Understanding APIs and RESTful APIs Crash Course | Kalob Taulien | Skillshare

Understanding APIs and RESTful APIs Crash Course

Kalob Taulien, Web Development Teacher

Play Speed
  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x
18 Lessons (43m)
    • 1. Introduction

      0:38
    • 2. What is an API

      1:00
    • 3. The Metaphor

      2:51
    • 4. APis in Real Life

      2:39
    • 5. What Programming Languages Can We Use?

      1:16
    • 6. Introduction To Restful APIs

      0:57
    • 7. Introduction to JSON

      2:08
    • 8. Real Life Example with JavaScript

      4:10
    • 9. GET Requests

      3:25
    • 10. POST Requests

      2:48
    • 11. DELETE Requests

      2:19
    • 12. PUT & PATCH Requests

      4:10
    • 13. Consuming APIs

      2:22
    • 14. Requests and Responses

      1:34
    • 15. Common HTTP Status Codes

      5:35
    • 16. API Security

      0:53
    • 17. Course Summary

      1:58
    • 18. Questions, Feedback and Support

      1:51
26 students are watching this class

About This Class

In this course you will learn about APIs and RESTful APIs, and how they work.

There is no coding in this course.

By the end of this course you will completely understand how APIs work, and how computers talk to each other. You'll also be familiar with RESTful APIs.

You don't need to be a coder to understand APIs and how they work. I'll be using a real life example of a restaurant to demonstrate how requests work. 

The goal of this course is to help you understand APIs and RESTful APIs without needing to write any code. So next time someone says "API" you will know exactly what they are talking about (and you'll also know it's not really that technical or fancy, but that'll be our secret ;)

Here are the slides:

Resources mentioned in this course:

