REST APIs: How Applications Talk to Each Other
REST APIs: How Applications Talk to Each Other
1. Understanding REST Architecture
REST (Representational State Transfer) is a standard way for applications to communicate over HTTP.
REST Principles:
1. Client-Server - Separate concerns
2. Statelessness - Each request is independent
3. Resource-Based - URLs represent resources (nouns, not verbs)
4. HTTP Methods - Use standard HTTP verbs for operations
Resources in an E-Commerce API:
/products - Collection of products
/products/123 - Specific product with ID 123
/users/456/orders - Orders belonging to user 456
/categories/electronics/products - Products in electronics category
Key Concept: URLs should be NOUNS (things), not VERBS (actions)
BAD (not REST):
/getProducts
/createProduct
/updateProduct
/deleteProduct
GOOD (REST):
GET /products
POST /products
PUT /products/123
DELETE /products/123 2. HTTP Methods - CRUD Operations
REST uses HTTP methods to perform operations on resources.
// GET - Retrieve data (Safe, Idempotent)
fetch('/api/products') .then(res => res.json()) .then(data => console.log("सभी प्रोडक्ट:", data));
fetch('/api/products/123') .then(res => res.json()) .then(data => console.log("प्रोडक्ट विवरण:", data));
// POST - Create new resource (Not idempotent)
fetch('/api/products', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ name: 'iPhone 15', price: 79999, category: 'electronics' })
})
.then(res => res.json())
.then(data => console.log("नया प्रोडक्ट बनाया गया:", data));
// PUT - Update entire resource (Idempotent)
fetch('/api/products/123', { method: 'PUT', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ name: 'iPhone 15 Pro', price: 99999, category: 'electronics' })
})
.then(res => res.json())
.then(data => console.log("प्रोडक्ट अपडेट:", data));
// PATCH - Update partial resource (Idempotent)
fetch('/api/products/123', { method: 'PATCH', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ price: 89999 // Only update price })
})
.then(res => res.json())
.then(data => console.log("प्रोडक्ट अपडेट:", data));
// DELETE - Remove resource (Idempotent)
fetch('/api/products/123', { method: 'DELETE'
})
.then(res => res.json())
.then(data => console.log("प्रोडक्ट डिलीट:", data));
// HTTP Method Properties:
// Idempotent = Multiple calls = Same result
// GET, PUT, DELETE = Idempotent
// POST, PATCH = Not idempotent 3. HTTP Status Codes
API responses use standard HTTP status codes to indicate success or failure.
// 2xx Success
200 OK - Request succeeded
201 Created - Resource created successfully
202 Accepted - Request accepted, processing
204 No Content - Successful, no response body
// 3xx Redirection
301 Moved Permanently - Resource moved to new URL
302 Found - Temporary redirect
304 Not Modified - Use cached version
// 4xx Client Error
400 Bad Request - Invalid request syntax
401 Unauthorized - Authentication required
403 Forbidden - Authenticated but no permission
404 Not Found - Resource doesn't exist
429 Too Many Requests - Rate limit exceeded
// 5xx Server Error
500 Internal Server Error - Server error
502 Bad Gateway - Invalid response from upstream
503 Service Unavailable - Server temporarily down
// Handling different status codes
fetch('/api/products/999') .then(res => { if (!res.ok) { // Check if status is 200-299 throw new Error(`HTTP Error: ${res.status}`); } return res.json(); }) .then(data => console.log(data)) .catch(error => { if (error.message.includes('404')) { console.log("प्रोडक्ट नहीं मिला"); } else if (error.message.includes('500')) { console.log("सर्वर त्रुटि"); } else { console.log("नेटवर्क त्रुटि"); } }); 4. Request and Response Headers
Headers provide metadata about the request and response.
// Common Request Headers
const headers = { 'Content-Type': 'application/json', // What format we're sending 'Accept': 'application/json', // What format we want back 'Authorization': 'Bearer TOKEN123', // Authentication token 'User-Agent': 'MyApp/1.0', // Client identification 'Cache-Control': 'no-cache' // Don't use cached version
};
fetch('/api/products', { method: 'POST', headers: headers, body: JSON.stringify({ name: 'नया प्रोडक्ट' })
});
// Common Response Headers
// Content-Type: application/json
// Cache-Control: max-age=3600
// X-RateLimit-Limit: 1000
// X-RateLimit-Remaining: 999
// X-RateLimit-Reset: 1640000000
// Accessing response headers
fetch('/api/products') .then(res => { console.log('Content-Type:', res.headers.get('content-type')); console.log('Rate Limit:', res.headers.get('x-ratelimit-remaining')); return res.json(); });
// Custom headers for API
const authToken = localStorage.getItem('authToken');
fetch('/api/user/profile', { headers: { 'Authorization': `Bearer ${authToken}`, 'X-API-Key': 'YOUR_API_KEY' }
}); 5. URL Structure and Query Parameters
URLs can include query parameters for filtering, sorting, and pagination.
