UNIT_5

Introduction To APIs

.API is an abbreviation for Application Programming Interface which is a collection of

communication protocols and subroutines used by various programs to communicate between
them.

An API helps two programs or applications to communicate with each other by providing them
with necessary tools and functions. It takes the request from the user and sends it to the service
provider and then again sends the result generated from the service provider to the desired
user.

We can create an API for an operating system, database systems, hardware system, for a
JavaScript file or similar object oriented files.

An API is similar to a GUI(Graphical User Interface) with one major difference. Unlike GUI’s,
an API helps the software developers to access the web tools while a GUI helps to make a
program easier to understand by the users.

GUI stands for Graphical User Interface, a software platform that presents the back-end data
visually to users. API stands for Application Program Interface, which has a set of routines and
protocols that let your machines talk directly to other machines .

Here are a few common examples of APIs:

 Sharing flight information between airlines and travel sites.

 Using Google Maps in a rideshare app.
 Building chatbots in a messaging service.
 Embedding YouTube videos into a webpage.
 Automating workflows between B2B software tools.
Types of APIs:

There are three basic forms of API-

1. WEB APIs:

A Web API also called as Web Services is an extensively used API over the web and can be
easily accessed using the HTTP protocols. A Web API is an open source interface and can
be used by a large number of clients through their phones, tablets. or PC’s.

2. LOCAL APIs:
In this types of API, the programmers get the local middleware services. TAPI (Telephony
Application Programming Interface), .NET are common examples of Local API’s.

3. PROGRAM APIs:
It makes a remote program appears to be local by making use of RPC’s (Remote Procedural
Calls). SOAP is a well-known example of this type of API.
Few other types of APIs:

 SOAP (SIMPLE OBJECT ACCESS PROTOCOL): It defines messages in XML format

used by web applications to communicate with each other.
 REST (Representational State Transfer): It makes use of HTTP to GET, POST, PUT, or
DELETE data. It is basically used to take advantage of the existing data.
 JSON-RPC: It use JSON for data transfer and is a light-weight remote procedural call
defining few data structure types.
 XML-RPC: It is based on XML and uses HTTP for data transfer. This API is widely used to
exchange information between two or more networks.
Above are the various types and forms of API’s extensively used over web networks to
exchange information and to enhance communication between them.

Advantages of APIs –
 Efficiency: API produces efficient, quicker and more reliable results than the outputs
produced by human beings in an organization.
 Flexible delivery of services: API provides fast and flexible delivery of services according
to developers requirements.
 Integration: The best feature of API is that it allows movement of data between various
sites and thus enhances integrated user experience.
 Automation: As API makes use of robotic computers rather than humans, it produces better
and automated results.
 New functionality: While using API the developers find new tools and functionality for API
exchanges.
Disadvantages of APIs –
 Cost: Developing and implementing API is costly at times and requires high maintenance
and support from developers.
 Security issues: Using API adds another layer of surface which is then prone to attacks, and
hence the security risk problem is common in API’s.

Tips for Building an API

1.Versioning the APIs: It’s very important to identify and understand the notion of the
product that you are trying to build. This helps you to define the requirements upfront and
allows you to expose the behavior and functionalities of the application to the stakeholders.
From the beginning of the API development process, it becomes very important to keep
versioning your API in order to track the requirements and allow smooth changes in your
APIs.

2. Use API specification frameworks: They help in standardizing the development process
across organizations. They have tools that cover the entire development life cycle, right from
 the idea of the product to the final application. This provides better interoperability and allows
you to perform automation. You can use tools such as OpenAPI, Swagger, etc. They also allow
you to generate documentation, integrate with CI/CD tools all through a single unified
platform.
3. Create a structure for Error Response: You should design your APIs in such a way that
all your methods will return the error response in the same format and style. It looks odd if
some errors return the raw form of an error without any information which becomes difficult
for non-technical users to understand. Maintain a structure in such a way that the error
response contains information that is easy to understand.
4. Create well-explained documentation: While writing documentation might be a boring
and hefty task, it is equally important. They can be divided into two types.
5. Internal Documentation: It includes technical details such as code style, conventions for
naming methods, requests, parameters, responses, etc., and is mainly designed for other
developers working on the same project.
6. Public Documentation: It is mainly designed for users who will use your API. Here, you
need to describe how to use the API, how to make integrations, how to resolve errors, etc. in
simple and understandable language.
7. Create a format for each endpoint: It’s always better if you use a standard format to
specify each endpoint in your API. For example, for each endpoint, you can specify a sample
request, a small description about what happens, a description of the input parameters such as
name, type, required, etc., a sample response for the request, and a description of each field in
the response. You can use tools such as Swagger or can write them manually. It is advised to
keep the documentation up to date at all times.
8. Maintain a standard style for Paths and Parameters: You need to decide beforehand on
how you will name your API methods, the parameters, and other details. It’s not mandatory to
follow a generalized structure but it’s very important that you follow the same structure
throughout.
Consider the example below:

 GET https://myapi.sample.com/product/list – to get the list of all the products

 GET https://myapi.sample.com/productcodes – to get the product code for all the products.
 The example above is not recommended as it uses different naming conventions for similar
requests. For example, it uses a singular word product followed by a list to display all the
products while in the second example, it uses a plural word to display all the product code.

9. Always use filtering and pagination: It is very important that you offer a way for the users
to filter the results using pagination. For an API that returns lists of items, if you change the
order of items or the items themselves, it becomes difficult to filter those products. Hence, it’s
always recommended that you establish a pagination strategy to create a list of products.
For example,

 GET https://myapi.sample.com/product?page=1
 GET https://myapi.sample.com/product?page=2
 GET https://myapi.sample.com/product?page=3
The example stated above is a good practice to maintain a list of products or any other object.

10. Always secure your endpoints: Follow the C.I.A security triad which stands
for: Confidentiality, Integrity, Availability. You need to make sure that you adopt proper
authentication controls so that you as an admin would know who is trying to access your AP I.
You can use third-party authentication providers such as OAuth2 and JWT. One needs to
ensure integrity is achieved by adding authorization and proper access controls so that no
unauthorized users could tamper with your API. Finally, you should use rate limiters, caching,
and other similar tools to ensure that your API is available for use at all times and does not get
hindered by the large volume of traffic or infinite loops.

Introduction to Web Scraping

Web scraping is a technique to fetch data from websites. While surfing on the web, many
websites don’t allow the user to save data for personal use. One way is to manually copy-paste
the data, which both tedious and time-consuming.

Web Scraping is the automation of the data extraction process from websites. This event is
done with the help of web scraping software known as web scrapers. They automatically load
and extract data from the websites based on user requirements
 Uses of Web Scraping
 Brand Monitoring and Competition Analysis: Web Scraping is used to get customer
feedback regarding a particular service or product so as to understand how a customer feels
regarding that particular thing. It is also used to extract competitor data in a structural,
usable format.

 Machine Learning: Machine Learning is a process of Artificial Intelligence in which the

machine is allowed to learn and improve with its experience rather than being explicitly
programmed.

 Financial Data Analysis: Web Scraping is used to keep a record of the stock market in a
usable format and hence employ the same for insights.

 Social Media Analysis: It is used to extract data from social media sites to gauge customer
trends, and how they react to the campaign.

 SEO monitoring: Search Engine Optimization is the optimization of the visibility and
ranking of a website among different search engines like Google, Yahoo, Bing, etc. Web
scraping is used to understand how the ranking of the content over time.

Techniques of Web Scraping: There are two ways of extracting data from
websites, the Manual extraction technique, and the automated extraction
technique.

 Manual Extraction Techniques: Manually copy-pasting the site content comes under this
technique. Though tedious, time taking and repetitive it is an effective way to scrap data
from the sites having good anti-scraping measures like bot detection.
 Automated Extraction Techniques: Web scraping software is used to automatically extract
data from sites based on user requirement.

HTML Parsing: Parsing means to convert the information in one form to another form that is
easy to that is easier to work on with. HTML parsing means taking in the code and extracting
relevant information from it based on the user requirement. Mainly executed using JavaScript,
the target as the name suggests are HTML pages.

DOM Parsing: The Document Object Model is the official recommendation of the World
Wide Web Consortium. It defines an interface that enables a user to modify and update the
style, structure, and content of the XML document.

Web Scraping Software: Now a days, many web scraping tools are available or are custom
build on users need to extract required desiring information from millions of websites.

