Source: Wikipedia, the free encyclopedia.
Screenshot of web API documentation written by NASA demonstrating the use of APOD.

An application programming interface (API) is a way for two or more

software interface, offering a service to other pieces of software.[1] A document or standard that describes how to build or use such a connection or interface is called an API specification. A computer system that meets this standard is said to implement or expose an API. The term API may refer either to the specification or to the implementation. Whereas a system's user interface
dictates how its end-users interact with the system in question, its API dictates how to write code that takes advantage of that system's capabilities.

In contrast to a

subroutines, methods, requests, or endpoints
. An API specification defines these calls, meaning that it explains how to use or implement them.

One purpose of APIs is to hide the internal details of how a system works, exposing only those parts that a programmer will find useful, and keeping them consistent even if the internal details change later. An API may be custom-built for a particular pair of systems, or it may be a shared standard allowing interoperability among many systems.

There are APIs for programming languages, software libraries, computer operating systems, and computer hardware. APIs originated in the 1940s, though the term did not emerge until the 1960s and 1970s. Contemporary usage of the term API often refers to web APIs,[2] which allow communication between computers that are joined by the internet. Recent developments in APIs have led to the rise in popularity of microservices, which are loosely coupled services accessed through public APIs.[3]

APIs should be versioned. There are two common versioning strategies:[4]

  • Additive change strategy: new features are added without modifying existing ones. Any update must be backward compatible. This strategy is suitable for small projects with low rate of change.
  • Explicit version strategy: this strategy allows making any changes including breaking changes. This strategy is suitable for complex applications and complex changes.


In building applications, an API simplifies programming by

function that copies a file from one location to another without requiring that the developer understand the file system operations occurring behind the scenes.[5]

History of the term

The term API initially described an interface only for end-user-facing programs, known as

application programs. This origin is still reflected in the name "application programming interface." Today, the term is broader, including also utility software and even hardware interfaces.[7]

1940s and 50s

The idea of the API is much older than the term itself. British computer scientists

punched paper tape organized in a filing cabinet. This cabinet also contained what Wilkes and Wheeler called a "library catalog" of notes about each subroutine and how to incorporate it into a program. Today, such a catalog would be called an API (or an API specification or API documentation) because it instructs a programmer on how to use (or "call") each subroutine that the programmer needs.[7]

Wilkes and Wheeler's 1951 book The Preparation of Programs for an Electronic Digital Computer contains the first published API specification. Joshua Bloch considers that Wilkes and Wheeler "latently invented" the API because it is more of a concept that is discovered than invented.[7]

hardware independent programs possible.[8]

1960s and 70s

The term "application program interface" (without an ‑ing suffix) is first recorded in a paper called Data structures and techniques for remote

hardware independence if the computer or the display were replaced.[8]

The term was introduced to the field of

database management systems. This framework treated the application programming interface separately from other interfaces, such as the query interface. Database professionals in the 1970s observed these different interfaces could be combined; a sufficiently rich application interface could support the other interfaces as well.[6]

This observation led to APIs that supported all types of programming, not just application programming.


By 1990, the API was defined simply as "a set of services available to a programmer for performing certain tasks" by technologist Carl Malamud.[12]

The idea of the API was expanded again with the dawn of

CORBA, COM, and DCOM competed to become the most common way to expose API services.[13]


Representational state transfer (REST) and described the idea of a "network-based Application Programming Interface" that Fielding contrasted with traditional "library-based" APIs.[14] XML and JSON web APIs saw widespread commercial adoption beginning in 2000 and continuing as of 2022. The web API is now the most common meaning of the term API.[2]

The Semantic Web proposed by Tim Berners-Lee in 2001 included "semantic APIs" that recasts the API as an open, distributed data interface rather than a software behavior interface.[15] Proprietary interfaces and agents became more widespread than open ones, but the idea of the API as a data interface took hold. Because web APIs are widely used to exchange data of all kinds online, API has become a broad term describing much of the communication on the internet.[13] When used in this way, the term API has overlap in meaning with the term communication protocol.