dd34cb5f

Transcripts

1. Introduction: hello and welcome to a course on learning AP eyes. In this course, we're going to learn all about AP eyes and rest ful ap eyes and how they work behind the scenes. You're going to learn Ah, lot in here. But one of things you're not going to learn is how to build an A p I. So if you're looking at how to create an A P I maybe from scratch or how to implement one, this is not that course. We're simply going to learn the concepts of an A P I and how they work and why they're important. So if that sounds like something you're completely interested in, please feel free to watch the rest of this course, and I look forward to working with you. 2. What is an API: Hello and welcome to understanding AP Eyes. This is a course where we're going to learn all about AP ice. So the first thing we need to know is what is an A P I well, and a P I is an application programming interface. It's not actually a visual interface like what you see in front of you. No, it's nothing like that. It is a programming interface. So it is. I mean, it's sort of visual. If you were a computer, it would seem visual, but we're not, so we can't see it and it just looks like a wall of code. But essentially all it is is one computer talking to another. That's it. It's very, very simple. And it doesn't matter what programming language you're using. You can use JavaScript, python, PHP, Java, ruby. Any variation of see basically any language that supports Internet communication will support AP eyes and rest ful AP eyes, and there is a difference. We'll talk about those in just a little bit 3. The Metaphor: so there are many different forms of a P I. But rest ful AP eyes are the most common AP I these days, and that's the A P I that we're going to be talking about, primarily because rest ful AP eyes are so popular, and I mean there's a reason there's so popular, so simple, and that's what we're going to be learning about in this course. So I'm going to be using an analogy. I'm going to be using the analogy of a restaurant and you're going to have you. You're going to have a waiter and you're going to have a chef in your kitchen. So you're going to have three primary people in this scenario, and this is going to span the entire course. So it's good to be familiar with a restaurant analogy, so you can think of your A P I as sort of like your waiter. Your waiter is your messenger, so your waiter comes up to you and says, Good evening, sir. What can I get for you? And you say I would like your finest pizza? I don't know why it's not like Marvin the Martian, but I guess that's my voice as a pizza order. And then basically, your waiter says, Yeah, OK, I will get you that pizza and I will just basically go until that guy just over there he's a guy who's gonna make you your pizza. He's the chef. I'm gonna I'm gonna take your request and I'm gonna give it to him. He's gonna do really all the magic behind the scenes, and I'm just going to be the person who helps you out with the different requests. So you order a pizza and your messenger. Your waiter goes to the kitchen and says, Hey, Tony, we have a customer at table Number one who wants a pizza, and the chef starts making you a pizza. And when it's done, your waiter than brings food to you in the form of pizza, and you get to consume that pizza in any way, shape or form. We want to use your hands. You want to use utensils. Maybe you just want to really put your head right into the pizza and your smear your face around in. It doesn't matter. It's up to you. You got the pizza. You paid for it. It's yours. It is really that simple. So when people talk about AP eyes, don't get overwhelmed. Don't. I don't think that it's this huge thing on the Internet that's really, really hard to understand, because really, all in a p I is is the ability for one computer or one software to talk to another computer ? Because, really, all it is is the ability for one software over here to talk to another software over here. Or maybe it's two different computers over an Ethernet connection. Maybe it's two computers over a cable connection Internet connection. Who knows its two systems of some variety Talking to each other, that's all it is, is no different than me picking up the phone calling you, you picking up your phone and us having a conversation. That's it. That's it. That's all it is. 4. APis in Real Life: now restaurant AP. Eyes are a type of a P I, and they're meant to be incredibly simple. So let's take a riel life example of what an A p. I looks like So this is a site that uses an E p i to collect flight prices from different websites. So we're going to be using a service called Sky Scanner. This is a real service. Unfortunately, no, they did not pay me to use their name. Sky scanner is one website. You go there, you type in your destination, your departure time, your arrival time. It will take all of your data. Bundle it up and it will say, Go out my minions and find all these different data and basically is gonna take your data. Send it off in 30 different directions and it's going to ask airline websites for their data. Now, Sky scanner does not hold all of this data internally. It would be pretty impossible for them to constantly update all of their systems. Well, maybe not impossible, but definitely not worth their effort. All they want to do is create a nice single list for, you know. 12345 Your top five choices for flights based on convenience. Maybe, maybe based on price. Maybe you want the cheapest possible flight, Who knows? But Sky scanner is going to get all these different connections and put them all in one place for you. So basically, sky scanner sends out a request to all these different computers, and you can see here they are these different computers outside of our sky scanner website . And basically, this is an A P. I request Sky scanner is going to every single one. It says I need a response from here. I have want the data from here. I want flight prices from here and here and here and here and here and so on and so on. So once it makes that request to all these different servers, it waits a little bit. Waits