// Basic URL
/api/products
// Query Parameters (filter and search)
/api/products?category=electronics&price_max=50000
// Sorting
/api/products?sort=price&order=asc
// Pagination
/api/products?page=2&limit=20
// Complex query
/api/products?category=electronics&price_min=10000&price_max=50000&sort=rating&order=desc&page=1&limit=10
// Building URLs programmatically
const baseURL = 'https://api.example.com/products';
const params = new URLSearchParams({ category: 'electronics', minPrice: 10000, maxPrice: 50000, sortBy: 'rating', order: 'desc', page: 1, limit: 20
});
const fullURL = `${baseURL}?${params.toString()}`;
fetch(fullURL).then(r => r.json()).then(data => console.log(data));
// Better approach with URL object
const url = new URL('https://api.example.com/products');
url.searchParams.append('category', 'electronics');
url.searchParams.append('minPrice', 10000);
url.searchParams.append('maxPrice', 50000);
fetch(url.toString()).then(r => r.json()); 6. Understanding UPI API Flow (India Context)
Real-world example: How UPI (Unified Payments Interface) works conceptually.
// UPI Transaction Flow (Conceptual)
// Used by apps like Google Pay, PhonePe, Paytm
// Step 1: Initiate Payment
const paymentRequest = { upiId: 'user@okhdfcbank', amount: 5000, transactionRef: 'TXN123456', merchant: 'example.com', description: 'Order #12345'
};
// Step 2: Send request to UPI Provider API
fetch('https://api.upi-provider.com/initiate', { method: 'POST', headers: { 'Content-Type': 'application/json', 'Authorization': 'Bearer API_KEY' }, body: JSON.stringify(paymentRequest)
})
.then(res => res.json())
.then(data => { // Step 3: Get transaction ID const txnId = data.transactionId; console.log('लेनदेन शुरू किया गया:', txnId); // Step 4: Redirect to UPI app or payment page window.location.href = data.paymentUrl;
});
// Step 5: Callback (Payment app confirms transaction)
// Server receives confirmation
const confirmPayment = (txnId, status) => { return fetch('https://api.example.com/confirm-payment', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ transactionId: txnId, status: status, // 'SUCCESS' or 'FAILED' timestamp: new Date().toISOString() }) });
};
// Step 6: Check transaction status
const checkPaymentStatus = (txnId) => { return fetch(`https://api.example.com/payment/${txnId}`) .then(res => res.json()) .then(data => { if (data.status === 'SUCCESS') { console.log('भुगतान सफल!'); } else if (data.status === 'PENDING') { console.log('भुगतान लंबित है'); } else { console.log('भुगतान विफल'); } return data; });
};
// Real UPI APIs used in India:
// NPCI (National Payments Corporation of India) - BHIM API
// RazorPay UPI
// PayU
// Google Pay API
// PhonePe Payment Gateway 7. Building a Complete API Client
class APIClient { constructor(baseURL, apiKey) { this.baseURL = baseURL; this.apiKey = apiKey; } async request(endpoint, options = {}) { const url = `${this.baseURL}${endpoint}`; const headers = { 'Content-Type': 'application/json', 'X-API-Key': this.apiKey, ...options.headers }; try { const response = await fetch(url, { ...options, headers }); if (!response.ok) { throw new Error(`HTTP ${response.status}: ${response.statusText}`); } return await response.json(); } catch (error) { console.error('API Error:', error); throw error; } } // CRUD methods async getAll(resource) { return this.request(`/${resource}`); } async getOne(resource, id) { return this.request(`/${resource}/${id}`); } async create(resource, data) { return this.request(`/${resource}`, { method: 'POST', body: JSON.stringify(data) }); } async update(resource, id, data) { return this.request(`/${resource}/${id}`, { method: 'PUT', body: JSON.stringify(data) }); } async delete(resource, id) { return this.request(`/${resource}/${id}`, { method: 'DELETE' }); }
}
// Usage
const api = new APIClient('https://api.flipkart-clone.com', 'my-api-key');
// Get all products
const products = await api.getAll('products');
// Get one product
const product = await api.getOne('products', 123);
// Create new product
const newProduct = await api.create('products', { name: 'iPhone 15', price: 79999
});
// Update product
const updated = await api.update('products', 123, { price: 69999
});
// Delete product
await api.delete('products', 123); Key Takeaways
- REST uses HTTP methods to perform CRUD operations
- Use nouns (resources) in URLs, not verbs
- GET/DELETE are safe and idempotent
- POST/PATCH are not idempotent
- HTTP status codes indicate success or failure
- Headers provide metadata about request/response
- Query parameters filter, sort, and paginate data
- Learn from real APIs like UPI, Google Pay, payment gateways
- Wrap API calls in reusable client classes
From Concept to Reality: REST APIs: How Applications Talk to Each Other
In the professional world, the difference between a good engineer and a great one often comes down to understanding fundamentals deeply. Anyone can copy code from Stack Overflow. But when that code breaks at 2 AM and your application is down — affecting millions of users — only someone who truly understands the underlying concepts can diagnose and fix the problem.
