Intro to APIs

What is an API?

API (or application programming interface) is a great way to access a large amount of data about users, technology, software, etc. There are 3 types of APIs released: private, partner, and public or external. Public APIs are typically freely available at a limited rate. Want to learn more about what type of data is freely available? Check out this GitHub repository for a full list of public APIs!

APIs allow us to communicate between applications and return data. APIs are not databases but connect you to applications that can communicate with the database.

Picture of request from browser to API to web servers and databases and back as a response to the user | 600

When using any APIs, it is important to follow developer guidelines. Most specifically it is important to understand how to apply for an API key, identify important endpoints and their syntax, best practices for using the API, and attribution.


An API Key is a unique identifier used to identify and authenticate a user. An API key grants you use of an API and also lets the database know what type of user you are. This can help distinguish between access rights which is important when considering the security of the database’s data and its users. There are many types of access given depending on the type of application you are accessing. Some API keys may be tied to an account with a credit card or other sensitive information. It is best practice to keep this information secret and to never share your key with anyone. API keys can be used indefinitely and are not secure. Hackers or malicious attacks may potentially use your API key to compromise your system or information. What does this mean for this course? It is important to always generate your own key and to remember to **remove** your key when submitting your work on GitHub or even to CodePath! Always replace your API key in your code with a generic String.

Understanding HTTP Protocol

Let's look at the process on how information is exchanged on the internet.

Image of client/server flow

  1. You open up a web browser and make a search. What is happening behind the scenes is your device, or the client, makes a request to a server. Servers are other computers that store the information (webpages, sites, or apps) that you are accessing.
  2. Given the information stored in the request, the server then processes the request and gathers the associated information.
  3. If the request is valid, the server sends a response with a 200 OK message. This lets the client know that the website is viewable and can access the data available.

You may notice that sometimes if your internet is not connected or if you try to access a website that is no longer operating you get a 404 message. This is an example of different types of messages that can be sent with a server response.


A protocol is a system of rules that define how data is exchanged between computers, it is simply the means of communication between devices. There are many types of protocols used between clients and servers, but a common one used is HTTP, or Hypertext Transfer Protocol.

When making an HTTP request, URLs should have the following syntax:


Let's look at an example. If we tried to Google the phrase "puppy" let's breakdown the syntax of a typical URL:
  • http or https: Indicates the type of protocol we are using. URLs starting with https, or Hypertext Transfer Protocol Secure. This provides encryption on top of browsers and server communication to protect from potential malware.
  • This is the host name. Host names are used to give IP addresses an alias since it's much easier to remember a phrase or word over a series of numbers.
  • search: This is the resource or path to the specific file we are trying to access. In our case, we want to search for a phrase. Query strings follow the syntax of parameter=value.
  • ?q=puppy&source=hp...: This is the query string. In some cases, some resources require additional arguments or information to respond with custom data. Since we are searching with something, our request should include a search term.
    • ?: This indicates the end of the resource and the beginning of the query string
    • q=puppy: For Google, they name their parameter q to store the search term.
    • &: Using the & symbol helps add additional parameters into our request.
Fork me on GitHub