Lesson 1 of 3 · OpenAI API Fundamentals
API Architecture Overview
A product manager at a healthcare startup needed to add AI-powered triage to their patient intake form. She had used ChatGPT daily for months, but when the CTO said "just use the API," she froze. The web interface felt like magic. The API felt like a locked door.
It is not. The OpenAI API is a straightforward HTTP service. You send a JSON request, you get a JSON response. Everything ChatGPT does runs on the same API you are about to learn. The difference is that you control every parameter, every token, every dollar spent.
1 endpoint
is all you need to start -- POST /v1/chat/completions handles 90% of use cases
The Core Mental Model
The OpenAI API follows standard REST conventions. Every interaction is an HTTP request to a specific endpoint, authenticated with a Bearer token, carrying a JSON payload. The server processes your request and returns a JSON response -- or, if you enable streaming, a series of server-sent events.
That is it. No WebSockets, no long-lived connections, no binary protocols. If you have ever called a REST API, you already know the transport layer.
Authentication: API Keys and Scoping
Every request requires an API key passed in the Authorization header:
OpenAI uses a hierarchy for access control: Organization > Project > API Key. This matters more than most tutorials acknowledge.
You can pass organization and project IDs as headers if your key spans multiple:
API keys are bearer tokens -- anyone who has the key has your access. Never commit keys to git. Never expose them in client-side JavaScript. Use environment variables and server-side proxies. A leaked key on a public GitHub repo will be exploited within minutes -- automated scrapers watch for them.
The Two Main API Surfaces
OpenAI currently offers two primary ways to interact with language models:
| API | Endpoint | Status | Best For |
|---|---|---|---|
| Chat Completions | /v1/chat/completions | Stable, widely used | Straightforward text generation, well-understood patterns |
| Responses | /v1/responses | Newer, recommended for new projects | Built-in tools, reasoning control, agentic workflows |
Chat Completions is the API most tutorials and SDKs use. It is tested and will continue to be supported. The Responses API is OpenAI's newer surface that adds built-in tools (web search, code interpreter, file search) and first-class reasoning model support. We cover both in this course.
Start with Chat Completions to learn the fundamentals. Move to the Responses API when you need built-in tools or reasoning control. Both are production-ready.
Assume Chat Completions is deprecated or that you must use Responses immediately. Chat Completions is stable, widely supported, and perfectly fine for most use cases.
SDKs: Python and Node.js
While you can call the API with raw HTTP requests, the official SDKs handle retry logic, streaming parsing, and type safety for you.
Python:
Node.js:
Both SDKs follow the same pattern: create a client, call a method that mirrors the API endpoint, get back a typed response object. The SDK automatically reads your API key from the OPENAI_API_KEY environment variable.
Set Up Your API Key
beginnerRequest and Response Anatomy
Every Chat Completions request has this shape:
Every response has this shape:
The usage field tells you exactly how many tokens you consumed. At GPT-4.1-mini's pricing, 112 tokens costs a fraction of a cent. But at scale -- millions of requests per day -- those fractions add up fast. Always log usage.
Build token logging into your application from day one. Not day two, not "when we scale." Day one. The usage object in every response gives you prompt_tokens and completion_tokens. Store them. You will need this data for cost forecasting, anomaly detection, and optimization.
Use ← → to navigate, Space to mark complete