It doesn’t take much to realise that, as a newcomer to development looking to build your own application, there are many programming languages available for creating an API efficiently.
The most commonly used languages in the API space are typically Python, Node.js, GoLang, Java (Spring), and C#, each with its own benefits and restrictions, and each with its own framework that can then be chosen.
The problem we encounter between a selected language and a chosen framework is that the versioning of the language and the package are independent of one another. This adds an additional level of potential complexity when switching between the version of the language and the framework used, as well as potential packages that may need to be installed.
Taking the above into consideration is essential when selecting a language and framework for your next project. Open-source resources, a large corporation, or a mix of both can maintain some languages and frameworks. In either scenario, the proclivity of bugs and the time taken to resolve them may differ immensely.
The same can be said about third-party packages (NPM, PIP, Nuget, etc.), but that is a discussion for another time.
Python
With Python, the primary frameworks used in an API solution would typically be Django, Flask, or FastAPI. Frameworks extend the base Python installation, providing their own implementations to support functionality tailored for API development.
You will note that the packages listed below have a combination of open-source and internal contributors.
Django
Django was created in 2003, first publicly released in 2005, and its first major milestone was launched in 2008.
The framework has many baked-in features ‘under the hood’, reducing the need to implement code for items such as authentication, URL routing, and threat mitigation in the form of cross-site scripting and SQL injection. It also makes use of an Object-Relational Mapper (ORM) to assist in integrations to databases, and a Model-View-Template architectural pattern.
Django offers many strong advantages and covers most requirements for building an API application. However, there are some drawbacks to consider before jumping in:
Databases — depending on your choice of database technology, you may need to use a third-party package to connect to your data. The current list of supported databases is: PostgreSQL, MariaDB, MySQL, Oracle, and SQLite.
Asynchronous — although the framework has added async support from version 3.1 and up, not everything within the framework itself has the functionality. One of the core components, being the ORM, is still synchronous. This stems from Python’s Global Interpreter Lock (GIL), which is still synchronous.
Complexity — this is a common trend with large frameworks. There is a monumental amount of functionality baked into the framework, which can be very difficult to set up and come to terms with. This may make implementing a new project with no reference cumbersome or take up a large amount of time.
Serialization — there are several references to serializing and deserialising complex objects using high computation resources.
Flask
Flask has a bit of a unique origin story as it was created for an April Fool’s joke, but once it had received a bit of attention, the creators decided to publish the framework for public use.
Flask is an extremely lightweight framework, with very little baked-in functionality (in comparison to other frameworks utilized in the API space), giving credence to the reference ‘microframework’. As such, any requirement to implement extensive functionality requires the code to be written from scratch or a third-party package to be implemented.
It also shares some common drawbacks with many Python frameworks, including a lack of native asynchronous support and a reliance on third-party packages to enable it.
The built-in server is not suited for production, as it runs on a single thread. This limitation is compounded by the framework’s synchronous nature, which can quickly become a bottleneck without third-party support.
FastAPI
This framework is still relatively new and therefore quite exciting. Released in 2018, it lacks the long history of other frameworks but includes many built-in dependencies that cover the vast majority of requirements.
Out of the box, this framework is built with asynchronous support from the ground up, making it an excellent option if Python is a preferred choice.
Being a newer framework, it also adopts modern programming paradigms, including integration with OpenAPI, JSON Schema, and dependency injection.
Although there is some great functionality for the framework, especially considering how young the framework is, there are a few drawbacks.
Due to its relative newness, there is less shared knowledge available, which can make finding solutions to certain issues more challenging.
The asynchronous functionality is not a one-size-fits-all solution. It relies on different libraries and therefore needs to be implemented accordingly.
The framework does not enforce a specific project structure and relies on the developer to maintain clean, organised code. In contrast, Django follows an MVT pattern, while the C# .NET framework typically enforces an MVC structure.