REST APIs: How Applications Talk to Each Other is one of those fundamentals. Whether you end up working at Google, building your own startup, or applying CS to solve problems in agriculture, healthcare, or education, these concepts will be the foundation everything else is built on. Indian engineers are known globally for their strong fundamentals — this is why companies worldwide recruit from IITs, NITs, IIIT Hyderabad, and BITS Pilani. Let us make sure you have that same strong foundation.
Database Design: Normalisation and Relationships
Good database design prevents data duplication and inconsistency. This is called normalisation. Consider an e-commerce database:
-- BAD design (denormalised — data repeated everywhere)
-- If customer moves city, you must update EVERY order row!
-- GOOD design (normalised — each fact stored once)
CREATE TABLE customers ( id SERIAL PRIMARY KEY, name TEXT NOT NULL, email TEXT UNIQUE, city TEXT
);
CREATE TABLE products ( id SERIAL PRIMARY KEY, name TEXT NOT NULL, price DECIMAL(10,2), category TEXT
);
CREATE TABLE orders ( id SERIAL PRIMARY KEY, customer_id INTEGER REFERENCES customers(id), product_id INTEGER REFERENCES products(id), quantity INTEGER, order_date TIMESTAMP DEFAULT NOW()
);
-- JOIN to reconstruct the full picture
SELECT c.name, p.name AS product, o.quantity, (p.price * o.quantity) AS total
FROM orders o
JOIN customers c ON o.customer_id = c.id
JOIN products p ON o.product_id = p.id
WHERE o.order_date > '2025-01-01';The REFERENCES keyword creates a foreign key — a link between tables. This is a relational database: data is stored in related tables, and JOINs combine them. The tradeoff: normalised databases are consistent and space-efficient, but JOINs can be slow on very large datasets. This is why companies like Flipkart use a mix of SQL databases (for transactions) and NoSQL databases like MongoDB or Cassandra (for product catalogs and recommendations).
Did You Know?
🚀 ISRO is the world's 4th largest space agency, powered by Indian engineers. With a budget smaller than some Hollywood blockbusters, ISRO does things that cost 10x more for other countries. The Mangalyaan (Mars Orbiter Mission) proved India could reach Mars for the cost of a film. Chandrayaan-3 succeeded where others failed. This is efficiency and engineering brilliance that the world studies.
🏥 AI-powered healthcare diagnosis is being developed in India. Indian startups and research labs are building AI systems that can detect cancer, tuberculosis, and retinopathy from images — better than human doctors in some cases. These systems are being deployed in rural clinics across India, bringing world-class healthcare to millions who otherwise could not afford it.
🌾 Agriculture technology is transforming Indian farming. Drones with computer vision scan crop health. IoT sensors in soil measure moisture and nutrients. AI models predict yields and optimal planting times. Companies like Ninjacart and SoilCompanion are using these technologies to help farmers earn 2-3x more. This is computer science changing millions of lives in real-time.
💰 India has more coding experts per capita than most Western countries. India hosts platforms like CodeChef, which has over 15 million users worldwide. Indians dominate competitive programming rankings. Companies like Flipkart and Razorpay are building world-class engineering cultures. The talent is real, and if you stick with computer science, you will be part of this story.
