Creating and exposing APIs allows your web application to interact with other applications through machine-to-machine communication.
Django REST framework and Tastypie are the two most widely used API frameworks to use with Django. The edge currently goes to Django REST framework based on rough community sentiment. Django REST framework continues to knock out great releases after the 3.0 release mark when Tom Christie ran a successful Kickstarter campaign.
Flask-RESTful is widely used for creating web APIs with Flask. It was originally open sourced by Twilio then moved into its own GitHub organization so engineers from outside the company could be core contributors.
Flask API is another common library for exposing APIs from Flask web applications.
Sandman is a widely used tool to automatically generate a RESTful API service from a legacy database without writing a line of code (though it's easily extensible through code).
Cornice is a REST framework for Pyramid.
Restless is a lightweight API framework that aims to be framework agnostic. The general concept is that you can use the same API code for Django, Flask, Bottle, Pyramid or any other WSGI framework with minimal porting effort.
Eve is a Python REST framework built with Flask, MongoDB and Redis. The framework's primary author Nicola Iarocci gave a great talk at EuroPython 2014 that introduced the main features of the framework.
Falcon is a fast and lightweight framework well suited to create RESTful APIs.
Hug built on-top of Falcon and Python3 with an aim to make developing Python driven APIs as simple as possible, but no simpler. Hug leverages Python3 annotations to automatically validate and convert incoming and outgoing API parameters.
Pycnic is a JSON-API-only framework designed with REST in mind.
Building, running and maintaining APIs requires as much effort as building, running and maintaining a web application. API testing frameworks are the equivalent of browser testing in the web application world.
zato-apitest invokes HTTP APIs and provides hooks for running through other testing frameworks.
Tavern is a pytest plugin for automated API testing.
Runscope is an API testing SaaS application that can test both your own APIs and external APIs that your application relies upon.
API Science is focused on deep API testing, including multi-step API calls and monitoring of external APIs.
An API is only as good as its documentation is a strongly held mantra in the web API world because so many APIs have poor documentation that prevents ease-of-use. If an API is not well documented then developers who have options to use something else will just skip it.
8 Open-Source Frameworks for Building APIs in Python presents a high-level overview of the options for building APIs in Python.
Adventures in running a free, public API is a quick story of a developer's geolocation API being abused and his lack of resources for preventing further abuse. Eventually he had to shut down the free plan and only provide a paid plan in addition to allowing others to host the open source code. Fraud and malware prevention are difficult problems so keep an eye on server utilization and endpoint calls growth to separate legitimate from illegitimate traffic.
API versioning is a wonderful article on the tradeoffs between including an API version in the URL compared to other common ways to version APIs.
API Doc JS allows a developer to embed markup in their documentation that will generate a site based on the endpoints available in the API.
10 Reasons Why Developers Hate Your API (And what to do about it) goes through the top difficulties and annoyances developers face when working with APIs and how you can avoid your API falling into the same traps.
NARWHL is a practical API design site for developers confused about what is appropriate for RESTful APIs.
Design a beautiful REST API reviews common design decisions regarding endpoints, versioning, errors and pagination. There is also a source material YouTube video where this blog post derives its recommendations from.
Move Fast, Don't Break Your API are slides and a detailed blog post from Amber Feng at Stripe about building an API, separating layers of responsibility, hiding backwards compatibility and a whole slew of other great advice for developers and API designers.
Self-descriptive, isn't. Don't assume anything. is an appeal that metadata makes a difference in whether APIs are descriptive or not.
Designing the Artsy API has their recommendations list for building an API based on their recent experiences.
Hacker News had a discussion on what's the best way to write an API spec? that provides a few different viewpoints on this topic.
Apigee's Web API Design ebook is free and contains a wealth of practical advice for what design decisions to make for your web API.
Documenting APIs: A guide for technical writers and engineers is a guide that covers good practices for thinking like a developer who will use your API, as well as what the documentation for endpoints and other important pieces should look like.
1-to-1 Relationships and Subresources in REST APIs tells the story of design decisions that were made during an API's creation and why those choices were made.
How many status codes does your API need? gives an answer from a Dropbox API developer as to their decision making process.
These two Stack Overflow questions and answers on Is it better to place a REST API on a subdomain or in a subfolder? and subdomain vs. subdirectory in web programming provide reasons and opinions on the debate around using a subdomain, for example api.fullstackpython.com versus www.fullstackpython.com/api/. There is also a nice summary of endpoint configurations in this article from ProgrammableWeb.
This API Design Guide is based on Heroku's best practices for the platform's API.
RESTful web services with Python is an interesting overview of the Python API frameworks space.
Implementing a RESTful Web API with Python & Flask is a good walkthrough for coding a Flask app that provides standard web API functionality such as proper HTTP responses, authentication and logging.
REST Hooks is an open source Python project that makes it easier to implement subscription-based "REST hooks". These REST hooks are similar to webhooks, but provide a different mechanism for subscribing to updates via a REST interface. Both REST hooks and webhooks are far more efficient than polling for updates and notifications.
Rate limiters provides a great overview of how limiting access in both the number of requests per second as well as the number of concurrent open connections can help keep your API alive during times of heavy traffic.
Serialization is common for transforming objects into web API JSON results. One company found the serialization performance of Django REST framework was lacking so they created Serpy and wrote a blog post with the results of its performance.
Designing a Web API gives a detailed walkthrough of concepts and design decisions you need to make when building an API.
Microsoft's REST API Guidelines are a detailed set of considerations for when you are building your own APIs that you want to be easily-consumable by other developers.
Designing Good Static REST API Documentation is about documentation not APIs themselves, but it covers a critical topic if you want your API to succeed: how to use the damn thing.
Building better API docs shows how Square used Swagger with React to create more helpful docs.
Best Practices For Creating Useful API Documentation covers standard but important topics such as knowing your audience, ensuring your documentation covers the error codes, and providing a changelog as well as terms of service.
If you're looking for a working example of a Django REST framework project, check out the PokeAPI, open sourced under the BSD license.
Pick an API framework appropriate for your web framework. For Django I recommend Django REST framework and for Flask I recommend Flask-RESTful.
Begin by building out a simple use case for the API. Generally the use case will either involve data that users want in a machine-readable format or a backend for alternative clients such as an iOS or Android mobile app.
Add an authentication mechanism through OAuth or a token scheme.
Add rate limiting to the API if data usage volume could be a performance issue. Also add basic metrics so you can determine how often the API is being accessed and whether it is performing properly.
Provide ample documentation and a walkthrough for how the API can be accessed and used.
Figure out other use cases and expand based on what you learned with the initial API use case.