API Glossary

API

"API" is an acronym for Application Programming Interface. It is a name used to refer to a special framework some web applications or services provide which allows a user to connect to the system and perform some number of discrete actions such as running functions, requesting data, or updating information.

Action

An "action" is the part of an API's URL "anatomy" that describes or names a function that is available for a user to invoke.

API Key

An authorization code passed in to an API request via a header or parameter to identify the requester.

Authentication

Identifying the user of the API. Common techniques for authentication include API Keys and OAuth.

Base URL

The base URL or base location is the consistent part of a URL. Most programs or applications allow you to specify a base URL to use for all relative URLs to construct an absolute URL.

Cache

A collection of responses that are reused by the client to improve performance.

Call

Another name for a "request" or a communication sent by a user to the API, in the form of a URL string, which invokes a specific action on one particular endpoint, and may also include additional parameters or values.

Client

The initiating party that sends an API request. Often times there will be many clients consuming the same API.

DELETE

One of the four most common HTTP methods, typically used for removing records from a system.

Encryption

The act of converting of obfuscating the original representation of something using an algorithm or sequence of steps that change the representation into something else entirely. Encryption may be one-way (meaning that once applied, it cannot be undone) or two-way (meaning that once applied, it can be undone).

Endpoint

Part of an API's URL "anatomy" that describes or names the domain of objects or functions that can be manipulated or invoked by calling specific actions available under the endpoint.

Expires

A header that tells the client it may cache a response until a certain time.

Exponential Backoff

An algorithm that uses a pre-defined process to gradually, multiplicatively decrease the rate of a given operation to find a more acceptable rate.

GET

One of the four most common HTTP methods, typically used for retrieving or querying records from a system.

Hash

A single value (i.e., string, number, etc.) or potentially a combined/concatenated set of values that have been encrypted.

Host

Header containing the domain name of the request URL.

HTTP

An acronym for Hyper-Text Transport Protocol. It is one of the key architectural components behind how web-based content on the internet is accessed through web browsers.

HTTPS

An acronym for Hyper-Text Transport Protocol Secure. It is the same in principle and function as HTTP, but exists when data transmitted via HTTP is encrypted before it is sent between two communicating entities (i.e., a user requesting information from a web server).

JSON

An acronym for JavaScript Object Notation. It is a format for information, based on the JavaScript language, that is intended for consumption by a programmed function.

Latency

The time it takes for the API request to go from the request to the response.

Media Type

Identifier used to indicate the type of data that a file contains.

Method

HTTP provides support for several methods which each describe a type of result a user might want to achieve through a given communication with a web server or API. The four most common methods are: GET (for retrieving data), PUT (for inserting data), POST (for updating data), and DELETE (for removing data).

OAuth

Open standard authorization framework. Grants access on behalf of an end-user without directly sharing credentials.

Parameter

A parameter is like a variable added to an API request that provides additional information, instruction, or the necessary value the target action is supposed to utilize.

POST

One of the four most common HTTP methods, typically used for updating existing records in a system.

Protocol

A defined way of transferring data between peers.

Proxy

An intermediary for requests from clients and servers providing resources.

Public/Private Key Encryption

Public/private key encryption is a form of encryption whereby a value (i.e., string, number, record of information, etc.) someone wishes to allow others to prove the authenticity of (i.e., proving it came from the original person) is encrypted using a one-way hashing algorithm. This hash is created using a non-secret value (the public key) as well as a second secret value (the private key) which is known only to the party encrypting the information and given to any party who wishes to validate the authenticity of the information. The receiving party will get a copy of the original data and the public key. If this party also knows the private key, they will be able to re-create the hash value thereby proving it is authentic.

PUT

One of the four most common HTTP methods, typically used for inserting or creating records into a system.

Rate Limiting

Limiting the consumption of an API to a certain number of requests per period of time.

Representation

Data that describes the state of a resource. Often the body of an HTTP request/response.

Resource

A name for the combination of an endpoint and action in an API's URL anatomy.

Response

The data that an API sends back to a client after it is called. The format of an API response is usually XML or JSON.

REST

An acronym for Representational State Transfer. It is a form of software architecture that is primarily used for web service design. The World Wide Web (WWW) is itself based on REST.

Request

The call or a communication sent by a client to an API, in the form of a URL string, which invokes a specific action on one particular endpoint, and may also include additional parameters or values.

Server

Software or hardware that provides a service by responding to requests across a network.

SOAP

An acronym for Simple Object Access Protocol. It is a form of software architecture used for web service design, like REST.

Status Code

HTTP response status codes are what the server sends in the response back to the client with regards to the status of the request.

Test Case

A set of conditions or variables under which a tester will determine whether an application or software system is working correctly or not.

URL

An acronym for Uniform Resource Locator. The URL is the unique address for any object or function that can be accessed or invoked on the web.

Use Case

A description of a particular use of the system by an actor or user. It is used widely in developing tests at system or acceptance level. Use case testing is a technique that helps identify test cases that cover the entire system on a transaction by transaction basis from start to the finishing point.

User-Agent

A header which lets the server know what kind of software is making the request. It contains information about the user agent originating the request. This header should be used for statistical purposes or automated user agent recognition to handle the particular software limitations.

Web Service

Web Service is a more generic name than API for referring to a special framework some web applications provide which allows a user to connect to the system and perform some number of discrete actions such as running functions, requesting data, or updating information.

XML

An acronym for Extensible Markup Language. It is a language used for providing information as well as describing that information, such that programs can interpret data without really understanding the data itself.