Real-World System Design: Swiggy's Architecture
When you order food on Swiggy, here is what happens behind the scenes in about 2 seconds: your location is geocoded (algorithms), nearby restaurants are queried from a spatial index (data structures), menu prices are pulled from a database (SQL), delivery time is estimated using ML models trained on historical data (AI), the order is placed in a distributed message queue (Kafka), a delivery partner is assigned using a matching algorithm (optimization), and real-time tracking begins using WebSocket connections (networking). EVERY concept in your CS curriculum is being used simultaneously to deliver your biryani.
The Process: How REST APIs: How Applications Talk to Each Other Works in Production
In professional engineering, implementing rest apis: how applications talk to each other requires a systematic approach that balances correctness, performance, and maintainability:
Step 1: Requirements Analysis and Design Trade-offs
Start with a clear specification: what does this system need to do? What are the performance requirements (latency, throughput)? What about reliability (how often can it fail)? What constraints exist (memory, disk, network)? Engineers create detailed design documents, often including complexity analysis (how does the system scale as data grows?).
Step 2: Architecture and System Design
Design the system architecture: what components exist? How do they communicate? Where are the critical paths? Use design patterns (proven solutions to common problems) to avoid reinventing the wheel. For distributed systems, consider: how do we handle failures? How do we ensure consistency across multiple servers? These questions determine the entire architecture.
Step 3: Implementation with Code Review and Testing
Write the code following the architecture. But here is the thing — it is not a solo activity. Other engineers read and critique the code (code review). They ask: is this maintainable? Are there subtle bugs? Can we optimize this? Meanwhile, automated tests verify every piece of functionality, from unit tests (testing individual functions) to integration tests (testing how components work together).
Step 4: Performance Optimization and Profiling
Measure where the system is slow. Use profilers (tools that measure where time is spent). Optimize the bottlenecks. Sometimes this means algorithmic improvements (choosing a smarter algorithm). Sometimes it means system-level improvements (using caching, adding more servers, optimizing database queries). Always profile before and after to prove the optimization worked.
Step 5: Deployment, Monitoring, and Iteration
Deploy gradually, not all at once. Run A/B tests (comparing two versions) to ensure the new system is better. Once live, monitor relentlessly: metrics dashboards, logs, traces. If issues arise, implement circuit breakers and graceful degradation (keeping the system partially functional rather than crashing completely). Then iterate — version 2.0 will be better than 1.0 based on lessons learned.
Algorithm Complexity and Big-O Notation
Big-O notation describes how an algorithm's performance scales with input size. This is THE most important concept for coding interviews:
BIG-O COMPARISON (n = 1,000,000 elements): O(1) Constant 1 operation Hash table lookup O(log n) Logarithmic 20 operations Binary search O(n) Linear 1,000,000 ops Linear search O(n log n) Linearithmic 20,000,000 ops Merge sort, Quick sort O(n²) Quadratic 1,000,000,000,000 Bubble sort, Selection sort O(2ⁿ) Exponential ∞ (universe dies) Brute force subset Time at 1 billion ops/sec: O(n log n): 0.02 seconds ← Perfectly usable O(n²): 11.5 DAYS ← Completely unusable! O(2ⁿ): Longer than the age of the universe # Python example: Merge Sort (O(n log n)) def merge_sort(arr): if len(arr) <= 1: return arr mid = len(arr) // 2 left = merge_sort(arr[:mid]) # Sort left half right = merge_sort(arr[mid:]) # Sort right half return merge(left, right) # Merge sorted halves def merge(left, right): result = [] i = j = 0 while i < len(left) and j < len(right): if left[i] <= right[j]: result.append(left[i]); i += 1 else: result.append(right[j]); j += 1 result.extend(left[i:]) result.extend(right[j:]) return resultThis matters in the real world. India's Aadhaar system must search through 1.4 billion biometric records for every authentication request. At O(n), that would take seconds per request. With the right data structures (hash tables, B-trees), it takes milliseconds. The algorithm choice is the difference between a working system and an unusable one.
Real Story from India
The India Stack Revolution
In the early 1990s, India's economy was closed. Indians could not easily send money abroad or access international services. But starting in 1991, India opened its economy. Young engineers in Bangalore, Hyderabad, and Chennai saw this as an opportunity. They built software companies (Infosys, TCS, Wipro) that served the world.
Fast forward to 2008. India had a problem: 500 million Indians had no formal identity. No bank account, no passport, no way to access government services. The government decided: let us use technology to solve this. UIDAI (Unique Identification Authority of India) was created, and engineers designed Aadhaar.
Aadhaar collects fingerprints and iris scans from every Indian, stores them in massive databases using sophisticated encryption, and allows anyone (even a street vendor) to verify identity instantly. Today, 1.4 billion Indians have Aadhaar. On top of Aadhaar, engineers built UPI (digital payments), Jan Dhan (bank accounts), and ONDC (open e-commerce network).