Libraries and frameworks

The interface to a software library is one type of API. The API describes and prescribes the "expected behavior" (a specification) while the library is an "actual implementation" of this set of rules.

A single API can have multiple implementations (or none, being abstract) in the form of different libraries that share the same programming interface.

The separation of the API from its implementation can allow programs written in one language to use a library written in another. For example, because Scala and Java compile to compatible bytecode, Scala developers can take advantage of any Java API.[16]

API use can vary depending on the type of programming language involved. An API for a

class methods.[17][18] Hyrum's law states that "With a sufficient number of users of an API, it does not matter what you promise in the contract: all observable behaviors of your system will be depended on by somebody."[19] Meanwhile, several studies show that most applications that use an API tend to use a small part of the API.[20]

Language bindings are also APIs. By mapping the features and capabilities of one language to an interface implemented in another language, a language binding allows a library or service written in one language to be used when developing in another language.[citation needed]

Tools such as SWIG and F2PY, a Fortran-to-Python interface generator, facilitate the creation of such interfaces.[21]

An API can also be related to a

software framework
: a framework can be based on several libraries implementing several APIs, but unlike the normal use of an API, the access to the behavior built into the framework is mediated by extending its content with new classes plugged into the framework itself.

Moreover, the overall program flow of control can be out of the control of the caller and in the framework's hands by inversion of control or a similar mechanism.[22][23]

Operating systems

An API can specify the interface between an application and the operating system.[24] POSIX, for example, provides a set of common API specifications that aim to enable an application written for a POSIX conformant operating system to be compiled for another POSIX conformant operating system.

Linux and Berkeley Software Distribution are examples of operating systems that implement the POSIX APIs.[25]

Microsoft has shown a strong commitment to a backward-compatible API, particularly within its Windows API (Win32) library, so older applications may run on newer versions of Windows using an executable-specific setting called "Compatibility Mode".[26]

An API differs from an application binary interface (ABI) in that an API is source code based while an ABI is binary based. For instance, POSIX provides APIs while the Linux Standard Base provides an ABI.[27][28]

Remote APIs

Remote APIs allow developers to manipulate remote resources through

, specific standards for communication that allow different technologies to work together, regardless of language or platform. For example, the Java Database Connectivity API allows developers to query many different types of databases with the same set of functions, while the Java remote method invocation API uses the Java Remote Method Protocol to allow invocation of functions that operate remotely but appear local to the developer.[29][30]

Therefore, remote APIs are useful in maintaining the object abstraction in

method call, executed locally on a proxy
object, invokes the corresponding method on the remote object, using the remoting protocol, and acquires the result to be used locally as a return value.

A modification of the proxy object will also result in a corresponding modification of the remote object.[31]

Web APIs

Web APIs are a service accessed from client devices (mobile phones, laptops, etc.) to a

Hypertext Transfer Protocol (HTTP). Client devices send a request in the form of an HTTP request, and are met with a response message usually in JavaScript Object Notation (JSON) or Extensible Markup Language (XML
) format. Developers typically use Web APIs to query a server for a specific set of data from that server.

An example might be a shipping company API that can be added to an eCommerce-focused website to facilitate ordering shipping services and automatically include current shipping rates, without the site developer having to enter the shipper's rate table into a web database. While "web API" historically has been virtually synonymous with

representational state transfer (REST) style web resources and resource-oriented architecture (ROA).[32] Part of this trend is related to the Semantic Web movement toward Resource Description Framework (RDF), a concept to promote web-based ontology engineering technologies. Web APIs allow the combination of multiple APIs into new applications known as mashups.[33]

