DEV Community

Cover image for What is a REST API?
Rahil Sarvaiya
Rahil Sarvaiya

Posted on

What is a REST API?

Have you heard people talk about using REST APIs on the web? Do you know how communication takes place the moment you click something on the internet? Have you wondered how the internet allows you to send and receive data so comfortably? Keep reading to get more information on how communication on the internet works.

What is an API?

Before we dive into what exactly a REST API is, we need to understand the meaning of an API (which stands for Application Programming Interface) and its role in sending and receiving data. According to Wikipedia, API or Application Programming Interface is a computing interface that defines interactions between multiple software intermediaries. Let’s break it down into simpler terms. An API is an interface that helps an application connect to another application. It is the medium through which data can be sent and received between applications on the internet. Every time we are browsing a website on our Laptops, or using an application on our mobile phones, we are essentially using an API.

Let’s try and understand it using a real-life example. Imagine you visit a library and want a particular book. At first glance, you probably won’t be able to find the book, and so you take the help of the librarian asking where this book would be. Now the librarian is left with two options, either he goes to the section of the library, retrieves the book and gives it to you, or directs you to the correct section and makes sure you get the book. He takes your request (of getting Book X) and makes sure you get back a response (get your Book X). This is similar to what an API does, for an online bookstore or book purchasing app (like amazon). When you select a particular book, the API will send the request to the server, the server will check the database if that book is yet available, and then send a response back. The API gets this response and sends it back to you in a legible format that can be interpreted by you. In case of an error, the API will handle this error and send it across in a readable way.

Moreover, APIs also act as an additional level of security. Your phone is never completely exposed on the server, and the server’s data is never fully exposed to your phone. It is through these APIs that the data is sent and received, thus adding an additional level of security by sharing only the necessary bits. Now that you know what an API is, let dive into REST APIs.


REST stands for Representational State Transfer, and was introduced in 2000 by Roy Fielding. REST is an architectural style that consists of 6 constraints that must be satisfied for it to be referred to as RESTful. In simpler terms, it is a set of rules that are followed by developers, to make sure the data is sent and received in a specific format. The API defines how the communication takes place, while REST defines how the API should be formatted. The request sent is the URL and the response is the data that is sent back to you.

The six constraints that should be satisfied for an API to be RESTful are:

1) Uniform Interface

A uniform interface should be used between the client and the server for all the APIs. Once a developer has worked on an API of a class, he should be easily able to work on other APIs of the same class. By applying a uniform interface, the architecture is simplified, and understanding of the APIs is improved. It becomes easier for someone to implement the API, as the standard interface is the same. The four guiding principles of the uniform interface are as follows:

  • Resource-Based
  • Manipulation of Resources Through Representations
  • Self-descriptive Messages
  • Hypermedia as the Engine of Application State (HATEOAS)

2) Client-Server

The client and server should be two independent separate entities. The client does not deal with data storage, improving client portability and the server does not deal with the user interface, improving server scalability.

3) Stateless

Each request from the client to server must contain all the necessary information as part of the URI, query-string parameters, body, or headers, to process that request. The session state should be present entirely on the client and should not leverage any stored context on the server.

4) Layered System

A layered system improves the architecture and system scalability by enabling load-balancing. Layer systems may also enforce security policies and provide shared caches for better performance.

5) Cacheable

Clients can cache their responses. Thus, the responses must explicitly be labeled as cacheable or non-cacheable to prevent the clients from reusing unfitting data in response to further requests.

6) Code-on-demand (optional)

Client functionality can be extended by executing scripts. Servers can extend their functionality to the client allowing it to execute its logic.

If an API satisfies these above-mentioned constraints, it is
called a RESTful API. REST APIs usually take place over HTTP when used for web APIs. Hence REST APIs make a call from the client to the server and return the response as data over an HTTP protocol.


Now let’s test an API request. For the sake of this example, we will use the Twitter API to get tweets about a specific word we input.

Before testing this API, you will need to make a Twitter Developer Account. After entering your use case for this API, and confirming your email, you will be asked to enter your project name. You can select the project name of your choice, provided it is not already taken, and then you will be given Authorization credentials — an API key, an API secret key, and a Bearer Token. You can use these credentials when you make an API request.

Testing the Twitter API

You can use Postman to test your API. Postman provides tools that make API development easy.

Step 1 - Open a new tab and select the GET request. Enter the API request as shown below.

request API

Step 2 - Click the authorization tab, and enter the Bearer Token as provided for your project while making your Twitter Dev Account.

bearer token for API

Step 3 - Make sure you have the following fields in your Headers tab. Your Authorization field with contain your Bearer Token and the Cookie will contain the personalization_id and guest_id which will be unique to you.

All headers for the API

Step 4 - Now click the send button and you will be able to view the response below. The response contains the data that satisfied the query parameter as entered by us (vaccine for this example). Each data item contains an id which is the Tweet ID and the text field which is the Tweet Text.

API Response

Congrats! You finally made your first API request. Feel free to play around with this API and you can refer to this for more information on using the Twitter API.


I hope you have gained some knowledge of REST APIs and now know how it is used for communication on the internet. If you liked this article and would like to read similar work, be sure to follow me on Twitter where I’ll post updates about publishing my latest articles.

Top comments (1)

siddharthshyniben profile image

Representational State Transfer Application Programming Interface. That is a mouthful