An Application Programming Interface (API) allows different software programs to communicate with one another by allowing for data exchange. In short, APIs allow for the sharing of data that is necessary for Apps to function. This allows for:
Each API specifies who may get access to their data and for what purpose. Whether through a third-party app, or directly through code, the data source will want to authenticate the request. There are generally two types of authentication: project-based and user-based.
With project-based approaches, a researcher may be granted an API key tied to a specific project they've identified. Another researcher who has permission to use that key may use it to access the API, and all search results/queries will be saved to the project. The identities of who is utilizing the API key might not be stored.
For user-based approaches, a researcher may be granted a user-specific authentication token. With Google, for example, the authentication token is comprised of a "key" and "secret." The token is tied to the user's Google account. This means that other researchers can not use the authentication token but must apply for their own. Twitter's API uses a similar method for its 30-day searches.
A researcher may write their own code to directly access an API. They may also use packages or third-party apps that have already written the code needed to access the API.