This entire stack — Aadhaar, UPI, Jan Dhan, ONDC — is called the India Stack. It is considered the most advanced digital infrastructure in the world. Governments and companies everywhere are trying to copy it. And it was built by Indian engineers using computer science concepts that you are learning right now.
Production Engineering: REST APIs: How Applications Talk to Each Other at Scale
Understanding rest apis: how applications talk to each other at an academic level is necessary but not sufficient. Let us examine how these concepts manifest in production environments where failure has real consequences.
Consider India's UPI system processing 10+ billion transactions monthly. The architecture must guarantee: atomicity (a transfer either completes fully or not at all — no half-transfers), consistency (balances always add up correctly across all banks), isolation (concurrent transactions on the same account do not interfere), and durability (once confirmed, a transaction survives any failure). These are the ACID properties, and violating any one of them in a payment system would cause financial chaos for millions of people.
At scale, you also face the thundering herd problem: what happens when a million users check their exam results at the same time? (CBSE result day, anyone?) Without rate limiting, connection pooling, caching, and graceful degradation, the system crashes. Good engineering means designing for the worst case while optimising for the common case. Companies like NPCI (the organisation behind UPI) invest heavily in load testing — simulating peak traffic to identify bottlenecks before they affect real users.
Monitoring and observability become critical at scale. You need metrics (how many requests per second? what is the 99th percentile latency?), logs (what happened when something went wrong?), and traces (how did a single request flow through 15 different microservices?). Tools like Prometheus, Grafana, ELK Stack, and Jaeger are standard in Indian tech companies. When Hotstar streams IPL to 50 million concurrent users, their engineering team watches these dashboards in real-time, ready to intervene if any metric goes anomalous.
The career implications are clear: engineers who understand both the theory (from chapters like this one) AND the practice (from building real systems) command the highest salaries and most interesting roles. India's top engineering talent earns ₹50-100+ LPA at companies like Google, Microsoft, and Goldman Sachs, or builds their own startups. The foundation starts here.
Checkpoint: Test Your Understanding 🎯
Before moving forward, ensure you can answer these:
Question 1: Explain the tradeoffs in rest apis: how applications talk to each other. What is better: speed or reliability? Can we have both? Why or why not?
Answer: Good engineers understand that there are always tradeoffs. Optimal depends on requirements — is this a real-time system or batch processing?
Question 2: How would you test if your implementation of rest apis: how applications talk to each other is correct and performant? What would you measure?
Answer: Correctness testing, performance benchmarking, edge case handling, failure scenarios — just like professional engineers do.
Question 3: If rest apis: how applications talk to each other fails in a production system (like UPI), what happens? How would you design to prevent or recover from failures?
Answer: Redundancy, failover systems, circuit breakers, graceful degradation — these are real concerns at scale.
Key Vocabulary
Here are important terms from this chapter that you should know:
💡 Interview-Style Problem
Here is a problem that frequently appears in technical interviews at companies like Google, Amazon, and Flipkart: "Design a URL shortener like bit.ly. How would you generate unique short codes? How would you handle millions of redirects per second? What database would you use and why? How would you track click analytics?"
Think about: hash functions for generating short codes, read-heavy workload (99% redirects, 1% creates) suggesting caching, database choice (Redis for cache, PostgreSQL for persistence), and horizontal scaling with consistent hashing. Try sketching the system architecture on paper before looking up solutions. The ability to think through system design problems is the single most valuable skill for senior engineering roles.
Where This Takes You
The knowledge you have gained about rest apis: how applications talk to each other is directly applicable to: competitive programming (Codeforces, CodeChef — India has the 2nd largest competitive programming community globally), open-source contribution (India is the 2nd largest contributor on GitHub), placement preparation (these concepts form 60% of technical interview questions), and building real products (every startup needs engineers who understand these fundamentals).
India's tech ecosystem offers incredible opportunities. Freshers at top companies earn ₹15-50 LPA; experienced engineers at FAANG companies in India earn ₹50-1 Cr+. But more importantly, the problems being solved in India — digital payments for 1.4 billion people, healthcare AI for rural areas, agricultural tech for 150 million farmers — are some of the most impactful engineering challenges in the world. The fundamentals you are building will be the tools you use to tackle them.
Crafted for Class 7–9 • APIs & Data Engineering • Aligned with NEP 2020 & CBSE Curriculum
Found this useful? Share it!