for all these different servers to basically say Yep. Here's my data, and here's my data and here's my data. Then here's my dance, and it just waits for all of them to come back and then gives you a nice list. And in that list, it looks like Sky scanner is doing all the work. But really Sky Sander just sent off data to all these different services and the services came back with data and sky scanner simply presented it to you. That's all it did. That's the power of an A P I. Now that's a fairly extreme example, because that is a one to many that is one service using many different AP eyes and bringing them all together under one house or a lot of AP eyes or the other way where, for example, you may have one of these computer nodes. Maybe this is Eircom Hnida, and you have sky scanner and kayak and all these other different services accessing their data. So now all of a sudden you have this massive network of computers all talking to each other . 5. What Programming Languages Can We Use?: so computers use AP eyes to talk to each other over the Internet. Now that's somewhat factually incorrect. It doesn't have to be over the Internet. They can talk to each other over different services. Different Softwares. It can be. Basically, you plug your Mac book into your Windows computer, and if there's a software in the middle that can conjoined them, that might be considered a P. I not considered a rest ful AP I. But that would be considered some sort of a P I integration or interface. So let's take a look at what programming languages we can use. So we see this image here and says, PHP C plus plus JavaScript, Ruby python. You can put in, you know, Java if you wanted to. You put in all sorts of different languages. There is one bad guy in here who doesn't belong. That guy right there. Html does not belong. No, html does not belong because it is a mark up. It is not a proper language. All it does is make your website look nice. It does nothing else. So just as a quick little list here are some of the language is most popular languages in the world that we can use for AP eyes basically any sort of language you can use to make a website you can use for AP eyes python, JavaScript, PHP Java, sea ruby, etcetera, etcetera. If you're making a website with it, maybe it's dot net. You can use a P I. 6. Introduction To Restful APIs: So let's take a look at what a rest ful a p I is. Rest is a type of a P I. And it stands for representational state transfer, which sounds overly complicated because that's what us people in computer engineering computer science do. We make things sound harder than they actually are. But simply put is a client computer, so I should explain this one. A client computer is any computer that is making a request to the server. So if you're sitting at your restaurant table and your waiter is way over there, you are the clients and your waiter and the chef would be, well, actually just the chef. Really. The chef would be your server or the computer that you're asking data from now. Simply put, and a P I is a client computer asking another computer for data, or maybe to take a particular action to modify data, delete data, create data, something like that 7. Introduction to JSON: So let's take a look at Swabey. The Star Wars, a p I. So I just loaded up my browser here. I'm at swampy dot CEO, and all this is is a free Star Wars. AP I where you can get all sorts of Star Wars data for free now in a p. I request how well this is what this is where we're going to learn the basics of an A P. I request. So if I scroll down here, we have swap edotco slash AP I. And it just says people slash one or planet slash three year starship slash nine. And on the surface, that makes no sense. But let's dig into this a little bit. So if I click the click planets slash three and it's going to make an A P, I request to this particular service. So it's saying, Hey, waiter, I would like to see Planet number three. The waiter is then going to say OK, I will get you a menu of all the planets. Specifically, he opens it up for you and says, Here is number three. Turns out that number three is yehven for its climate. Tim, it's temperate. Its tropical diameter. I'm not even sure what 10,200 is meters plumbers. Who knows? Um, the date that it was created, its actual your Ella's. Well, we could do the same thing with starship Starship number nine. Let's ask what that is. We say, Hey, mister waiter. In this case, it is Swabey dot ceo. We want to say, Hey, swampy, what is starship number nine? So your waiter says, Okay, let me get you the menu for all the different starships, brings it to you, opens it up and says number nine is the death star. And so, generally an A p. I will then spit out a bunch of data that looks like this. Now, if you're not familiar with this, that's OK. This is called JavaScript object notation or Jason for short. And what Jason is is a structured key value pair. So you have a key here. The name is the death star. The model of the Death Star is the DS one orbital battle station, the Starship classes, a deep space mobile battle station. And basically, when you make a request to a service like this, it's just going to give you all of this data in here, and you can do whatever you like with it. 8. Real Life Example with JavaScript: Now let's take a look at a real example. So I'm going to inspect my element. Hit the consul. Let's make that just a wee bit bigger and I already have this in my clipboard. This is just a javascript example of using the Fetch a p I where I'm going to simply go to swap edotco slash ap I slash people. This is then going to basically say this is a Jason response to make sure it's Jason and Console log. Whatever the responses. Now, if you don't write to JavaScript, that's OK. You can do this and basically any language. It's gonna look a little bit different. Your syntax, your functions are going to be called different things, but basically this is that this is the simplest form. So let's go ahead and hit Enter. So it created a JavaScript promise and returned an object. Now this object has account of 87. There's a next year l. So there's more