Tool for Web Scraping: Web Scraping tools are specifically developed for extracting data
from the internet. Also, known as web harvesting tools or data extraction tools, they are useful
for anyone trying to collect specific data from websites as they provide the user with structured
data extracting data from a number of websites. Some of the most popular Web Scraping tools
are:
 Import.io
 Webhose.io
 Dexi.io
 Scrapinghub
 Parsehub

Legalization of Web Scraping:

Web Scraping is the process of automatically extracting data and particular information from
websites using software or script. The extracted information can be stored in various formats
like SQL, Excel, and HTML. it can be used for various purposes such as –
 Competitive Analysis
 Lead generation
 Contact Information Accessibility
 Brand Monitoring
 Social Media Scraping
 Research and Development
 Extracting Financial Statement, etc.

However, the law regarding Web Scraping is not transparent but there are still some
regulations in which you can fall for doing unauthorized web scraping. Some of these are listed
below:

 Violation of the Digital Millennium Copyright Act (DMCA)

 Violation of the Computer Fraud and Abuse Act (CFAA)
 Breach of Contract
 Copyright Infringement
 Trespassing, etc.

Examples …
LinkedIn Vs HiQ
Facebook Vs Power Ventures
Clockodillo
 writing a New API
What is API? How it is useful in Web Development?
API stands for Application Programming Interface
Most common real life use of API concepts include:
 Waiter in a restaurant taking your order request to the chef and bringing back the requested
dish
 Switchboard turning off the tubelight just on a single press
 Booking a flight online from sites like MMT(web based)
 Signing up in a shopping site from Facebook Account(web based)

Different APIs will communicate in different ways:

 XML-RCP/SOAP: Both uses XML
 JavaScript: Focused around Javascript
 RESTful APIs: HTTP protocol (HyperText Transfer Protocol) used (best for web APIs)

ASP.NET Web API:

Where to use Web API?
1. Web APIs are very useful in implementation of RESTFUL web services using .NET
framework.
2. Web API helps in enabling the development of HTTP services to reach out to client entities
like browser, devices or tablets.
3. ASP.NET Web API can be used with MVC for any type of application.
4. A web API can help you develop ASP.NET application via AJAX.
5. Hence, web API makes it easier for the developers to build an ASP.NET application that is
compatible with any browser and almost any device.

Popular API Examples:

1. Google Maps API’s: Google Maps APIs allows developers to use Google Maps on
Webpages using a JavaScript or Flash interface.
2. YouTube API’s: Google’s API lets developers integrate YouTube and functionality into
websites or applications. YouTube APIs include the YouTube analytics API, YouTube Data
API, YouTube live streaming API, YouTube Player APIs and others.
3. The Flickr APIs: It is used by developers to access the Flick photo sharing community data.
4. Twitter APIs: Twitter offers two APIs, the REST API allows developers to access core
Twitter data and the search API provides methods for developers to interact with twitter
search and trends data.

Representational state transfer (REST) is a software architectural style which uses a subset
of HTTP It is commonly used to create interactive applications that use Web services. A Web
service that follows these guidelines is called RESTful.
 REST's client–server separation of concerns simplifies component implementation,
reduces the complexity of connector semantics, improves the effectiveness of performance
tuning, and increases the scalability of pure server components. Layered system constraints allow
intermediaries—proxies, gateways, and firewalls—to be introduced at various points in the
communication without changing the interfaces between components, thus allowing them to
assist in communication translation or improve performance via large-scale, shared caching.
REST enables intermediate processing by constraining messages to be self-descriptive:
interaction is stateless between requests, standard methods and media types are used to indicate
semantics and exchange information, and responses explicitly indicate cacheability

cURL
The cURL stands for ‘Client for URLs’, originally with URL spelled in uppercase to make it
obvious that it deals with URLs. It is pronounced as ‘see URL’. The cURL project has two
products libcurl and curl.
 libcurl: A free and easy-to-use client-side URL transfer library, supporting FTP, TPS,
HTTP, HTTPS, GOPHER, TELNET, DICT, FILE, and LDAP. libcurl supports TTPS
certificates, HTTP POST, HTTP PUT, FTP uploading, kerberos, HTTP based upload,
proxies, cookies, user & password authentication, file transfer resume, HTTP proxy
tunneling and many more. libcurl is free, thread -safe, IPv6 compatible, feature rich, well
supported and fast.

