Lesson 17: Building Your First RESTful API

What is an API?

API stands for Application Programming Interface. At its core, an API is a way for two or more computer programs to communicate with each other. It's an intermediary that allows your application to share data and functionality with other applications without them needing to know how your system is implemented.

The Restaurant Analogy

An API is like a waiter in a restaurant.

• You (the client, e.g., a mobile app) want to order food. You don't go directly into the kitchen.
• You give your order to the waiter (the API).
• The waiter goes to the kitchen (the server), communicates your order, and brings the food (the data) back to you.

The waiter provides a standard way to request services from the kitchen, just like an API provides a standard way to request data from a server.

What Does "RESTful" Mean?

REST (REpresentational State Transfer) is an architectural style, or a set of design rules, for creating APIs. A "RESTful" API is one that follows these rules. The key idea is to use standard HTTP methods to perform actions on resources.

• Resource: Any piece of data, like a "user" or a "product".
• HTTP Methods (Verbs):
  • GET: To retrieve a resource. (e.g., GET /users/1 to get user with ID 1).
  • POST: To create a new resource. (e.g., POST /users to create a new user).
  • PUT / PATCH: To update an existing resource.
  • DELETE: To remove a resource.

JSON: The Language of APIs

Modern APIs don't usually send data back as HTML. Instead, they use a lightweight, easy-to-read format called JSON (JavaScript Object Notation). It's easy for both humans and machines to understand.

{
  "id": 1,
  "name": "John Doe",
  "email": "john@example.com"
}

Building a Simple API in PHP

Let's create a very simple API "endpoint" that returns a list of users in JSON format. Create a new folder in your project called api and add a file named users.php inside it.

api/users.php:

<?php
    // 1. Set the Content-Type header to tell the client we're sending JSON
    header("Content-Type: application/json; charset=UTF-8");

    // In a real app, you would fetch this from your database
    $users = [
        ["id" => 1, "name" => "Alex", "role" => "Admin"],
        ["id" => 2, "name" => "Maria", "role" => "Editor"],
        ["id" => 3, "name" => "David", "role" => "Subscriber"]
    ];
    
    // 2. Check that the request method is GET
    if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        // 3. Convert the PHP array to a JSON string and output it
        echo json_encode($users);
    } else {
        // If it's not a GET request, send an error
        http_response_code(405); // 405 = Method Not Allowed
        echo json_encode(["message" => "This endpoint only supports GET requests."]);
    }
?>

Now, if you navigate to http://localhost/php-course/api/users.php, you won't see a pretty webpage. Instead, you'll see the raw JSON data, ready to be consumed by a JavaScript frontend, a mobile app, or another server.

While you can build APIs with plain PHP, frameworks like Laravel provide powerful routing, validation, and security tools that make building robust APIs much faster and easier.