than one page. That's pretty cool, and not all AP eyes will give you a next or previous or account, but this particular one does. And in here there are 10 results. So of these people we have Luke Skywalker's number one. Let's just close that we have Luke Skywalker's number one C three v O. R. Two D two. Darth Vader. Leia. Oh, in ah, a bunch of other people in there. Okay, so we have a bunch of other people now. We said specifically to go to swap edotco slash ap. I stash people. Well, we're not. There were at starships slash nine. So let's go ahead and type in a p I slash people. And because we didn't give it and eggs an exact person and I'm gonna put that example back in there cause that went away because we didn't say we want person number one. We want person number five. We just want all the people is going to give us a list of all the people so we can see here . Luke Skywalker is number one. C three po is number two, and that's going to match our JavaScript object notation down here. In our results, where are you? Let me just make that a little bit bigger. Do to do to do. Where is your name? Luke Skywalker. There you are. Key. His name value is Luke Skywalker, and that's number one. So if I scroll appear to number one key, his name value is Luke Skywalker. And so this is the exact same is saying, Excuse me, Mr Waiter, can I get the menu? And if you know if you're at a place that has a really large menu and maybe you just want a particulate menu because they have different types of menu. So the waiter says, Yeah, why can get you a menu? And you can see everything on it. But we also have a more specialized menu for just spaghetti ease. So maybe you want to see just spaghetti Zor. In this case, you just want to see a particulate her person. So let's go ahead and type swampy dot ceo of Slash AP I slash people and was put in a random number. We know that there's 87 in their total count of 87. So let's see who number 83 is. Number three is Tian. I have no idea if I'm saying that right? That's who this is. Eye color is black. He's in film number six. Whatever film that is, we could click this your own. We can see it and the film is revenge of the CIF And so really, this is just a get request. Now we're gonna talk more about get requests and how these actually work. But basically, what you need to know is the standard rest ful a p I will return a response that looks something like this This javascript object notation and this JavaScript object notation is pretty standard across most rest ful ap eyes. But it's also standard across pretty much every programming language. So Hello, Jason. Welcome to our world again. You were called javascript object notation. Now again, most languages have a data structure that looks something like javascript object notation. We have objects and you have a raise and is a key value pair. They look very, very similar across most languages. So one day some guy said JavaScript object notation should be a standard. So he made a Web sites and the Internet said, Wow, this is good. Okay, we agree And boom. Just like that. Jason was born 9. GET Requests: Now let's talk about http requests. We've already looked at a lot of get requests, and that's the 1st 1 we're going to explore here. So let's take a look at how they work, sort of behind the scenes using our restaurant metaphor. A get request is you know, when you go onto your laptop or your phone and you type in www dot facebook dot com and your browser is basically saying, OK, well, I know you want to get data. You're not asking to send a request. Teoh, change your profile data or anything like that. You're simply saying I just want to see facebook dot com. So your browser is your waiter, and you say, Excuse me, mister Waiter, I would like to see facebook dot com the waiter, Your browser goes over there. Talk to your chef in your chef in this case is Facebook. And your waiter says, Excuse me, Mr Chef Facebook. This person over here at table number one would like to see whatever you have. And the chef in the basic get request example basically says yes. Okay, I will make I will make user at table number one The finest plate of HTML, CSS and JavaScript. And so it does a bunch of tinkering over there and comes back and then says, Waiter, browser, your response. Your meal is done and the waiter then brings it back to you Over here, your browser. Your waiter will then make a nice sort of presentation. Out of all the HTML CSS and JavaScript. You know, we get requests. Really? Is you saying to another computer, Hey, excuse me, I would like Teoh make a request to see some more data. I don't want to see data. I don't want to do anything to it. I just want to see it now again. You're not asking the server to update or deletes or create any sort of resources or update your profile or anything like that. You just simply want to load the page first. You want to load the website, and this is the most common request type. It's actually so common. There's probably trillions of get requests per day. In fact, you actually probably made I'm just guessing, but probably 15 or more get requests. Just a watch this video. Now, if you're watching a video on YouTube with that adaptive bit rate where, you know, sometimes your quality gets really good or really bad. Like what Netflix does. You're making get requests every 15 seconds or more. And so you have all these get requests all the time. You don't even know they're happening. Now, let's make a table. We have a table called http methods for rest ful requests. And on the left, we have http methods. And in the center, we have crowed operations. That is your create, read, update and delete operations. And on the right, we have example you URLs. So on the left, we have our get request. That's what we're talking about. And it's crowd operation is read. All it does is read. It's the exact same thing is saying, Excuse me. Waiter, Can I see your menu? Waiter comes up to you, says boom. Here's your menu. Feel free to look at it now. An example. Your URL is, for example, website dot com slash ap I slash users. And if you go here is going to list you all the users. This