IndustriesWorkPlaybookHow it worksAboutBook a systems auditBring us your idea

How do the parts of my app fit together?

Straight answer

The parts of your app connect in a chain: a visitor uses the frontend in their browser, which sends requests to the backend on a server, which reads or writes the database, and sends the answer back to be shown. Outside services are reached through APIs, and secret keys hold it together safely.

Information current as at 5 July 2026

You have met the pieces separately, the frontend, the backend, the database, APIs, keys, environment variables. This is the article that assembles them into a single picture. Once you can trace how they connect, and follow a single click all the way through, your app stops being a black box and becomes a system you can reason about.

Plain English
Frontend
The visible part in the visitor's browser, where clicks and typing happen.
Backend
The server-side part that receives requests, applies rules and does the real work.
Database
The organised store where the app keeps information it needs to remember.
API
The defined way one part or service asks another to do something and get an answer.

The five pieces, in one picture

Almost every app is made of the same small cast, arranged the same way. The frontend is what the visitor sees and clicks, running in their browser. The backend is the code on a server that receives what the frontend sends, decides what to do, and does the trusted work. The database is where information is stored and fetched. APIs are the defined ways these parts, and any outside services like payments or email, talk to each other. And secret keys, kept safe as environment variables, are the credentials that let the parts connect without letting strangers in. Picture them as a line: visitor and frontend on the left, backend in the middle, database on the right, with APIs as the roads between them and keys as the locks on the doors. Nearly every app you will ever meet is a variation on this one arrangement, which is why learning it once pays off endlessly.

Following a single click

The best way to feel how the parts connect is to follow one action from start to finish. Say a visitor fills in a booking form and presses submit. The frontend, in their browser, gathers what they typed and sends it as a request to the backend, using an API. The backend receives it and first applies the rules: is this person logged in, are they allowed to do this, is the requested slot actually free. If all is well, the backend writes the new booking into the database, perhaps calls a payment service or an email service through their APIs to charge a deposit or send a confirmation, and then sends a response back up to the frontend. The frontend receives that answer and updates the screen to say the booking is confirmed. That whole journey, click to server to database to services and back to screen, happens in a moment, and it is the shape of almost everything an app does.

No pressure
Show us what you built.

If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.

Why knowing the map helps you

Holding this picture in your head is not academic; it changes how you handle real situations. When something breaks, the map tells you where to look: a problem showing the right data is usually the backend or database, while a problem with how things look is usually the frontend. When you worry about safety, the map tells you the important work, and the secrets, live in the backend and database, out of the visitor's reach, which is why front-end polish says nothing about safety. When you get a bill, the map explains it: the always-on backend and database cost money, and the APIs to outside services can charge by use. And when you ask for help, being able to say which part you think is involved turns a vague plea into a precise question. The map converts a mysterious whole into named parts you can point at.

What your AI tool built, and what to check

When you built with an AI tool, you mostly shaped the frontend directly, while the tool quietly assembled the backend, the database, the API connections and the keys underneath. That is why so much of your app is invisible to you: the visible layer is the part you touched, but the connected machinery beneath it is doing the real work. Knowing the map lets you ask the right questions of what you own. Where does the database live and who controls the account? Are the keys stored safely as environment variables, or exposed where a visitor could read them? Does the backend actually enforce the rules, or does the frontend only pretend to? Are the outside services connected in a way you understand and can afford? You do not need to build any of this yourself to ask these questions. The map is what makes the questions obvious, and asking them is how you move from having built something to genuinely understanding and owning it.

Common questions

Questions, answered

What are the main parts of an app?
The frontend the visitor sees, the backend on a server that does the real work, the database that stores information, the APIs that let these parts and outside services talk, and the secret keys that connect them safely. Nearly every app is a version of this same arrangement.
What actually happens when I click a button in an app?
The frontend sends your action as a request to the backend, which checks the rules, reads or writes the database, perhaps calls outside services through their APIs, then sends an answer back to the frontend to update your screen. That whole journey happens in a moment.
Why is understanding how the parts fit together useful?
Because it tells you where to look when something breaks, why safety lives in the backend not the visible front, what is driving your costs, and how to ask a precise question when you want help. It turns a mysterious whole into named parts you can point at.
Which parts did my AI tool build for me?
You mostly shaped the frontend, the visible layer, while the tool assembled the backend, database, API connections and keys underneath. That hidden machinery does the real work, which is why it deserves the questions: where the data lives, whether keys are safe, and whether the rules are truly enforced.
No pressure
Show us what you built.

If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.

Start here

Two doors. Same senior team.

Whether you can name exactly what you want built, or you just know something is leaking, the next step is the same conversation.