Working with APIs

Imagine a world where information on the internet stayed on its own website. YouTube videos lived only on YouTube, news articles only lived on news websites, and cat memes only lived on photo sites, among many other differences. Social media, for example, would be a shell of its current self.

Interestingly enough, this is the world that most browsers are built to expect. Because of the Cross-Origin Resource Sharing (CORS) rules, browsers, by default, block information sharing across different domains (e.g. sharing something from to This is included as a security measure, so the data owner can control who can access their information and how. The ways different websites allow resource sharing makes the internet much more interesting and collaborative.

An API (or Application Programming Interface) is the way that information can be shared over the internet. For one project at Hack Reactor, I made a website (client) that loads YouTube videos based on a user-defined search (so, like, YouTube). To do this, I used the YouTube API. It was quick and easy to set up — I went to the Google APIs page, applied for an “API key” and voila! I was able to execute search queries on YouTube’s database to get information about their videos!

You might be wondering, “why do we need API keys? Why can’t YouTube just send any list of videos that I want?” The short answer is: “because it’s their data, and they can do what they want with it.” Imagine, for a second, that someone had a genius idea to make a new website, let’s call it, MeTube, where people could search up any videos they want, play them from the browser, and while they’re at it, maybe consume some ads that help pay the executives over at MeTube. Imagine also that all of these videos actually came from YouTube, but MeTube was reaping all of the benefits. Of course YouTube doesn’t want that — they want you to watch ads on their platform so they get the money! To help protect YouTube from such a nefarious plot, they giveth API keys. Unsurprisingly, they can also taketh away API keys.

During my aforementioned project building a YouTube client, I wound up on YouTube’s “naughty list.” My page was reloading far more often than I expected on both mine and my pair’s computers, so we racked up hundreds of requests to YouTube’s database — to which they promptly said, “no thank you, you can…er…need to…stop now.” We were locked out and finished the project with sample data :)

APIs are very powerful — they let users view information on their platform of choice and contribute to the open, collaborative nature of the internet. Of course, they belong to the data owners, so they need to be used carefully and respectfully if you wish to continue using them.