is called a list view, and if you just want to see a particular user, maybe user number one, because we're sitting at table number one, you would type in slash AP i slash user slash one, and that will tell the A P I. I want not just all the users. I want one particular user and that's it. 10. POST Requests: Okay, let's take a look at Post requests. How do post requests work? What are they? Let's dive into this. And after this example, this is really going to start making a lot more sense to you. I think so. A post request does not go through the u. R L. It's not a Standard UL, but it does take A UL as an end point. That in itself is confusing. Now. What I mean by that is you cannot go to post dot facebook dot com and just make a new post . It doesn't work that way. You still have to go to www dot facebook dot com and then behind the scenes you can make a post request and post request. Does not go through your your El bar so you can't access it through a standard browser. You are l. You can't just type it in. You actually need some code to do this. But really a post request. All it's doing is saying, Hey, I would like to make a brand new resource, and ideally, it will return all of the sort of unique identify IRS for that resource. So then you can perform a get request. An example of this is when you want to create a brand new user. Maybe you're signing up for Facebook. You want to create a new user. So you put in your first name, your last name, your email address, your date of birth and password and you hit Submit, and that goes off to Facebook. Facebook says Yes, that is a post request. I'm going to create a brand new user, and with that brand new user boom, everything is good. I'm then going to give you a user I d. Now when we add this to our table, the post request is the create method in our crowd operation, and an example of this is using it on the entire resource itself. So you would not do a post request on website dot com slash ap I slash Use of slash one. Because you would be trying to create a user on user one. Users don't typically have sub users. In this example, you would be using just that. Users that would be your end. Point your resource. You are l. Your you are I. Sometimes it's called and you're going to create a new user and basically added to the list of users now in our restaurant metaphor, the Post request is basically excuse me. Waiter. I would like to see the menu. He brings you your menu. You take a look out and you say, I want the pizza. And so you say, Excuse me. Waiter. Hi. Yep. Could I order the pizza? And he says, Absolutely. You can order the pizza. He takes your requests. He sends it over to that guy over there. He's the chef. The chef then says, OK, I acknowledge that this person wants a pizza. I will make a pizza. 20 minutes later, there's a pizza made and he sends it back to the messenger. The messenger then says, Thank you, Chef, for making me the pizza. I will deliver it to the user to the person sitting at the table. Basically, the chef created something for you. You made a post request to the chef. That's a good way of thinking about it. 11. DELETE Requests: Okey dokey. Let's take a look at delete requests. You have an idea of what get and post requests are delete is that's ah pretty well named request. What else is it going to possibly dio? So a delete request again does not go through the u R l So you can't type. Deletes dot facebook dot com and assume Facebook is deleted. Doesn't work that way. You have to use some code and you have to give it a specific end point. And what this is doing is you're saying computer over here, make a delete request a computer over here and all I want to do is delete a resource, and that's all it does. So maybe you want to delete a particular user. Maybe you want to delete a credit card off of your Amazon account. Maybe you want to delete an image off of Facebook Gallery. Or maybe you want to delete a tweet or an instagram post. Who knows what you want to delete. But that is the request that you would use. The request method would be delete. Now use with caution when you're implementing an A P I. If you allow people to delete entire lists. That could be bad. So if someone said, Yeah, I want to go to website dot com slash ap I slash users with a delete request method that could possibly delete all of your users, and you might not get that back. So use delete with caution on Lee ever implemented when you need to implement it. Now let's add deletes to our table at the bottom. Here we have delete is crude method is delete and to delete you would give it a specific end point. So don't give it a listing your Al Cy, such as slash users. You want to give it a specific your else, such as user number one. If you wanted to delete user number one now in our ongoing restaurant example, what this sort of translates into is when you're done eating, your waiter will then bring you the bill and you look at your bill and you open it up and you Yep, that's mine. That's mine. That's mine. All the prices look right. But then you get to this one down here and you say, Oh, I was charged twice for the pizza, and I should only have been charged once. I only ordered the one pizza. Why me? Why am I being charged twice? So you say. Excuse me, mister Waiter. Yeah. There's something wrong on my bill. I was I was only eating the one pizza, but I was charged twice. So the waiter then says, Ok, I will put in a delete request to delete that one line. So you're only charged the one pizza. 