What are APIs and how do they work?

APIs form integral parts to many web applications but what exactly is an API? How do APIs work? What sort of tech are APIs developed in? Why should we use them? These are all great questions and in this article we uncover all aspects of APIs and how you can benefit from using them.

What exactly is an API?

APIs, huh? You may have heard this term before, mentioned by web and app developers alike but what exactly is an API? APIs, which stands for Application Programming Interface, allow us to do amazing things in web applications.

An API simply put, is a piece of technology that resides on a server somewhere on the internet, that API allows two systems to communicate with one another, by sending and receiving data in an authorised and structured manner.

An API usually resides between the web server and a mobile app or the front end of a web application, as displayed in the below image:

There are many uses for APIs and in this article, we will focus on their role within a web application development environment.

API consumers and API providers

If you are going to use another company’s API that is on the Internet, you are considered an API consumer. When you are making use of the API you are essentially consuming it, hence the name consumer.

If you are the organisation that has developed and released an API on the Internet for example Google, you are considered to be the API provider.

It is important to understand the difference between these two types of role players in the API framework.

Why do we need APIs?

We need APIs as they provide enhanced functionality and processing capabilities to our web applications, through an easy integration. Below are some key points that highlight why we need APIs.

Outsourcing certain parts of your application to an API

By using a 3rd party API that does a whole lot of processing and functionality, means you don’t have to spend days writing the code to do that, you simply leverage off what the API offers. For example you can use the Google Maps API to get a map instead of developing the map yourself. You can clearly see the benefits of this example and the time savings that you gain.

APIs do the heavy lifting so that you don’t have to

These APIs are packed with functions that have been developed by developers who specialise in that particular field and service, meaning that the APIs do the heavy lifting, making it easy for your web or mobile application to incorporate the data and functionality offered by these API providers. You are also leveraging off the expertise of the API provider, something that you may not have in-house.

API maintenance

3rd party APIs are updated, supported and maintained by the API provider. Allowing you to receive the full benefit of these constant updates and improvements. New features are also released from time to time by the provider, meaning that with minimal work required on your side you can incorporate these updates and enhance your application quickly.

What sort of benefits do APIs deliver?

APIs provide loads of benefits to API consumers, allowing them to integrate with API providers, to incorporate loads of functionality, processing power and numerous data sources into their web applications.

Decoupling processing

In the context of APIs, decoupling means that two (or more) systems are able to transact without being dependent on each other.

A decoupled application architecture allows each component (in this case the API and the main web application) to perform its tasks independently – it allows components to remain completely autonomous and unaware of each other.

In other words these processes are decoupled (separated) from one another and do not need to wait for the other to finish.

The API consumer can make multiple API calls to the API provider but doesn’t need to wait for the previous call to be completed. This enhances processing speeds, making the web application faster.

The decoupling and use of APIs in general, allow these web apps to scale and introduce less risk to other parts of the project, due to these API calls working asynchronously.


With APIs, computers rather than humans are doing the work, in an automated fashion. APIs are available 24 hours a day 7 days a week, 365 days a year, giving you the power to increase the automation in your web application.


Consuming decoupled APIs that work in an automated fashion, takes the load off your web application and allows it to scale as more and more people make use of it.

APIs often have built-in scalability ensuring that they can process high loads of API calls without falling over.


APIs and their underlying systems can be written in a variety of different technology stacks and programming languages.

This isn’t a problem at all for you, as you have the flexibility to develop your web app in whatever coding language and tech stack that you want and still integrate with these APIs. This is because the API is tech agnostic, meaning applications of all different languages can integrate with it.

For example, an API can be written in Java but consumed by an application written in PHP.

Access to a world of additional data and functionality

APIs are provided by so many different types of companies and organisations, allowing you to access data that they provide and also functionality which they offer to do various processing tasks.

Some quick examples: weather data, stock prices, mapping data, currency conversions, eCommerce payment processing, etc.

Incorporating this additional data and functionality makes your web application more valuable and informative to the end user.

Less code to maintain

Using APIs means that the maintenance of the API code is done by the API provider. Leaving you with less code to maintain.

Speed advantages

By making use of APIs written by specialists in their field, we are able to take advantage of this and therefore not have to develop this code ourselves, meaning time to develop the entire web application is much quicker. Allowing the web app to get to market quicker.

Common types of web service APIs

1. REST (Representational State Transfer): REST is not a protocol like the other web services; instead, it is a set of architectural principles. The REST service needs to have certain characteristics, including simple interfaces, which are resources identified easily within the request and manipulation of resources using the interface.

2. SOAP (Simple Object Access Protocol): This is a protocol that uses XML as a format to transfer data. Its main function is to define the structure of the messages and methods of communication. It also uses WSDL, or Web Services Definition Language, in a machine-readable document to publish a definition of its interface (what the API provides to the API consumer).

3. JSON-RPC: This protocol is similar to XML-RPC but instead of using XML format to transfer data it uses JSON.

4. XML-RPC: This is a protocol that uses a specific XML format to transfer data compared to SOAP that uses a proprietary XML format. It is also older than SOAP. XML-RPC uses minimum bandwidth and is much simpler than SOAP.

What are APIs written in?

APIs can be written in a variety of languages and there are no real restrictions. The language that the API is developed in is dictated by the API provider and often forms part of their internal tech stack. The API that the consumer consumes is tech agnostic and is provided in a standard format (see the above breakdown), allowing different technologies to interface with these APIs, without restriction.

Securing APIs

Security is very important in any web application and you should definitely be concerned with that, especially if you are dealing with sensitive data. If you are developing an API with the intention of publishing it, it is highly recommended that you secure your API and restrict access by ensuring that API consumers are authenticated.

This authentication is typically done through the use of API keys, usernames and passwords to ensure that only authorized API consumers are able to consume your API. These credentials are generated by the API provider and sent to the consumer, in order to allow them access to the API. Similarly if the API provider wants to stop providing access, they can delete or change these credentials, resulting in the API access being denied.

API security and access can be further enhanced, by restricting only certain IP addresses to have access or even to restrict the API access to certain regions, for example: South Africa only.


It is clear that APIs provide a host of benefits to both API providers and API consumers. API providers are able to allow consumers to gain access to sets of functionality and data in an authorized way, allowing these third party companies to transact with them in a structured and secure manner.

API consumers can extend their web applications by integrating with 3rd party APIs. This allows them to gain access to loads of functionality, processing capabilities and access to data in a quick and easy manner, bringing more value and scalability to their web apps. By integrating with these APIs, there is less code maintenance and support needed, while still gaining the benefit of any updates and new API calls that are provided by the API provider.

APIs have been here for many years and will continue to play a pivotal role in all types of websites, web apps and mobile applications going forward.

Need an API for your business or want to integrate your existing project with a third party API? We’re an email away and always ready to help!

Don't forget to share this post!
Having been established in 2005, in Cape Town, South Africa, Elemental is primarily focused on providing web development services and digital marketing campaigns.