API Glossary for Non-Engineers

Understanding APIs often begins with becoming familiar with a few key terms.

This glossary provides concise, accessible definitions that will support you as you read through the series.

Refer to it whenever you need quick clarification or a grounding point.

API #

A messenger between two computer systems.

One system asks for something → the API carries the request → the other system replies.

Endpoint #

The exact address where you ask for something.

Similar to a house address, but for data.

Example:

/customers/123 → “give me customer 123.”

Request #

What you send to the API.

It contains what you want: “Fetch this”, “Create that”, “Update this”.

Response #

What the API sends back.

Usually includes:

• status code

• data

• sometimes error messages

Think of it as the API’s reply.

HTTP Method #

Tells the API what you want to do.

• GET → “Give me data.”

• POST → “Create something new.”

• PUT/PATCH → “Update something.”

• DELETE → “Remove something.”

You don’t need to memorize these, just understand the intention behind each one.

Status Code #

A short number that tells you what happened.

Common ones:

• 200 → Everything worked.

• 201 → Something was successfully created.

• 400 → Bad request (you asked wrongly).

• 401 → Not allowed (authentication issue).

• 404 → Doesn’t exist.

• 500 → The system is down or broken.

JSON #

A structured way of sending data.

Looks like simple text with “key: value” pairs.

Example:

{
  "name": "Ada",
  "email": "ada@example.com"
}

You don’t need to understand the syntax, only that it’s just organized text.

Header #

Extra information attached to your request. Most importantly where authentication lives.

Example:

Authorization: Bearer <your_token>

Body / Payload #

The data you send with your request (usually for POST/PUT).

Like filling out a form.

Token / API Key #

A secret key that proves you’re allowed to make the request.

Like a password for systems talking to each other.

Authentication (Auth) #

The process of verifying who is making the API call and whether they have permission.

Same idea as logging into an app, but for systems.

Rate Limit #

How many API calls you’re allowed to make in a period of time.

Prevents overload.

When you hit it, you usually get: 429 Too Many Requests.

Latency #

How long an API takes to respond.

Sometimes caused by slow networks or busy servers.

Webhook #

The opposite of an API request.

Instead of you asking for information, a system pushes information to you when something happens.

Example: “When a payment succeeds, send me a message.”

SDK (Software Development Kit) #

A packaged tool that makes using an API easier.

You won’t need this as a non-engineer, but it’s good to know what it means.

API Documentation (Docs) #

A guide that explains:

• what endpoints exist

• how to use them

• what data you get

• what errors mean

This is where engineers and sometimes PMs or support, look things up.

Integration #

Connecting your system to another system using APIs.

Example: your product integrates with a payment provider.

Payload Size #

How much data is being sent.

Bigger payloads = slower requests.

Timeout #

When an API takes too long to reply, the request fails.

This usually appears as a “Request timed out” error.

Sandbox / Staging #

A safe testing environment where you can try API calls without affecting real users or money which is perfect for beginners and tests.

Short Summary (for quick scanning)

• API → messenger

• Endpoint → address

• Request → question

• Response → answer

• Status Code → what happened

• JSON → structured text

• Token → permission

• Webhook → system notifies you

• Rate Limit → request limits

• Docs → manual