12. PUT & PATCH Requests: All right, let's take a look at put and patch requests. How do these work? These are the last ones we're going to take a look at in this course, and they are somewhat similar, and they're sort of bundled together for a reason. So a patch request again does not go through the u. R L so patch dot google dot com is not going to give Google and I patch or do anything. All a Patrick West does is it asks another computer or another piece of software to update a piece of a resource, not the entire thing. So don't update the entire user account. Just update may be the first name. Now there's a caveat with this one. The caveat is that not all browser support pat requests and not all frameworks support patch requests. For example, Internet Explorer seven would not support pat requests and jangle framework. A python based framework does not support patch requests as far as I know. So instead you would use a put request, which we're going to talk about in just a moment now. In our analogy, where were sort of working with the bill at the end of our meal. This is sort of like getting your bill. You open it up, you look down. You say you've got a drink. You got a salad, You had a pizza. And you are miss charged for your pizza. It's the right pizza. You got your whatever type of pizza you like to eat. But instead of being charged $14 you're charged 15 95. Don't know why, but you just want to update a little piece of that resource. You don't want to get rid of the pizza line in your receipts are in your bill at all. You want to just get rid of that one price and update it? So you would say Excuse me, mister Waiter. Yet this price is not right. The pizza is right. That's exactly what I got. But the price just isn't quite right. Could you update that for me? And so that's like updating a small piece of your bill. Now you're put request does not go through the standard your l and you cannot go to put dot facebook dot com. It doesn't work like like that. The only one that does work like that is your get requests And you don't put guest dot facebook dot com. You just type in your your on your browser assumes it's a get request. Now, a put request is going to ask a computer to update an entire resource. Now, going back to our bill analogy, we take a look at her bill, Let her check, and we have our drink. We have a salad and we have a steak on there, but we didn't order a steak, so something got messed up somewhere. And we need to completely update that resource. That steak needs to actually be a pizza on that pizza needs to cost $14. So we say, Excuse me, mister Waiter, can you go tell whoever you need to tell that this is actually wrong? We didn't order a steak. We ordered a pizza and the waiter says, Yep. Okay, that makes total sense. I am going to update that for you, and then he comes back and you look at your bill and everything's right. There's a pizza on there for $14 there's no steak. You've updated an entire resource now some AP eyes, and this is sort of a caveat. But some AP eyes. If a resource does not exist in a put request, it will make it exists. So it's sort of like sending a post request as well. Sort of. Ah, two and one kind of deal here. Not all AP eyes do this, but some of them will now taking a look at our table here we have put and we have patch. Now put is basically your update and replace and patches like a partial update. Partial replace. But because patches often not supported in a lot of different areas, we'd sort of just rely on put instead. Although if you do see patch, don't be freaked out. It is okay and you put a resource or to update or to replace a resource, you give it a specific girl, not a listing. You are elsewhere, not just last. Users. If you want to update, it would be slash user slash one to update a user. And if you're using a patch, it might even be more specific. You might have an end point that looks like website dot com slash ap I slash user slash one slash first name and that's all you do is you just update the first name. Now I've got a note down here that says you can find more details at rest ful ap i dot net slash http dash methods I'll give you that link at the end of this course as well. 13. Consuming APIs: Okay, let's take a look at consuming AP eyes now on a P, I could be written in almost any server side language. It doesn't really matter what the languages they can be written in any language. As long as that language can accept http Protocol requests. So get put posts patch delete anything like that, and a P eyes will generally return one of two data structures either Jason or XML. Now, we've already seen Jason and we can see it here on the left where we have key value pairs. So we've got a key on the left and of value on the right. And in the right side of this slide, we can see an XML example, and basically, it'll give you the exact same stuff. It just looks different. XML sort of the old way of doing it has a larger payload. Not that it really matters with fast Internet speeds these days, but Jason is a little bit more verbose. It looks a little more lightweight. The nice thing about XML, though, is it does come with a contract, and a contract generally means that nested second field, for example, should always be an integer and in Jason, you don't really get that in Jason Key. Val example. Well, right now it's value. So that's a string in programming languages. But maybe it's supposed to be a number may be supposed to be an integer. Maybe it supposed to be true or false, those air different things to programming languages, and there's no way to really make sure that it is what it is. And so X XML comes with this idea of contracts, and Jason does not. So Jason is a little more lightweight now. Maybe I can be consumed in just about any language asl, long as it's a proper Web language that's, you know, somewhat Web enabled. But largely you're going to be using JavaScript on the browser side for front end requests . Like what we did in our example with the swap Edotco, a P I and servers can use pretty much any language that run on a computer because while it's like python talking to a python server or Javad talking to a python server or python talking to, I don't know a C server, it doesn't really matter as long as they can spit out some sort of language that's in the middle, and for us, that's Jason. Jason is that nice middle ground. So it doesn't matter if you're writing python or JavaScript or Java or C or anything like that. All that matters is that whatever is returned to you is readable in your programming language. 