What Is an API?
HTTP, JSON, endpoints, auth keys — the vocabulary.
Learning objectives
- Define API in plain language
- Read HTTP method, URL, headers, and JSON body
- Explain API keys and why they must stay secret
API = a contract for machines
An Application Programming Interface (API) is a documented way for one program to ask another for data or action. Your browser uses HTTP to load pages; scripts use the same protocol to call APIs.
Your script, Zapier, or mobile app
Method + URL + headers + optional JSON body
Validates auth, runs logic, returns JSON
HTTP methods you will see
| Method | Typical use | Example |
|---|---|---|
GET | Read data | Fetch DNS records |
POST | Create or run action | Send chat message to LLM |
PUT / PATCH | Update | Change A record |
DELETE | Remove | Delete subdomain |
Worked example — JSON response
A booking API might return:
GET https://api.workshopco.ca/v1/classes?month=2026-03
Authorization: Bearer sk_live_abc123...
HTTP/1.1 200 OK
Content-Type: application/json
{
"classes": [
{"id": "intro-wood", "title": "Intro to Woodworking", "seats_left": 4},
{"id": "box-joint", "title": "Box Joint Masterclass", "seats_left": 0}
]
}Keys in GitHub repos get scraped within minutes. Use environment variables (export OPENAI_API_KEY=...) or secret stores on the server.
Try it yourself
Open any public JSON API or run:
curl -s https://swifthost.ca/ | head -c 200Identify: (1) protocol, (2) hostname, (3) whether the response is HTML or JSON.
Answer
HTTPS to swifthost.ca; homepage returns HTML (not JSON). A JSON API would return Content-Type: application/json and parseable {...} structure.
Quick quiz
Why do LLM products almost always use POST instead of GET for chat?
Answer
The prompt is in the body and can be large; GET URLs have length limits and would log prompts in server access logs. POST keeps the conversation payload in the request body.