Creating and exposing APIs allows your web application to interact with other applications through machine-to-machine communication.
API creation frameworks
- Django REST framework and Tastypie are the two most widely used API frameworks to use with Django. The edge currently goes to Django REST framework based on rough community sentiment. Django REST framework continues to knock out great releases after the 3.0 release mark when Tom Christie ran a successful Kickstarter campaign.
- Flask-RESTful is widely used for creating web APIs with Flask. It was originally open sourced and explained in a blog post by Twilio then moved into its own GitHub organization so engineers from outside the company could be core contributors.
- Flask API is another common library for exposing APIs from Flask web applications.
- Sandman is a widely used tool to automatically generate a RESTful API service from a legacy database without writing a line of code (though it’s easily extensible through code).
- Cornice is a REST framework for Pyramid.
- Restless is a lightweight API framework that aims to be framework agnostic. The general concept is that you can use the same API code for Django, Flask, Bottle, Pyramid or any other WSGI framework with minimal porting effort.
- Eve is a Python REST framework built with Flask, MongoDB and Redis. The framework’s primary author Nicola Iarocci gave a great talk at EuroPython 2014 that introduced the main features of the framework.
- Falcon is a fast and lightweight framework well suited to create RESTful APIs.
- Hug built on-top of Falcon and Python3 with an aim to make developing Python driven APIs as simple as possible, but no simpler. Hug leverages Python3 annotations to automatically validate and convert incoming and outgoing API parameters.
- Pycnic is a JSON-API-only framework designed with REST in mind.
API testing projects
Building, running and maintaining APIs requires as much effort as building, running and maintaining a web application. API testing frameworks are the equivalent of browser testing in the web application world.
- zato-apitest invokes HTTP APIs and provides hooks for running through other testing frameworks.
Hosted API testing services
- Runscope is an API testing SaaS application that can test both your own APIs and external APIs that your application relies upon.
- API Science is focused on deep API testing, including multi-step API calls and monitoring of external APIs.
- SmartBear has several API monitoring and testing tools for APIs.
API creation resources
- An API is only as good as its documentation is a strongly held mantra in the web API world because so many APIs have poor documentation that prevents ease-of-use. If an API is not well documented then developers who have options to use something else will just skip it.
- Adventures in running a free, public API is a quick story of a developer’s geolocation API being abused and his lack of resources for preventing further abuse. Eventually he had to shut down the free plan and only provide a paid plan in addition to allowing others to host the open source code. Fraud and malware prevention are difficult problems so keep an eye on server utilization and endpoint calls growth to separate legitimate from illegitimate traffic.
- API Doc JS allows a developer to embed markup in their documentation that will generate a site based on the endpoints available in the API.
- 10 Reasons Why Developers Hate Your API (And what to do about it) goes through the top difficulties and annoyances developers face when working with APIs and how you can avoid your API falling into the same traps.
- Versioning of RESTful APIs is a difficult and contentious topic in the web API community. This two-part series covers various ways to version your API and how to architect a version-less API.
- NARWHL is a practical API design site for developers confused about what is appropriate for RESTful APIs.
- 18F‘s API standards explains the details behind their design decisions on creating modern RESTful APIs.
- Design a beautiful REST API reviews common design decisions regarding endpoints, versioning, errors and pagination. There is also a source material YouTube video where this blog post derives its recommendations from.
- Move Fast, Don’t Break Your API are slides and a detailed blog post from Amber Feng at Stripe about building an API, separating layers of responsibility, hiding backwards compatibility and a whole slew of other great advice for developers and API designers.
- Self-descriptive, isn’t. Don’t assume anything. is an appeal that metadata makes a difference in whether APIs are descriptive or not.
- Designing the Artsy API has their recommendations list for building an API based on their recent experiences.
- Some REST Best Practices is a high level summary of rules to follow while creating your API.
- Hacker News had a discussion on what’s the best way to write an API spec? that provides a few different viewpoints on this topic.
- Apigee’s Web API Design ebook is free and contains a wealth of practical advice for what design decisions to make for your web API.
- 1-to-1 Relationships and Subresources in REST APIs tells the story of design decisions that were made during an API’s creation and why those choices were made.
- How many status codes does your API need? gives an answer from a Dropbox API developer as to their decision making process.
- These two Stack Overflow questions and answers on Is it better to place a REST API on a subdomain or in a subfolder? and subdomain vs. subdirectory in web programming provide reasons and opinions on the debate around using a subdomain, for example api.fullstackpython.com versus www.fullstackpython.com/api/. There is also a nice summary of endpoint configurations in this article from ProgrammableWeb.
- This API Design Guide is based on Heroku’s best practices for the platform’s API.
Python-specific API creation resources
- Choosing an API framework for Django by PyDanny contains questions and insight into what makes a good API framework and which one you should currently choose for Django.
- Create a REST API in Minutes with Pyramid and Ramses is a thorough tutorial from start to finish that uses the Pyramid web framework along with Ramses, a library that uses YAML files to generate a RESTful API.
- RESTful web services with Python is an interesting overview of the Python API frameworks space.
- Implementing a RESTful Web API with Python & Flask is a good walkthrough for coding a Flask app that provides standard web API functionality such as proper HTTP responses, authentication and logging.
- REST Hooks is an open source Python project that makes it easier to implement subscription-based “REST hooks”. These REST hooks are similar to webhooks, but provide a different mechanism for subscribing to updates via a REST interface. Both REST hooks and webhooks are far more efficient than polling for updates and notifications.
- Serialization is common for transforming objects into web API JSON results. One company found the serialization performance of Django REST framework was lacking so they created Serpy and wrote a blog post with the results of its performance.
- Building better API docs shows how Square used Swagger with React to create more helpful docs.
Django REST Framework resources
- If you’re looking for a working example of a Django REST framework project, check out the PokeAPI, open sourced under the BSD license.
API creation learning checklist
- Pick an API framework appropriate for your web framework. For Django I recommend Django REST framework and for Flask I recommend Flask-RESTful.
- Begin by building out a simple use case for the API. Generally the use case will either involve data that users want in a machine-readable format or a backend for alternative clients such as an iOS or Android mobile app.
- Add an authentication mechanism through OAuth or a token scheme.
- Add rate limiting to the API if data usage volume could be a performance issue. Also add basic metrics so you can determine how often the API is being accessed and whether it is performing properly.
- Provide ample documentation and a walkthrough for how the API can be accessed and used.
- Figure out other use cases and expand based on what you learned with the initial API use case.