Node.js
As an open-source runtime, it does not require a separate base language installation and can be used independently without an additional framework layered on top. Initially released in 2009, it was only executable on Unix-based systems, but support was extended to Windows in 2011. Node.js also serves as the foundation for many JavaScript and TypeScript frameworks.
As a runtime that underpins many frameworks, Node.js offers a vast ecosystem of functionality, supported by its own package manager, NPM.
As the “.js” suggests, code is written in the widely known and well-documented JavaScript language, making implementation generally straightforward and supported by clear best-practice guidelines. However, while the vast and mature NPM ecosystem offers a wealth of packages, their quality is not guaranteed. Care must be taken to ensure that any selected package aligns with the project’s requirements.
This runtime by default only makes use of a single CPU thread and requires careful development within the worker_threads, which can be extremely complex. Even though the runtime only operates on one thread, asynchronous operations utilising ‘promise’ and ‘await’ reduce bottlenecking of the thread.
CPU-heavy computations should be avoided unless there is a clear intention to manage the added complexity of worker_threads and custom thread handling.
Even with well-established JavaScript best practices, there is no enforced project structure, placing full responsibility on the developer to write clean and maintainable code.
GoLang
‘Go’ is the first of the three compiled languages discussed and is also the youngest. Initially designed in 2007, it was publicly announced in 2009, with version 1.0 released in 2012. Go is known for its efficiency and simple syntax. Its design draws inspiration from languages such as C and Python, incorporating traits like static typing, readability, and elements of object-oriented programming.
As a compiled language, Go offers greater control over threading and memory management, making it well-suited for building efficient API applications across various environments. Deployment is also streamlined, as applications are compiled into a single binary.
As with all things new, much like FastAPI, some features are not elegantly handled by the language itself. One such example is error handling, which typically involves checking error values or using the built-in error type at the point of each call. This can lead to repetitive code patterns. Furthermore, the built-in compiler garbage collection has reportedly caused unpredictable pauses if triggered unexpectedly.
Generics were only added in version 1.18 (Marched 2022), and thus the knowledge base on the implementation is not yet well documented.
As the language continues to mature over the coming years, its popularity is likely to grow significantly.
Java
Java was released in 1995 and gained popularity rapidly due to its ability to run on virtually any environment enabled by the Java Virtual Machine (JVM) and later the Java Runtime Environment (JRE). This allowed Java to be far more competitive than some of its alternatives.
Java initially had a reputation for being slower than competitors like C++, largely due to higher memory usage. However, this was largely mitigated with the introduction of Just-In-Time (JIT) compilation.
Java is compiled into an intermediate, representational code, Java bytecode, which is then utilized in the JVM or JRE environments. Although this is useful, the correct version of the JVM or JRE must be maintained, with potential downtime or maintenance periods to ensure updates are done. Some of this can be mitigated based on the hosting solutions utilised.
Java (Spring)
Now onto Spring, it was released in 2014 and has become one of the most popular frameworks for producing API solutions. Spring is also open source, with a large community contributing to the upkeep.
The framework neatly packages key dependencies essential for API applications, enabling a quick and straightforward start to getting a solution up and running.
As a framework built on top of Java, Spring inherits the core benefits of the language and extends them with additional features, including an “opinionated” approach that guides developers toward a structured implementation.
The framework includes embedded servers such as Tomcat, Jetty, and Undertow, allowing the API to be deployed as a standalone JAR within the target environment.
Some production-ready features include metrics, health checks, security, and externalised configurations.
Similar to C#, Spring uses annotations within its controllers. For example, ‘@RestController’ can be applied at the class level to designate the controller as a RESTful service.
Mappings can also be specified as either GET (‘@GetMapping’), POST (‘@PostMapping’), PUT (‘@PutMapping’), DELETE (‘@DeleteMapping’), and PATCH (‘@PatchMapping’), ensuring that the HTTP method is clearly specified. This supports strong endpoint conventions, allowing a controller to handle routes with the same path while executing different logic based on the HTTP method.
