Using existing services, not designing by self

As developers, we strive to build new and exciting technologies quickly. Third Party Application programming interface (API) integration allows us to integrate existing technologies rather than spend valuable time redeveloping the wheel.

A focus on developing a core product is the key to success — especially when you’re working at a start-up or on a project with tight constraints. Integrating APIs is a great way to move forward quickly but you need to be thoughtful and deliberate when integrating.

Lots of applications these days, as part of their business logic, execute calls to external APIs that are developed by 3rd parties.

One immense benefit of the API and algorithm economy is that almost everything is consumable as a service, and as you know, I am all about decoupling components as much as possible to make everything in a project more logical and more manageable, rather than some kind of monolithic mess of poorly formatted whatever.

Microservices, as you might imagine, address this exact concern. They are simple to use, but even simpler to make your application as large (or small) as your scale requires. The justification is often self-evident the first time you find yourself needing that kind of elasticity, and usually you come away believing it was worth the effort, if done properly.

Quote

"At its most basic definition, APIs let applications communicate with each other."

Few of the keys to successful API Integration

1. Documentation: Learn before you integrate. The key to a smooth API integration is to go through its documentation as much as you can. All the information, different use-cases, edge-cases, and more are provided in the documentation for most API documentation. If the documentation for the integration is lacking, rethink the use of the API. When you want to use a third party API, it is essential to find out where the documentation is, so you can find out what features the API has, how you use them, etc.

2. Whitelist IPs: Make sure that the endpoints are accessible. Some vendors prefer to have the access of their APIs on whitelisted IP’s i.e. they agree to whitelist the IP’s for User Acceptance Testing(UAT) as per requirement of new users so that the API is not available to general public.

3. Worst-case, locking API scenarios limit: Some API may have a locking limit, for instance, if you happen to ping the endpoint with incorrect credentials, it will lock the endpoint from returning a successful response similar to an account login lock. It’s necessary to keep these worst-case scenarios in mind before pinging a certain endpoint multiple times.

4. Usage limit: Blocking traffic from single sources of traffic protects API providers from overloading their systems. Each provider is different, but it’s important to know these constraints and build around these constraints.

Pros and Cons of First Party APIs

A First Party API gives you complete control over every aspect of the API lifecycle, including development, design, and implementation. Developing a First Party API, then, makes the most sense for unique client cases or security scenarios.

However, developing and implementing an API in-house is expensive and takes time and resources to ensure it's functioning properly at all times.

Quote

Good software requires constant upkeep and time spent on it, so you need to be willing to put in the time and money to keep your API up-to-date and able to be used.

Additionally, as complexity increases, so does expense. In the long run, particularly if you believe you'll need an API that can scale as your business grows, it might not be an optimal solution for your budget.

Pros and Cons of Third Party APIs

An API developed by a third-party will have requirements and regulations, so it's not necessarily an optimal solution if you need to tailor an API for specific business or client needs. However, most of the time, a Third Party API will meet your needs and be a safer and more effective solution.

Oftentimes, there's no real need to reinvent the wheel. For instance, why go through the trouble of developing, designing, and implementing a maps platform with an in-house API when you can just as easily use Google Maps?

Plus, and perhaps most appealingly -- since you don't own a Third Party API, there's very little upkeep.

---

Using third-party APIs

Third party APIs are APIs provided by third parties — generally companies such as Facebook, Twitter, or Google — to allow you to access their functionality via JavaScript and/or REST API and use it on your site. One of the most obvious examples is using mapping APIs to display custom maps on your pages.

Browser APIs are built into the browser — you can access them from JavaScript immediately. Third party APIs on the other hand, are located on third party servers.

Security for browser APIs tends to be handled by permission prompts. Third party APIs have a slightly different permissions system — they tend to use developer keys to allow developers access to the API functionality, which is more to protect the API vendor than the user. The developer of the application must apply to get a key, and then include it in their code to be allowed access to the API's functionality. Most APIs require you to use some kind of developer key, for reasons of security and accountability.

Requiring a key enables the API provider to hold users of the API accountable for their actions. When the developer has registered for a key, they are then known to the API provider, and action can be taken if they start to do anything malicious with the API (such as tracking people's location or trying to spam the API with loads of requests to stop it working, for example). The easiest action would be to just revoke their API privileges.

---

Commonly used APIs

Twitter

Twitter provides various API endpoints for completing various tasks. For example, you can use the Search API to retrieve historical tweets, the Account Activity API to access account activities, the Direct Message API to send direct messages, Ads API to create advertisement campaigns, and Embed API to insert tweets on your web application.

Twitter provides its APIs for free. However, if you want a high level of access and reliability, you’ll need to contact them for paid API versions.

The Twitter APIs are very easy to use. Twitter provides comprehensive documentation to assist you in flawlessly integrating any of its APIs into your specific use case.

Read more from Twitter developer docs

Facebook

Facebook provides various APIs and SDKs that allow developers to access its data and extend the capabilities of their applications. The Facebook Graph API is an HTTP-based API that provides the main way of accessing the platform’s data. With the API, you can query data, post images, access pages, create new stories, and carry out other tasks. Furthermore, the Facebook Marketing API allows you to create applications for automatically marketing your products and services on the platform.

The Facebook APIs are provided for free.

Apart from its detailed documentation, Facebook has an active developer community with members who are always willing to assist each other make the most of the APIs.

Read more from Facebook for developers page

Google

Google gives us an access to lots of welfare with the Google API. The API enable to use Google services from our own applications. For example our apps can exchange data with google drive, use Gmail, calendar, Blogger, ask for analytical data from YouTube. Besides that there are lots of google cloud services that are available to use. Each API has its own big free quota which allows to reliably rely on Google services.

Some of the most commonly seen features are the OAuth 2.0 (used for authentication) or the Maps API.

Check out all the available options from Google APIs Explorer

---

Further reading

• Restcase blog: Internal vs External APIs
• Top 10 Social Media APIs: Twitter, Facebook, Instagram, and many more
• OAuth2 and Google OAuth Playground
• Understanding OAuth2 and Building a Basic Authorization Server of Your Own: A Beginner’s Guide