In the social media space, web APIs have allowed web communities to facilitate sharing content and data between communities and applications. In this way, content that is created in one place dynamically can be posted and updated to multiple locations on the web.[34] For example, Twitter's REST API allows developers to access core Twitter data and the Search API provides methods for developers to interact with Twitter Search and trends data.[35]


The design of an API has a significant impact on its usage.[5] First of all, the design of programming interfaces represents an important part of software architecture, the organization of a complex piece of software.[36] The principle of information hiding describes the role of programming interfaces as enabling modular programming by hiding the implementation details of the modules so that users of modules need not understand the complexities inside the modules.[37] Aside from the previous underlying principle, other metrics for measuring the usability of an API may include properties such as functional efficiency, overall correctness, and learnability for novices.

Nielsen's heuristic evaluation guidelines. The Factory method pattern is also typical in designing APIs due to their reusable nature.[39] Thus, the design of an API attempts to provide only the tools a user would expect.[5]

Synchronous versus asynchronous

An application programming interface can be synchronous or asynchronous. A synchronous API call is a design pattern where the call site is blocked while waiting for the called code to finish.[40] With an asynchronous API call, however, the call site is not blocked while waiting for the called code to finish, and instead the calling thread is notified when the reply arrives.


API security is very critical when developing a public facing API. Common threats include SQL injection, Denial-of-service attack (DoS), broken authentication, and exposing sensitive data.[41] Without ensuring proper security practices, bad actors can get access to information they should not have or even gain privileges to make changes to your server. Some common security practices include proper connection security using HTTPS, content security to mitigate data injection attacks, and requiring an API key to use your service.[42] Many public facing API services require you to use an assigned API key, and will refuse to serve data without sending the key with your request.[43]

Release policies

APIs are one of the more common ways technology companies integrate. Those that provide and use APIs are considered as being members of a business ecosystem.[44]

The main policies for releasing an API are:[45]

  • Private: The API is for internal company use only.
  • Partner: Only specific business partners can use the API. For example, vehicle for hire companies such as Uber and Lyft allow approved third-party developers to directly order rides from within their apps. This allows the companies to exercise quality control by curating which apps have access to the API and provides them with an additional revenue stream.[46]
  • Public: The API is available for use by the public. For example,
    RESTful APIs to allow customers and resellers access to their infrastructure information, DDoS stats, network performance, or dashboard controls.[47] Access to such APIs is granted either by "API tokens", or customer status validations.[48]

Public API implications

An important factor when an API becomes public is its "interface stability". Changes to the API—for example adding new parameters to a function call—could break compatibility with the clients that depend on that API.[49]

When parts of a publicly presented API are subject to change and thus not stable, such parts of a particular API should be documented explicitly as "unstable". For example, in the Google Guava library, the parts that are considered unstable, and that might change soon, are marked with the Java annotation @Beta.[50]

A public API can sometimes declare parts of itself as deprecated or rescinded. This usually means that part of the API should be considered a candidate for being removed, or modified in a backward incompatible way. Therefore, these changes allow developers to transition away from parts of the API that will be removed or not supported in the future.[51]

On February 19, 2020, Akamai published their annual "State of the Internet" report, showcasing the growing trend of cybercriminals targeting public API platforms at financial services worldwide. From December 2017 through November 2019, Akamai witnessed 85.42 billion credential violation attacks. About 20%, or 16.55 billion, were against hostnames defined as API endpoints. Of these, 473.5 million have targeted financial services sector organizations.[52]


API documentation describes the services an API offers and how to use those services, aiming to cover everything a client would need to know for practical purposes.

Documentation is crucial for the development and maintenance of applications using the API.[53] API documentation is traditionally found in documentation files but can also be found in social media such as blogs, forums, and Q&A websites.[54]

Traditional documentation files are often presented via a documentation system, such as Javadoc or Pydoc, that has a consistent appearance and structure. However, the types of content included in the documentation differ from API to API.[55]

In the interest of clarity, API documentation may include a description of classes and methods in the API as well as "typical usage scenarios, code snippets, design rationales, performance discussions, and contracts", but implementation details of the API services themselves are usually omitted.

