What is an API?
And why should you care?
An interactive journey from the first request to building your own. No jargon, real data, clear answers.
A contract between systems
You send a structured request. You get a structured response. That's it.
Why do APIs exist?
In the early days of computing, programs were self-contained. If you needed data, you stored it locally. But as systems grew, they needed to talk to each other. The problem: every system had different internals, different languages, different data formats. APIs were invented as a universal handshake, a way for System A to ask System B for something without knowing how B works internally.
A brief history
Subroutine libraries let programs share code within a single machine.
The web arrives. Systems need to exchange data across networks. SOAP and XML-RPC appear.
Roy Fielding defines REST in his dissertation. Simple, stateless, URL-based.
REST APIs become the standard. Twitter, Stripe, Google Maps expose public endpoints. JSON replaces XML.
APIs power everything. Your weather app, your bank, your ML model all talk through APIs.
APIs are just functions, over a network
In any programming language, a function takes inputs and returns outputs. You call get_mortality(age=45) and get back 0.00354. An API is the same idea, but the function lives on another computer. Instead of calling it directly in your code, you send an HTTP request to a URL. The server runs the function, and sends back the result. The inputs are your parameters. The output is the response. If you understand functions, you already understand APIs.
# Local function call result = get_mortality(age=45) print(result) # 0.00354
# Same logic, but via API
import requests
response = requests.get(
"https://api.example.com/mortality",
params={"age": 45}
)
print(response.json())
# {"qx": 0.00354}Your app packages a question: what data do you need, in what format, with what credentials.
The server validates your request, retrieves or computes the data, and prepares a response.
You receive structured data (JSON, XML, or binary) ready to parse and use in your analysis.
API keys and why they matter
Most APIs are not open to everyone. The server needs to know who is making the request, how often, and whether they have permission. This is where API keys come in.
What is an API key?
An API key is a unique string that identifies you to the server. When you register for access to an API (like FRED or Banxico), the provider gives you a key. You include it in every request, usually as a header or query parameter. The server checks the key before responding.
Why not leave APIs open?
Without authentication, anyone could flood a server with millions of requests, consume expensive compute resources, or scrape proprietary data. API keys let the provider track usage per user, enforce rate limits (e.g. 120 requests per minute), and revoke access if someone abuses the system.
What happens if your key is exposed?
If you accidentally commit your API key to a public GitHub repository, push it in frontend JavaScript, or share it in a message, anyone who finds it can make requests as you. On paid APIs, this means charges on your account. On sensitive APIs, it means unauthorized access to your data. Leaked keys are one of the most common security incidents in software.
# Never do this
response = requests.get(
"https://api.fred.org/series",
params={"api_key": "abc123secret"}
)# Do this instead
import os
api_key = os.environ["FRED_API_KEY"]
response = requests.get(
"https://api.fred.org/series",
params={"api_key": api_key}
)Basic rules
When you search for a flight, you enter a departure city, a destination, and a date. The airline's system returns available flights with prices and schedules. You never see the database, the pricing engine, or the seat inventory. You just fill in the inputs and get back the outputs. That search form is an API in disguise: structured inputs produce structured outputs, and the complexity stays hidden on the other side.
Try it yourself
Pick an API, set parameters, send a real request, and see what comes back.
Parameters
Series identifier (e.g. DGS10, FEDFUNDS, CPIAUCSL)
Start date (YYYY-MM-DD)
End date (YYYY-MM-DD)
Frequency: daily, weekly, monthly, quarterly, annual
Send a request to see the response here.
From JSON to insight
The same API responses from the playground, transformed into charts, metrics, and analytical output.
From FRED API (Federal Reserve Economic Data)
From Banxico API (Banco de Mexico)
From World Bank API (Development Indicators)
Combined from FRED, Banxico, and World Bank APIs
Build your own
From consumer to producer. The concepts you learned above, now applied to creating an API.
Define your data
What will your API serve? A mortality table, a pricing model, a risk score.
Choose a framework
FastAPI (Python) or Express (TypeScript), both let you define endpoints in minutes.
Create endpoints
Map URLs to functions. GET /api/mortality?age=45 returns the mortality rate.
Add authentication
Protect your API with API keys or tokens, just like FRED and Banxico do.
Deploy
Push to Vercel, Railway, or Cloud Run. Your API is live.
Ready to go deeper?
You know the fundamentals. Now explore how APIs behave under pressure, how they fail, and how to debug them.
Enter Advanced Mode