GLOSSARY

API (APPLICATION PROGRAMMING INTERFACE)

API — definition, enterprise context, and how NUUN Digital uses APIs in builds.

Last updated:

Quick answer
An API is a specified contract between software systems that lets one program request data or trigger behavior in another over a network, without either side knowing the other's internal implementation. Modern APIs fall into four styles — REST, GraphQL, gRPC, and webhooks — each designed for different integration patterns, latency requirements, and consumer expectations.

WHAT IT IS

Modern web APIs fall into four dominant styles: REST (resource-oriented, HTTP-verb-driven, the default for most public APIs), GraphQL (client-specified queries against a typed schema), gRPC (binary, high-throughput, service-to-service), and webhooks (event-driven push from server to client). OpenAPI 3 is the standard specification format for REST APIs; schemas are published, versioned, and used to generate clients and docs automatically.

HOW IT WORKS

A production API needs authentication (OAuth 2.0, API keys, mTLS), rate limiting, versioning, observability (logs, traces, metrics), and a published contract. Breaking changes move to a new major version; additive changes ship without breaking existing clients.

WHEN TO USE

Design an API whenever multiple systems need to integrate, when you want to open capability to partners or customers, or when a monolith must be decomposed into services.

RELATED

SOURCES

Related questions.

What is an API?
An API is a specified contract between software systems that lets one program request data or trigger behavior in another over a network, without either side needing to know the other's internal implementation. REST, GraphQL, gRPC, and webhooks are the dominant styles today.
What is the difference between REST and GraphQL?
REST is resource-oriented and HTTP-verb-driven, with each endpoint returning a fixed shape. GraphQL is client-specified: one endpoint accepts queries against a typed schema, and the client decides exactly which fields come back. REST is simpler to cache; GraphQL is better for complex, nested reads.
What does a production API require?
Authentication (OAuth 2.0, API keys, mTLS), rate limiting, versioning, observability (logs, traces, metrics), a published contract (OpenAPI for REST, SDL for GraphQL), and a deprecation policy. Without those, an API is a liability disguised as a feature.
When should a company build an API?
When multiple internal systems need to integrate, when partners or customers need programmatic access to a capability, when a monolith is being decomposed into services, or when a product will ship a public integrations catalog. Not every internal service needs a public API — design the contract around who will actually consume it.
How does NUUN Digital approach API design?
We design APIs contract-first — OpenAPI or GraphQL SDL before implementation — so clients can be generated, docs are automatic, and breaking changes are visible in the diff. Our replatforms use a stable public API as the hinge between legacy and modern stacks.

Need this term in action?

Book a call