Reference documentation for a REST API can be generated automatically from an OpenAPI document, which is a machine-readable text file that uses a prescribed format and syntax defined in the OpenAPI Specification. The OpenAPI document defines basic information such as the API's name and description, as well as describing operations the API provides access to.[56]

API documentation can be enriched with metadata information like Java annotations. This metadata can be used by the compiler, tools, and by the run-time environment to implement custom behaviors or custom handling.[57]

Dispute over copyright protection for APIs

In 2010, Oracle Corporation sued Google for having distributed a new implementation of Java embedded in the Android operating system.

in the U.S and that a victory for Oracle would have widely expanded copyright protection to a "functional set of symbols" and allowed the copyrighting of simple software commands:

To accept Oracle's claim would be to allow anyone to copyright one version of code to carry out a system of commands and thereby bar all others from writing its different versions to carry out all or part of the same commands.[59][60]

Alsup's ruling was overturned in 2014 on appeal to the Court of Appeals for the Federal Circuit, though the question of whether such use of APIs constitutes fair use was left unresolved.[61][62]

In 2016, following a two-week trial, a jury determined that Google's reimplementation of the Java API constituted fair use, but Oracle vowed to appeal the decision.[63] Oracle won on its appeal, with the Court of Appeals for the Federal Circuit ruling that Google's use of the APIs did not qualify for fair use.[64] In 2019, Google appealed to the Supreme Court of the United States over both the copyrightability and fair use rulings, and the Supreme Court granted review.[65] Due to the COVID-19 pandemic, the oral hearings in the case were delayed until October 2020.[66]

The case was decided by the Supreme Court in Google's favor with a ruling of 6–2. Justice Stephen Breyer delivered the opinion of the court and at one point mentioned that "The declaring code is, if copyrightable at all, further than are most computer programs from the core of copyright." This means the code used in APIs are more similar to dictionaries than novels in terms of copyright protection.[67]


