API Access Protocols and API Types

Types of API protocols and architectures

The Google Maps API is probably the one that is most often used by people without them realizing it because it is used via an interface, such as Uber or Lyft. APIs allow products to use capabilities from another product or company in a seamless way. This dramatically reduces the complexity of building software, as these capabilities are often so extensive that it is not possible to develop them from scratch.

There are three major types of API protocols and architectures:

  1. Representational State Transfer (REST): The most popular approach to building APIs is the REST architecture. REST is based on a client/server model and separates the frontend and backend of the API. This model allows for a great deal of flexibility in development and implementation. REST is stateless, which means that the API does not store any data or statuses between requests. For slow or non-time-sensitive APIs, REST supports caching, which stores responses. REST APIs, also known as RESTful APIs, can communicate directly or via intermediary systems, such as API gateways and load balancers.

  2. Remote Procedural Call (RPC): The RPC protocol is a straightforward way to send and receive multiple parameters and results. RPC APIs are used to perform actions or processes, while REST APIs are mostly used to share information or resources, such as documents. For coding, RPC can use two languages: JSON and XML. These APIs are known as JSON-RPC and XML-RPC, respectively.

  3. Simple Object Access Protocol (SOAP): SOAP is a messaging standard defined by the World Wide Web Consortium and is widely used to create web APIs, typically with XML. SOAP supports many internet communication protocols, including HTTP, SMTP, and TCP. SOAP is also expandable and doesn’t have a specific style. This means that developers can write SOAP APIs in different ways and quickly add new features and functions. The SOAP approach defines how the message is processed, including features and modules, the communication protocol(s), and the construction of the SOAP message.

Categorizing API products for efficient API management

Software architects make the selection of the protocol depending on the use case that they are trying to serve with their APIs. There are various users and purposes for APIs, and we should be monitoring and managing them to verify that they are being used correctly. API products can fall into one of four categories:

  • Public APIs: These are available for anybody to use. Good examples of public APIs are the APIs published by the US government, such as the Census API, which makes census data available to the public. The Google Books API also makes its entire database of books available via its public APIs. Public APIs may not always be free to use. Public APIs that are available for no cost are also referred to as open APIs.

  • Partner APIs: APIs exposed by or to strategic business partners are known as partner APIs. They are not accessible to the general public and require specific authorization. While open APIs are entirely open, access to partner APIs requires an onboarding process that includes a particular authentication workflow.

  • Internal APIs: Internal APIs, also known as private APIs, are accessible only through internal systems and are hidden from external users. Internal APIs are not intended for use outside of a company. They are limited to internal development teams to improve productivity and the reuse of services.

  • Composite APIs: Multiple data or service APIs are combined to form composite APIs. They allow developers to make a single call to numerous endpoints. Composite APIs are useful in microservices architecture patterns where information from multiple services is required to complete a single task.

Get hands-on with 1200+ tech skills courses.