C# .NET 10
Although this point is centered around C# and its latest stable version, it’s interesting to understand a little bit about the origins of the language.
C# was founded on C and C++ in 1999, and was first publicly announced in 2000. C was created in the 1970s, which was a successor to B. C++ was, in turn, founded on C in 1985. So, although C# has been around for roughly 26 years, the fundamentals were founded approximately 56 years ago.
C# was published by Microsoft, and they have been the sole custodian of the language since then. They have acquired many open-source packages to embed within their ecosystem, reducing the need to utilise third-party solutions.
The language has evolved through several frameworks over the years. It began with .NET Framework 1.0, which was fully proprietary to Microsoft, with its final major release being version 4.8 in 2018. In 2014, Microsoft introduced .NET Core as a successor, offering a more modern, cross-platform, and open-source approach.
.NET Core was later renamed to simply .NET, with its first release as .NET 5, skipping version 4 to avoid confusion with .NET Framework 4.x. This transition followed Microsoft’s decision to discontinue further development of the .NET Framework beyond version 4.8.
Today, .NET is an open-source platform with Microsoft acting as its primary steward, allowing for community contributions that help drive the development of new features and functionality.
Since 2019, Microsoft has released new major versions of both C# and .NET on an annual basis. The release cycle alternates between short-term support (STS) versions (typically the odd-numbered releases), aimed at introducing and testing new features, and long-term support (LTS) versions (the even-numbered releases), designed for projects that require stability over an extended period.
Since there have been continuous updates over the years, C# and .NET have improved drastically in performance, security, and stability.
.NET 10 provides a well-structured environment to create APIs, with the flexibility to choose between creating a lightweight minimal API or a controller-based approach, depending on the needs of the application.
.NET includes a wide range of built-in features that enable applications to be up and running with minimal setup. Notable examples include automatic JSON serialization, routing and model binding, JWT (JSON Web Token) support, protection against XSS and CSRF attacks, and built-in HTTPS support.
C# and .NET do come with a relatively steep learning curve, given the number of libraries and their complexity. Additionally, there is a level of dependency on Microsoft for the platform’s direction, updates, and bug fixes, which may be a consideration for some individuals and organisations.
Conclusion
Choosing the right framework is never simply about performance benchmarks or popularity charts; it is about stability, maintainability, ecosystem maturity, and long-term support. Python frameworks such as Django, Flask, and FastAPI each offer compelling strengths, but they come with trade-offs in asynchronous consistency, structural enforcement, or ecosystem maturity. Node.js provides enormous flexibility and an unmatched package ecosystem, yet places structural responsibility squarely on the developer. Go offers performance and simplicity through compilation and concurrency control, though certain language features and patterns are still evolving. Java with Spring delivers enterprise-grade robustness and structure, but requires careful management of the JVM ecosystem and configuration complexity.
This is where C# and .NET distinguish themselves. Unlike many language–framework combinations where versioning, governance, and ecosystem direction are fragmented, .NET operates as a unified platform under a clear and consistent release strategy. The alignment between the C# language and the .NET runtime reduces the uncertainty around compatibility. The predictable cadence of short-term and long-term support releases provides both innovation and stability.
Beyond governance considerations, .NET offers a well-rounded architecture: near-native performance, mature asynchronous capabilities, clear and enforced project structure, built-in security, and strong first-party integrations that minimise reliance on third-party dependencies. Developers can choose minimal APIs for lightweight services or structured controllers for enterprise applications, without sacrificing cohesion across the platform.
While no framework is without drawbacks, .NET’s blend of performance, structure, tooling, and long-term stewardship makes it a compelling choice for modern API development. It offers not just a way to build applications, but a stable and scalable foundation upon which those applications can evolve confidently over time.
- Written and researched by Damian Matthews, Senior Developer at CBOS.