 curl: A command line tool for getting or sending files using URL syntax. Since curl uses
libcurl, it supports a range of common internal protocols, currently including HTTP, HTTPS,
FTP, FTPS, GOPHER, TELNET, DICT, and FILE.
What is PHP/cURL?
The module for PHP that makes it possible for PHP programs to access curl functions within
PHP. cURL support is enabled in PHP, the phpinfo() function will display in its output. You
are requested to check it before writing your first simple programme in PHP.
 Simple Uses: The simplest and most common request/operation made using HTTP is to get
a URL. The URL itself can refer to a webpage, an image or a file. The client issues a GET
request to the server and receives the document it asked for.
Some basic cURL functions:
 The curl_init() function will initialize a new session and return a cURL handle.
 curl_exec($ch) function should be called after initialize a cURL session and all the options
for the session are set. Its purpose is simply to execute the predefined CURL session (g iven
by ch).
 curl_setopt($ch, option, value) set an option for a cURL session identified by the ch
parameter. Option specifies which option is to set, and value specifies the value for the given
option.
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1) return page contents. If set 0 then no
output will be returned.
 curl_setopt($ch, CURLOPT_URL, $url) pass URL as a parameter. This is your target server
website address. This is the URL you want to get from the internet.
 curl_exec($ch) grab URL and pass it to the variable for showing output.
 curl_close($ch) close curl resource, and free up system resources.
curl is a command line tool to transfer data to or from a server, using any of the supported
protocols (HTTP, FTP, IMAP, POP3, SCP, SFTP, SMTP, TFTP, TELNET, LD AP or
FILE). curl is powered by Libcurl. This tool is preferred for automation, since it is designed
to work without user interaction. curl can transfer multiple file at once .

ReaLTime Reactions
Real Time Systems:
Real time system means that the system is subjected to real time, i.e., response should be
guaranteed within a specified timing constraint or system should meet the specified deadline.
For example: flight control system, real time monitors etc.

Types of real time systems based on timing constraints:

1. Hard real time system –

This type of system can never miss its deadline. Missing the deadline may have disastrous
consequences.The usefulness of result produced by a hard real time system decreases
 abruptly and may become negative if tardiness increases. Tardiness means how late a real
time system completes its task with respect to its deadline. Example: Flight controller
system.
2. Soft real time system –
This type of system can miss its deadline occasionally with some acceptably low probability.
Missing the deadline have no disastrous consequences. The usefulness of result produced by
a soft real time system decreases gradually with increase in tardiness. Example: Telephone
switches.
Reference model of real time system: Our reference model is characterized by three
elements:
1. A workload model: It specifies the application supported by system.
2. A resource model: It specifies the resources available to the application.
3. Algorithms: It specifies how the application system will use resources.

Terms related to real time system:

 Job – A job is a small piece of work that can be assigned to a processor and may or may not
require resources.
 Task – A set of related jobs that jointly provide some system functionality.
 Release time of a job – It is the time at which job becomes ready for execution.
 Execution time of a job – It is the time taken by job to finish its execution.
 Deadline of a job – It is the time by which a job should finish its execution. Deadline is of
two types: absolute deadline and relative deadline.
 Response time of a job – It is the length of time from release time of a job to the instant
when it finishes.
 Maximum allowable response time of a job is called its relative deadline.
 Absolute deadline of a job is equal to its relative deadline plus its release time.
 Processors are also known as active resources. They are essential for execution of a job. A
job must have one or more processors in order to execute and proceed towards completion.
Example: computer, transmission links.
 Resources are also known as passive resources. A job may or may not require a resource
during its execution. Example: memory, mutex
 Two resources are identical if they can be used interchangeably else they are heterogeneous.

Polling and Streaming

In systems, clients and servers communicate together in which client requests and server
responds back to the respective client with requested data.

Polling

It is defined as the process when a client requests a particular piece of data at regular intervals
(maybe every x seconds) and the server reverts with a usual response with the required data.

In these scenarios, where the client needs to update the data (get the data from the server)
regularly at instant mode, polling may not benefit your architecture.
Streaming
Streaming is done through sockets, In Layman terms, sockets are a file that your computer can
write/read from in a long width connection with another computer, an open connection till one
machine turns it off.
Ex: Designing a Chat Application just like WhatsApp/Instagram and many others

Key Point: In Polling, for a response of a server, each request is sent, but in streaming, the
client listens openly with no external request of data from the server. On the server-side, for
streaming, it would not wait for data to send for every request but will push the data as it
 notices any changes. Through streaming, you can get instant experience of chatting without
any delay nor sending 10-20 requests per second per client.
use-case here you may prefer polling as there is no real need of open connection and every 30
sec you can get the data updated.

