API stands for Application Programming Interface.
An API is how two computers (or more) communicate with each other.
An API is an abstraction between systems.
APIs hide the internal implementation of a computer program. Indeed, APIs are only used by software engineers. The end-user interacts with APIs via the user interface.
APIs hide the internal implementation details and only reveal the parts that are useful for other programmers to use.
2. Client-Service Architecture
Client-server architecture is the type of architecture where we have a client on one side and a server on the other side.
A client can be a physical device (such as a laptop, smartphone, tablet, etc.), or a program (such as a web browser).
The client side of the program is the equivalent of the front end.
The client is the device that allows you to make requests over the internet.
The server is the "invisible" part of the application.
A server, instead, is not a physical device. It's a computer program responsible for serving the incoming client's requests.
3. HTTP vs HTTPS
HTTP is a stateless request-response protocol. It's "stateless" because each request is independent of the other.
When a request is stateless, the server doesn't store any information about the request. The connection gets lost once the transaction between the client and the server is completed.
HTTPS is the secure version of HTTP.
HTTPS protocol allows clients and servers to share information with more confidence that the data has never been changed or corrupted during the transaction.
This is essential when exchanging sensitive information.
HTTPS implements HTTP over Secure Sockets Layer (SSL). SSL is a transport protocol which uses public key encryption to convert data into code during its delivery.
What are the advantages of a stateless protocol?
It simplifies server design.
It reduces the demand for server resources.
It allows each server to be continuously occupied, serving other requests.
It allows a server to scale to many clients.
Applications are more resilient to network failure.
4. HTTP Status codes
The following are the status code you should know as a backend engineer.
5. Authentication VS Authorization
Authentication is the process which ensures that someone trying to access a system is who they say they are.
A clear example of authentication is when you access a portal, and you have to enter some piece of information to prove your identity.
Usually, you'll have to enter your email and password.
Authorization is the process of granting someone access to a resource.
Authorisation in a system security is the process of giving the user permission to access a specific resource or function. This term is often used interchangeably with access control or client privilege.[Okta]
An example of authorization is when you're the file owner and you grant access to another user to modify the file.
6. State Preservation
State preservation is a mechanism to store data.
It comes in three variations:
Cookies: they allow you to store small bits of information on the client, and it's sent to the server during an HTTP request.
Session variables: a unique identifier is used to associate the information stored on the server with a particular client.
Passing data at each request-response cycle: this variation allows you to store data on the web page.
In this article, I covered some backend concepts every software engineer should know. What would you add to the list? Let me know in the comments.
Until next time!
P.S.: if you enjoyed this article, you'd definitely benefit from subscribing to my FREE weekly newsletter, where I share tips, tricks and insights about software engineering, career development and more. I hope to see you there!