14. Requests and Responses: Okay, so let's take a look at some common AP I responses. What are they? Before we do that, let's take a look at requests and responses. I keep saying requests and responses, and by now, if you haven't decided to just go off and google it on your own will tell you exactly what they are. So a request is like when you say, Hey, mister Waiter. Sorry. Can I have your attention real quick? I need something that's a request. You're requesting something from him and a responses like Hey, mister Waiter, I would like to order a pizza. The waiter goes to that guy over there, goes to the chef, and the chef says, Yes, I will make you a pizza. Wait a couple minutes and I will make it for you. And you can send it off to the to the customer. So the chef makes a pizza and says ding, waiter, this is done. The waiter then comes and brings it to you. That is a response. The chef has responded to your request with a pizza. Now all requests come in the form of either get put post patch or delete. There are a few other ones that we're not going to cover. But these are the main five. Almost made four. Really? If we don't really include patch because it's not totally supported, So those are the main ones you're generally going to run into. And the server response is going to give you some sort of http status code, and that brings us to http status codes. So this is basically what the server is going to tell you. It's a number, and this number is going to tell you if something is right or wrong and sort of give you an idea of what is right or what is wrong. 15. Common HTTP Status Codes: So let's look at some common http. Status codes, a healthy responses in the 200 range. So we typically have three of them that we deal with. We have a 200. Okay. That basically means your request was good. Everything looks fine. And you have data returned. A to a one is a created request. Now, this generally comes back from a post request. And that's the server saying, yes, everything was good, and we also made the resource for you. So here's a two. Will one and a 202 means it was accepted, but the servers busy. So this is sort of like saying, Excuse me, waiter, I would like to order your waiter than takes. Your order goes to the kitchen, the chef says, Oh, I'm really sorry. I'm really backed up. I have three meals I gotta make before this one. Right now. This is number four. So once I get through the 1st 3 you're number four. But could you just tell? Could you tell the customer that's gonna be a couple minutes and maybe send my apologies. And so this is a 202 accepted. This is your waiter saying Yep, your request was accepted, but your food is gonna take a little bit of time to get to you. Next, we have redirect responses. This is the 300 Siri's again. There are a ton of these, but the most common to you will run into our 301 and 302301 is moved permanently. This is basically when you try to access an end point and it's gone, is gone is moved to a different place. And maybe that redirect happens for you. Or maybe you get a different error. That basically says, You know, there's a 301 in here and the text responses, you know, the endpoint has moved to somewhere else and a 302 is found. That means the end point that you're accessing is temporarily moved to somewhere else. So it does exist. But it's sort of like when you're driving somewhere and there's a lot of construction and the road is actually closed, so you sort of have to just go around. Next we have a 400 response. Actually, I've got a whole series of these again. There's a lot more of these, but These are the most common five. The 1st 1 is a 400 requests. Now these are client responses. This means that something on your end is not right. And the server is telling you that something on your end is not right. So the server in a 400 response cannot or will not process your request. Maybe you have bad a p I keys. Maybe it thinks that something is wrong. Maybe for whatever reason, interest thinks that the text that you sent isn't right. Maybe of a typo in there, who knows. But it's saying that there's something wrong in there. A 401 for a one is unauthorized. Now, this is basically saying and this is the most common situation when you get for a one basically saying you're not allowed to be here. So it's like you going directly into the kitchen and asking the chef to make you a pizza when you should be going through your waiter. You're not allowed to be there. You don't have the right credentials. So you have to go through the right channels. Ah, for 03 Forbidden basically means the server understands you request. But it's not going to execute it. Uh, basically your A P I keys probably don't have the right permissions associated with it. Or in our restaurant analogy, that's like going directly to the kitchen again and the chef just being like, No, you can't be here. I can't talk to you. You're not allowed to be here. This area is forbidden to customers. Get out. You have to go through someone else. A 404 is basically there's nothing there, nothing there at all. So you probably have a typo in an endpoint. Or maybe they move something and didn't tell you 44 And our analogy is like growing up to the kitchen and realizing that there's nothing that is just an empty room. There's no kitchen stuff in there at all. It's just a door that looks like there could be a kitchen in there. But there is no there's nothing. Ah, and a 405 is method not allowed? Now this is a very common one as well, where maybe you're trying to do a post request. So let's say you want to get details about a particular user and you copy and paste some code, and it was working before. But now it's not, and that's because you're using a post request. But you just actually want to get data. You know, it's sending data to the server. You're not asking it to update. All you're doing is saying I just want to see some data, but you accidentally send a post request 405 Method not allowed, is saying, Oh, you have the right endpoints. Things look like they could be right, but you didn't send the right request type, so maybe change it from posts to get door. Change it from put delete. I don't know what is going to be. It depends on your end point, but basically it's saying your request method is incorrect. Lastly, we have server responses. These are your 500 