You use APIs dozens of times a day without ever seeing one. Check the weather, pay with a card online, log into an app using your Google account, see a map embedded in a website — each of those quietly relies on an API doing its job in the background.

The term sounds technical, but the idea behind it is simple, and once it clicks you will spot APIs everywhere.

What an API is

An API, or application programming interface, is a defined set of rules that lets one piece of software request data or actions from another in a predictable, structured way.

In plain terms, it is a messenger with a rulebook. One program says, "Here is what I want," in a format the other program understands, and gets back a clear, expected response. Neither side needs to know how the other is built inside — they just need to agree on the rules of the conversation. That agreement is the API.

The restaurant analogy

The classic way to explain an API is a restaurant.

You are the customer. The kitchen is the system that does the work. The menu is the API: a fixed list of things you are allowed to order. The waiter carries your order to the kitchen and brings back exactly what you asked for.

You do not walk into the kitchen and start cooking. You do not need to know how the kitchen is organised, who the chefs are, or where the ingredients come from. You simply choose from the menu, place your order through the waiter, and receive your meal.

An API works the same way. It offers a menu of available requests, you "order" one, and it returns a tidy response — without ever exposing the messy machinery behind the scenes. This is one of the most powerful things about APIs: they hide complexity.

Everyday examples

Once you have the analogy, real examples make it concrete:

  • Weather in an app. Your phone's weather app sends your location to a weather service's API and gets back the forecast, which it then displays in its own style.
  • "Log in with Google or Apple." Instead of creating yet another password, the app asks an identity service, through an API, to confirm who you are.
  • Online payments. A shop does not handle your card directly; it passes the payment to a provider's API, which does the sensitive work and returns a yes or no.
  • Maps inside other apps. A taxi or food-delivery app shows a map by calling a mapping service's API rather than building maps from scratch.
  • Open banking. With your permission, a budgeting app can read your bank transactions through your bank's API. Our explainer on how open banking works covers this in detail.

In every case, one service is using another's capabilities through a clean, agreed interface, rather than rebuilding everything itself.

Why APIs matter

APIs are the connective tissue of modern software, and their importance is hard to overstate.

  • They let services work together. The reason your favourite apps can pull in maps, payments, messaging and logins is that those features are offered as APIs by other companies.
  • They save enormous effort. A developer can add powerful capabilities — say, sending a text message or processing a payment — in hours by using an API, instead of spending months building and maintaining the underlying system.
  • They enable whole businesses. Many companies offer their core product as an API, charging others to use it. Entire products are built by combining several APIs.
  • They keep complexity manageable. Large systems are broken into pieces that talk to each other through APIs, so each part can be built, updated and scaled independently.

For a sense of how this fits into bigger technology trends, our overviews of machine learning and the Internet of Things both describe systems that lean heavily on APIs to connect models, sensors and apps.

How an API call works, roughly

You do not need the technical detail, but a simplified picture helps:

  1. A request goes out. One program sends a message to the API, naming what it wants and including any needed details — for example, "give me the forecast for this postcode".
  2. The API processes it. The receiving system checks the request is allowed, does the work, and prepares a response.
  3. A response comes back. The API returns the result in a structured format the requester can read and use, often a tidy block of data.

Most of the time this round trip happens in a fraction of a second, many times over, as you tap around an app.

Keys, permissions and security

Because APIs open a door into a system, controlling who comes through is essential. This is usually handled with API keys and permissions.

An API key is a unique code that identifies and authorises whoever is making the request, a bit like a membership card. The service can check the key, decide what that user is allowed to do, and limit how often they can ask. Sensitive APIs add stronger checks and only ever share data the user has agreed to.

This is why the security ideas behind the rest of your digital life apply here too. A leaked API key can be as damaging as a leaked password, which is why the steps in our guide on what to do after a data breach apply to compromised keys as much as to stolen logins.

The bottom line

An API is a set of rules that lets one piece of software request data or actions from another in a predictable way — the menu-and-waiter that lets programs cooperate without knowing each other's inner workings. They power the maps, payments, logins and forecasts you use every day.

By hiding complexity and letting services plug into one another, APIs are the quiet infrastructure of the modern internet. You will rarely see one, but now you know what is doing the work whenever your apps seem to magically talk to each other.