An API call occurs when a client issues a request to an API. This request is formatted with a request verb, headers, and optionally, a request body, per REST API specifications. The API validates the request, and makes its own call to a server or external program for the requested data. The requested data is returned to the API from the server, and the API passes the data to the client.
A client can issue different kinds of requests, of which there are four main types:
An API request isn't always just asking for something, but to perform an action, like adding or modifying data on a server accessed through an API. REST provides an architecture for HTTP clients and servers to understand and process these [.
The developer issues a request, like this: `curl GET https://www.abstractapi.com/`, to tell the API it wants to GET data from this server.
The API receives this call, probably with an authentication key in the header, and ensures it is a valid call that meets the standards of the REST API contract. When the API understands the request, it sends it to the server or application specified by the client.
The server recalls the data the API has told it is being requested, and delivers it, most likely as a JSON file, back to the API. If you call `curl GET https://jsonplaceholder.typicode.com/` your response might look something like this:
This is the data you requested with your GET request in JSON format.
The API receives this information from the server, and passes it back to the client as a JSON card. Voila! This completes the API call.
If you just pulled the data off a server, you'd have access to the server. You could add, delete, and generally mess up someone else's hard-earned data. Even more importantly, if you were designing a web shop, you'd have access to bank accounts! APIs offer security. The API provides security by decoupling the consuming application from the infrastructure providing the service, and if you're using a API, you've likely undergone some kind of authentication or credentials verification.
Also, if you just called a server for data, you'd be missing out on the awesome functionality APIs provide. Calling the PayPal API, for example, not only unlocks customer payments, but their suite of tooling as well, with what amounts to an external function call. Pretty cool.
With this basic GET request, you've unlocked the power of API development. You don't just have to GET data from a server: you can POST new records, or PUT data to modify, DELETE, and a few other methods. From weather reports to real estate prices, APIs put the world just a call away from your software.