See also


  1. from the original on 2023-04-15. Retrieved 2023-03-21.
  2. ^ a b Lane, Kin (October 10, 2019). "Intro to APIs: History of APIs". Postman. Archived from the original on September 11, 2020. Retrieved September 18, 2020. When you hear the acronym "API" or its expanded version "Application Programming Interface", it is almost always in reference to our modern approach, in that we use HTTP to provide access to machine readable data in a JSON or XML format, often simply referred to as "web APIs." APIs have been around almost as long as computing, but modern web APIs began taking shape in the early 2000s.
  3. businesswire.com. Archived
    from the original on 2022-04-08. Retrieved 2022-03-29.
  4. .
  5. ^ a b c Clarke, Steven (2004). "Measuring API Usability". Dr. Dobb's. Archived from the original on 3 March 2022. Retrieved 29 July 2016.
  6. ^
    LCCN 81600004
    . NBS special publication 500-76. Retrieved September 18, 2020.
  7. ^ a b c d Bloch, Joshua (August 8, 2018). A Brief, Opinionated History of the API (Speech). QCon. San Francisco: InfoQ. Archived from the original on September 22, 2020. Retrieved September 18, 2020.
  8. ^ from the original on 2020-10-20. Retrieved 2020-09-19.
  9. ^ "application program interface". Oxford English Dictionary (Online ed.). Oxford University Press. (Subscription or participating institution membership required.)
  10. .
  11. .
  12. from the original on 2021-01-26. Retrieved 2020-09-19.
  13. ^ from the original on 2023-04-10. Retrieved 2023-03-21.
  14. ^ Fielding, Roy (2000). Architectural Styles and the Design of Network-based Software Architectures (PhD). University of California, Irvine. Archived from the original on January 22, 2020. Retrieved September 18, 2020.
  15. .
  16. ^ Odersky, Martin; Spoon, Lex; Venners, Bill (10 December 2008). "Combining Scala and Java". artima.com. Archived from the original on 8 August 2016. Retrieved 29 July 2016.
  17. S2CID 59833827
    . Retrieved 29 July 2016.
  18. from the original on 2020-10-19. Retrieved 2020-07-18.
  19. .
  20. .
  21. ^ "F2PY.org". F2PY.org. Archived from the original on 2011-07-04. Retrieved 2011-12-18.
  22. ^ Fowler, Martin. "Inversion Of Control". Archived from the original on 2011-01-23. Retrieved 2011-08-25.
  23. ^ Fayad, Mohamed. "Object-Oriented Application Frameworks". Archived from the original on 2013-11-05. Retrieved 2013-11-05.
  24. from the original on 22 August 2016. Retrieved 2 August 2016.
  25. (PDF) from the original on 27 August 2016. Retrieved 2 August 2016.
  26. ^ Microsoft (October 2001). "Support for Windows XP". Microsoft. p. 4. Archived from the original on 2009-09-26.
  27. ^ "LSB Introduction". Linux Foundation. 21 June 2012. Archived from the original on 2015-04-02. Retrieved 2015-03-27.
  28. ^ Stoughton, Nick (April 2005). "Update on Standards" (PDF). USENIX. Archived (PDF) from the original on 2009-03-27. Retrieved 2009-06-04.
  29. ProQuest 304864018. Archived
    (PDF) from the original on 11 October 2016. Retrieved 29 July 2016.
  30. from the original on 2020-07-20. Retrieved 2020-07-18.
  31. . Retrieved 16 June 2015.
  32. ^ Benslimane, Djamal; Schahram Dustdar; Amit Sheth (2008). "Services Mashups: The New Generation of Web Applications". IEEE Internet Computing, vol. 12, no. 5. Institute of Electrical and Electronics Engineers. pp. 13–15. Archived from the original on 2023-10-07. Retrieved 2019-10-01.
  33. PC World, archived from the original
    on Oct 10, 2017
  34. ^ Parr, Ben (21 May 2009). "The Evolution of the Social Media API". Mashable. Archived from the original on Aug 11, 2016. Retrieved 26 July 2016.
  35. ^ "GET trends/place". Twitter Developer Platform. Archived from the original on 2020-06-17. Retrieved 2020-04-30.
  36. ^ Garlan, David; Shaw, Mary (January 1994). "An Introduction to Software Architecture" (PDF). Advances in Software Engineering and Knowledge Engineering. 1. Archived (PDF) from the original on 6 May 2021. Retrieved 8 August 2016 – via CMU School of Computer Science.
  37. S2CID 53856438
  38. .
  39. .
  40. ^ "Synchronous vs. Asynchronous Writes - Packaged Contact Center Enterprise" - Cisco DevNet Archived 2022-08-03 at the Wayback Machine.
