Endpoint

Last Updated Jul 13, 2021

What is an API Endpoint?

An API endpoint is the point where the API and the rest of the internet meet and communicate. From the API's perspective, this endpoint is "exposed" to requests from clients. It is also exposed to potentially malicious traffic, so endpoint security is an important concern. The API endpoint takes requests from clients (for example, GET or POST requests) and passes them to a server. Endpoints specify where resources can be accessed.

Endpoint Syntax

Endpoints are called by their Universal Resource Identifiers, or URIs, and Uniform Resource Locator, or URLs, which specify the location and how to access the resource.

API Endpoint Syntax Example

Let's say we want to verify Value Added Tax (VAT) with our[VAT Validation and Rates API. The call to the API endpoint would look this: `curl 'https://vat.abstractapi.com/v1/validate/?api_key={YOUR_API_KEY}&vat_number=SE556656688001'` What do we see in this endpoint?

  • We have the URL `https://vat.abstractapi.com/` that tells us where the endpoint is (`vat.abstractapi.com`), and how to access it (`https`).
  • `/v1/` is the version of this API.
  • `/validate/` is the actual endpoint we are calling. If we wanted to calculate VAT rates we would call `/calculate/`, or if we wanted to see up-to-date VAT rates based on category, we would call `/categories/`.
  • `?api_key={YOUR_API_KEY}` is the API key you received from Abstract API.
  • `&vat_number=SE556656688001` is a required request parameter. This is the actual VAT number we're passing through the `/validate/` endpoint to be verified.
  • `&` is joining our individual query parameters into one query string.  

Calling this API Endpoint

To validate VAT number `SE556656688001`:


curl 'https://vat.abstractapi.com/v1/validate/?api_key={YOUR_API_KEY}&vat_number=SE556656688001'

We should get a JSON file back with the information we requested:


{
    "vat_number": "SE556656688001",
    "valid": true,
    "company": {
        "name": "GOOGLE SWEDEN AB",
        "address": "GOOGLE IRLAND LTD \nM COLLINS, GORDON HOUSE \nBARROW STREET, DUBLIN 4 \nIRLAND"
    },
    "country": {
        "code": "SE",
        "name": "Sweden"
    }
}

What do we see in this GET response?  

  • `vat_number` is the number we requested information for.
  • `valid` is a boolean, and tells us this is a valid VAT number.
  • `company`, `name`, and `address` tell us the registration information of this business.
  • `country`, `code`, and `name` tell us the country this VAT info is associated with. For more information on two-letter country codes, go [here](wikipedia/ISO_3166-1_alpha-2).
  • `/n` prints a new line.

Endpoint Security

An important part of exposing endpoints to clients is ensuring they're secure, because they allow requests from the outside world. APIs generally ask for an email address or signup to send you public and private API keys to use their services, at a minimum. They may go further and use an OAuth authentication server, or even HMAC, but there will likely be some method in place to authenticate users. Other security methods include always using HTTPS, one-way password hashing, strong authentication, rate limiting, validating input, and enforcing IP address filtering.  

Conclusion

The API endpoint is the location a developer sends requests to interact with the API, and the point the API owner must expose to allow developers to use it. The REST API contract governs how data may be exchanged between clients and servers, and it is here where that contract is most important.

Related

JSON

Everything you need to know about JSON (aka Javascript Object Notation). This article tells you about JSON format, how to use JSON, basic data types, and more.

PUT

Everything you need to know about PUT. This short article will tell you what PUT is, give you a PUT API example, explain REST API methods, and more.

POST

Everything you wanted to know about what a POST request is, how it's used, how it's different than PUT and PATCH, and more.

SOAP API

Everything you wanted to know about SOAP API's, including what they are, what their parts are, and how and when they are used today.

API Integration

Everything you need to know about API (aka Application Programming Interface) Integration. This article tells you what it is, what you can do with it, and more.

API Gateway

Everything you need to know about an API Gateway. This article will explain what's in an API Gateway, the advantages, disadvantages, and look at API Management.

Let's send your first API call.

Get your API key in 10 seconds and start automating workflows.
Get started
API's to LOOK UP
Weather APIMarket Data APIIP Geolocation APIExchange Rate APIPublic Holidays APICompany Enrichment APITime, Date, Timezone APILanguage Translation API
API's to Create
User Avatar APIWeb Scraping APILink Shortener APIImage Processing APIWebsite Screenshot API
API's to validate
IBAN Validation APIEmail Validation APIPhone Validation APIVAT Validation & Rates API
Resources
Free GDPR Cookie BannerHTTP Status Code GuideWhat is my IP address?Email Regex GuideAPI Guides & TipsAPI GlossaryFull API List
company
Contact UsFacebookLinkedinTwitterLegalGDPR & CCPA
Work with us
🚀 We're hiring a CTO / engineering lead!Publish your API on AbstractJoin our affiliate programWrite a guest post
The API Company
Made in San Francisco & Paris
Try Abstract's suite of free API's, trusted by 100,000+ developers.
Get started