statuses, and actually there's really only one that you'll generally run into. And this one is an internal server error, and this is the only one where, if you ever get this, this is not on you. If you don't control the server, there's nothing you can do about it. So if you get a 500 satis from Facebook or Google or Twitter, Instagram anyone else that means something on their end is wrong. You didn't do anything to break it. They did, and there's nothing you can do about it. This is probably the worst one because you are absolutely out of control. Now, just for fun. At the end of the status code lesson, I would like you at the end of this video to basically just hop on the Google and type in what is a 418 http Status response. You're a status code. I think you're going to like it. This one gives me a little bit of a chuckle. I don't know why it's there, to be honest, but the Internet is full of fun. Little Easter eggs like this, and I think you're going to get a little bit of a chuckle from it as well. Once you're done, that had on over. It's not next Last night meet you over there 16. API Security: Okay. Lastly, let's talk about a P I. Security. A p I keys are basically your passwords. It's like logging into a website with your user name or your email address and your password. A P I keys are your authentication credentials. Basically, every website requires a P I keys and Facebook's graph a p. I is a good example. So if you were to go to graft dot facebook dot com slash coating for everybody, you will see something like this where it says an access token is required to request this resource. We haven't talked about access tokens, but an access token is generally created with an A p I. He. So it's like an A P I key for an A P I key along without, If we look at the bottom here, we can see that the status code is a 400. It's a bad request. It means there's something missing now. Not all services will give you a 400. Facebook gives you a 400 but some other services might give you a 403 or a four old five status. If you don't remember what those are, quickly hop on the Google. Just type in what is a 403 or what is a 405 17. Course Summary: and lastly, we have a summary so things to think about. When you are talking about a P. I think of your waiter as your a P I. Your your waiter will take your requests, sent it off to the chef. The chef will then say Yep, I acknowledge, right? Don't acknowledge. And eventually he will make you a meal and you will be able to consume that meal just like that. Another good example is our skylines. So we have this website called Sky Scanner uses several different AP eyes, brings them all together and says, Hey, you can type in your departure date, your arrival date and your destination, and we will send that information up. We'll bundle it up and we'll send it off and 30 different locations. And then those locations say Yep, got answer here, gotten hands here, brings it all together, and then you just see a nice list of everything you want to see you so you don't have to do all the hunting. That is a really life AP I example. We have http methods were rest ful requests We have get put post delete and patch. I did not read those in order, but they're in this table. They basically map to your crowd operations. And we have some example you or else here. And you will be able to see these when you download these slides. Most AP eyes air secured with an A P I key. This is actually pretty common. It's very uncommon to find an A p I without an a P I key. This is done for several reasons to make sure you are who you are. Maybe you're stealing data and it breaks the terms of service. Maybe they just need a P I keys to prevent people from D. Dawson that website, so there's not a denial of service attack against them. Lastly, we have some free resources rest ful ap i dot net slash http dash methods and http status is dot com and swap edotco. And lastly, I would like to give a big shout out to freak pick dot com for giving me all the cool graphics. I am not a graphic designer, but they gave me some pretty good inspiration for creating somewhat interesting sides. So thank you for that 18. Questions, Feedback and Support: If you have any questions about this course or you have any ideas or feedback, definitely leave them down below. And I would also like to mention one more thing. If you are interested in this, that's only if there's no pressure for this. I have a Facebook group called Learning to Code. You can type type into the Facebook search bar, learning to code filtered out by groups, and you'll see my group in there. It's got about 21,000 users in it right now. It is a big group. It's growing really rapidly, and it is a developer support group, so we're not selling you anything. We're not trying to upgrade you cross promote. Any of that stuff were just simply here to answer questions. And again, there's about 21,000 of us. So if you're interested in that, I would invite you to type in, learn to code on Facebook and come join our group. Last but not least, my name is Caleb Tully, and you can find me on these social media's at Caleb Tallinn. That's my Twitter account. That's where I'm most active, although sometimes it doesn't look like I'm super active. I am actually active on there. So feel free to follow me on their starting conversations. Come say hi. I would love to say hi to you and just one more time. If you do have questions, comments, concerns or ideas, I love ideas. Or maybe feedback about my performance. Maybe I talk too fast. Maybe you didn't like that. Definitely leave it down below. I would love to hear it. It's how I make my video is better. And without your feedback I can't really improve. My video is too much. So please leave feedback, ideas, suggestions. I'm here to answer anything that comes to your mind. I hope this really clears up. What in a P I is how it works. Rest ful AP eyes, all that stuff. And now you know it's not complicated, not complicated all. Just think of computers in people scenarios like when you're ordering food from a restaurant. Thanks for tuning in and I will see you hopefully in another course