What are Long-Polling, Websockets, Server-Sent Events (SSE) and

Comet?
There are different ways for client-side to interact with the server-side in real time, i.e., Long-
Polling, Websockets, Server-Sent Events (SSE) and Comet.

1.Long Polling:
It is a technology where the client requests information from the server without expecting an
immediate response or basically involves making an HTTP request to a server and then holding
the connection open to allow the server to respond later. Using long polling the server allows
approximately 6 parallel connections from the browser.
Long polling is the oldest ways and hence is supported on all web browsers. Though due to the
fewer updates in this it does not provide re-connection handling.
2.Websockets:
 WebSocket is a computer communication protocol that enables us full-duplex
communication channels over a single transfer control protocol (TCP) connection.
 The WebSocket protocol enables interaction between a web browser and a web server
with low weight overheads, providing real-time data transfer from and to the server.
 This is done by defining a standard way for the server to send information to the client
without being first requested by the client, and then allowing messages to be passed to
and fro while keeping the connection open.
 Websockets are majorly accepted in web browsers such as google chrome, opera, edge,
firefox, safari etc. WebSockets is light on the browser and it provides up to 1024
parallel connections from the browser.
3.Server-Sent Events (SSE):
 It is a technology enabling a browser such that it receives automatic updates from any
server using an HTTP connection.
 It is a standard that describes how servers initialize data transmission with the client
once an initial client connection is set up. They send message updates or continuous
updates to a client to increase cross-browser streaming through a javascript API called
EventSource.
 SSE is supported by a few browsers such as Mozilla, Chrome, and Safari. Internet
Explorer and Edge still don’t support this technique. It also supports up to 6 parallel
connections from the browser.
4. Comet:
 It is a web application model in which a long-held HTTPS request allows the server to
push data to a client-server i.e. a web browser without the web browser explicitly
requesting any data update.
 The basic idea behind developing Comet was to make a single and regular HTTPS
request and depend on a never ending response from the server.
 The web server takes new incoming request and starts a new response with the current
data, but the server will not end the response and hence the browser keeps the
connection open and waiting for new data, whenever new data arrives the server will
write that to the response stream.
 Specific methods of implementing Comet fall into two major categories: streaming and
long polling.
I. Streaming –
Any application that uses streaming Comet opens a single constant
connection from the client browser to the server for all the Comet events.
Techniques for streaming Comet are-
(a) Hidden iframe

(b) XMLHttpRequest

II. Long Polling –

Specific technologies for accomplishing long-polling include:
 (a) XMLHttpRequest long polling

(b) Script tag long polling

Message Queue Telemetry Transport Protocol (MQTT)

 MQTT is simple, lightweight messaging protocol used to establish communication
between multiple devices. It is TCP-based protocol relying on publish-subscribe
model.

 This communication protocol is suitable for transmitting data between resource-

constrained devices having low bandwidth and low power requirements.

Publish-Subscribe Model :

This model involves multiple clients interacting with each other, without having any
direct connection established between them. All clients communicate with other clients
only via third party known as Broker.

MQTT Client and Broker :

Clients publish messages on different topics to broker. The broker is central server that
receives these messages and filters them based on their topics. It then sends these messages to
respective clients that have subscribed to those different topics. Hence client that has
subscribed to specific topic receives all messages published on that topic.

Here the broker is central hub that receives messages, filters them, and distributes them to appropriate clients, such
that both message publishers, as well as subscribers, are clients.
 Advantages :
1. Easy Scalability –

This model is not restricted to one-to-one communication between clients. Although

publisher client sends single message on specific topic, broker sends multiple messages to all
different clients subscribed to that topic. Similarly, messages sent by multiple such publisher
clients on multiple different topics will be sent to all multiple clients subscribed to those
topics.

Hence one-to-many, many-to-one, as well as many-to-many communication is possible using

this model. Also, clients can publish data and at the same time receive data due to this two-way
communication protocol. Hence MQTT is considered to be bi-directional protocol. The default
unencrypted MQTT port used for data transmission is 1883. The encrypted port for secure
transmission is 8883.

