"Sagara Technology","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/55085e31e9427bed3336eaea67c72b96?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/55085e31e9427bed3336eaea67c72b96?s=96&d=mm&r=g","caption":"Sagara Technology"},"sameAs":["https:\/\/sagaratechnology.com","https:\/\/www.facebook.com\/Sagaratechnology","https:\/\/www.linkedin.com\/company\/sagara-asia\/"]}]}},"_links":{"self":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts\/296"}],"collection":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/comments?post=296"}],"version-history":[{"count":4,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts\/296\/revisions"}],"predecessor-version":[{"id":3918,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts\/296\/revisions\/3918"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/media\/102"}],"wp:attachment":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/media?parent=296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/categories?post=296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/tags?post=296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}