  41. ^ Silva, Paulo (2019). "Global Cloud Microservices Market (2021 to 2026)". Archived from the original on 2020-02-18. Retrieved 2022-03-29.
  42. ^ "Web Security". 2022-02-18. Archived from the original on 2022-04-02. Retrieved 2022-03-29.
  43. ^ "API Keys – What Is an API Key? | APILayer Blog". 2022-03-01. Archived from the original on 2022-05-16. Retrieved 2022-07-15.
  44. ^ de Ternay, Guerric (Oct 10, 2015). "Business Ecosystem: Creating an Economic Moat". BoostCompanies. Archived from the original on 2016-09-17. Retrieved 2016-02-01.
  45. ^ Boyd, Mark (2014-02-21). "Private, Partner or Public: Which API Strategy Is Best for Business?". ProgrammableWeb. Archived from the original on 2016-07-18. Retrieved 2 August 2016.
  46. ^ Weissbrot, Alison (7 July 2016). "Car Service APIs Are Everywhere, But What's In It For Partner Apps?". AdExchanger. Archived from the original on 28 July 2020. Retrieved 14 August 2020.
  47. ^ "Cloudflare API v4 Documentation". cloudflare. 25 February 2020. Archived from the original on 26 February 2020. Retrieved 27 February 2020.
  48. ^ Liew, Zell (17 January 2018). "Car Service APIs Are Everywhere, But What's In It For Partner Apps". Smashing Magazine. Archived from the original on 21 February 2020. Retrieved 27 February 2020.
  49. . Retrieved 22 July 2016.
  50. ^ "guava-libraries – Guava: Google Core Libraries for Java 1.6+". Google Project Hosting. 2014-02-04. Archived from the original on Mar 26, 2014. Retrieved 2014-02-11.
  51. ^ Oracle. "How and When to Deprecate APIs". Java SE Documentation. Archived from the original on 9 April 2016. Retrieved 2 August 2016.
  52. ^ Takanashi, Dean (19 February 2020). "Akamai: Cybercriminals are attacking APIs at financial services firms". Venture Beat. Archived from the original on 27 February 2020. Retrieved 27 February 2020.
  53. CiteSeerX
  54. .
  55. ^ Maalej, Waleed; Robillard, Martin P. (April 2012). "Patterns of Knowledge in API Reference Documentation" (PDF). IEEE Transactions on Software Engineering. Archived (PDF) from the original on 22 August 2016. Retrieved 22 July 2016.
  56. ^ "Structure of an OpenAPI Document". OpenAPI Documentation. Archived from the original on 2022-11-06. Retrieved 2022-11-06.
  57. ^ "Annotations". Sun Microsystems. Archived from the original on 2011-09-25. Retrieved 2011-09-30..
  58. ^ "Oracle and the End of Programming As We Know It". DrDobbs. 2012-05-01. Archived from the original on 2012-05-09. Retrieved 2012-05-09.
  59. ^ "APIs Can't be Copyrighted Says Judge in Oracle Case". TGDaily. 2012-06-01. Archived from the original on 2012-12-21. Retrieved 2012-12-06.
  60. ^ "Oracle America, Inc. vs. Google Inc." (PDF). Wired. 2012-05-31. Archived (PDF) from the original on 2013-11-04. Retrieved 2013-09-22.
  61. ^ "Oracle Am., Inc. v. Google Inc., No. 13-1021, Fed. Cir. 2014". Archived from the original on 2014-10-10.
  62. ^ Rosenblatt, Seth (May 9, 2014). "Court sides with Oracle over Android in Java patent appeal". CNET. Archived from the original on 2017-04-19. Retrieved 2014-05-10.
  63. ^ "Google beats Oracle – Android makes "fair use" of Java APIs". Ars Technica. 2016-05-26. Archived from the original on 2017-01-20. Retrieved 2016-07-28.
  64. ^ Decker, Susan (March 27, 2018). "Oracle Wins Revival of Billion-Dollar Case Against Google". Bloomberg Businessweek. Archived from the original on January 9, 2022. Retrieved March 27, 2018.
  65. ^ Lee, Timothy (January 25, 2019). "Google asks Supreme Court to overrule disastrous ruling on API copyrights". Ars Technica. Archived from the original on April 23, 2019. Retrieved February 8, 2019.
  66. ^ vkimber (2020-09-28). "Google LLC v. Oracle America, Inc". LII / Legal Information Institute. Archived from the original on 2021-04-15. Retrieved 2021-03-06.
  67. ^ "Supreme Court of the United States, No. 18–956, GOOGLE LLC, PETITIONER v. ORACLE AMERICA, INC" (PDF). April 5, 2021. Archived (PDF) from the original on April 5, 2021. Retrieved April 25, 2021.

Further reading

External links

This page is based on the copyrighted Wikipedia article: API. Articles is available under the CC BY-SA 3.0 license; additional terms may apply.Privacy Policy