2. Eliminates insecure connections –

In a complex system where multiple devices are connected with each other, each device
not only has to manage its connections with other devices but also has to ensure that
these connections are secure. But in publish-subscribe model, broker becomes central
server managing all security aspects. It is responsible for authentication and
authorization of all connected clients.
3. Lightweight Communication
Data transmission is quick, efficient, and lightweight because MQTT messages have
small code footprint. These control messages have fixed header of size 2 bytes and
payload message up to size 256 megabytes.
 Extensible Messaging and Presence Protocol

XMPP is a short form for Extensible Messaging Presence Protocol. It’s protocol for
streaming XML elements over a network in order to exchange messages and presence
information in close to real time. This protocol is mostly used by instant messaging
applications like WhatsApp.
These are the basic requirements of any Instant Messenger which are fulfilled by XMPP:

1. Send and receive messages with other users.

2. Check and share presence status
3. Manage subscriptions to and from other users.
4. Manage contact list
5. Block communications(receive message, sharing presence status, etc) to specific users.

XMPP features:

Decentralised –
XMPP is based on client-server architecture, i.e. clients don’t communicate directly, they do it
with the help of server as intermediary. It is decentralised means there is no centralised XMPP
server just like email, anyone can run their own XMPP server.
XMPP implementation –
The original protocol for XMPP is Transmission Control Protocol, using open ended XML
streams over long lived TCP connections.
In some cases, there are restricted firewalls, XMPP(port 5222) is blocked, so it can’t be used
for web applications and users behind restricted firewalls, to overcome this, XMPP community
also developed a HTTP transport.

And as the client uses HTTP, most firewalls allow clients to fetch and post messages without
any problem. Thus, in scenarios where the TCP port used by XMPP is blocked, a server can
listen on the normal HTTP port and the traffic should pass without problems.
 Constrained Application Protocol.
Constrained Application Protocol (CoAP) is a specialized Internet Application Protocol for
constrained devices, as defined in RFC 7252.

It enables those constrained devices called "nodes" to communicate with the wider Internet using
similar protocols.

CoAP is designed for use between devices on the same constrained network (e.g., low-power,
lossy networks), between devices and general nodes on the Internet, and between devices on
different constrained networks both joined by an internet. CoAP is also being used via other
mechanisms, such as SMS on mobile communication networks.

CoAP is a service layer protocol that is intended for use in resource-constrained internet devices,
such as wireless sensor network nodes. CoAP is designed to easily translate to HTTP for
simplified integration with the web, while also meeting specialized requirements such
as multicast support, very low overhead, and simplicity.

The Internet Engineering Task Force (IETF) Constrained RESTful Environments Working
Group (CoRE) has done the major standardization work for this protocol. In order to make the
protocol suitable to IoT and M2M applications, various new functions have been added. The core
of the protocol is specified in RFC 7252; important extensions are in various stages of the
standardization process.

he smallest CoAP message is 4 bytes in length, if omitting Token, Options and Payload. CoAP
makes use of two message types, requests and responses, using a simple, binary, base header
format. The base header may be followed by options in an optimized Type-Length-Value format.
CoAP is by default bound to UDP and optionally to DTLS, providing a high level of
communications security.

Any bytes after the headers in the packet are considered the message body. The length of the
message body is implied by the datagram length. When bound to UDP, the entire message
MUST fit within a single datagram. When used with 6LoWPAN as defined in RFC 4944,
messages SHOULD fit into a single IEEE 802.15.4 frame to minimize fragmentation.
Version (VER) (2 bits) :Indicates the CoAP version number.
Type (2 bits)
This describes the datagram's message type for the two message type context of Request and
Response.

 Request
o 0 : Confirmable : This message expects a corresponding Acknowledgement message.
o 1 : Non-confirmable : This message does not expect a confirmation message.
 Response
o 2 : Acknowledgement : This message is a response that acknowledge a confirmable
message
o 3 : Reset : This message indicates that it had received a message but could not process it.

Token Length (4 bits): Indicates the length of the variable-length Token field, which may be 0-
8 bytes in length.
The three most significant bits form a number known as the "class", which is analogous to
the class of HTTP status codes. The five least significant bits form a code that communicates
further detail about the request or response. The entire code is typically communicated in the
form