Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Building APIs
Search
Justin Yost
July 03, 2015
Programming
1
7.3k
Building APIs
Justin Yost
July 03, 2015
Tweet
Share
More Decks by Justin Yost
See All by Justin Yost
Laravel 6, 7 and Other Goodies
justinyost
2
87
PHP and Databases
justinyost
2
50
Ansible: What Is It and What Is It Good For?
justinyost
0
43
Generators: All About the Yield
justinyost
0
11
Laravel 6: What's New and What's Changed
justinyost
0
220
Middleware: Between the Framework and the Browser
justinyost
2
96
Caching and You and You and You and You...
justinyost
0
65
Git: The Pain and the Gain
justinyost
0
140
Generators: All About the Yield
justinyost
0
270
Other Decks in Programming
See All in Programming
Zendeskのチケットを Amazon Bedrockで 解析した
ryokosuge
3
250
Testing Trophyは叫ばない
toms74209200
0
490
オープンセミナー2025@広島LT技術ブログを続けるには
satoshi256kbyte
0
150
CJK and Unicode From a PHP Committer
youkidearitai
PRO
0
100
AIを活用し、今後に備えるための技術知識 / Basic Knowledge to Utilize AI
kishida
19
4.5k
AWS発のAIエディタKiroを使ってみた
iriikeita
1
150
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
170
Improving my own Ruby thereafter
sisshiki1969
1
150
コンテキストエンジニアリング Cursor編
kinopeee
1
750
速いWebフレームワークを作る
yusukebe
5
1.6k
go test -json そして testing.T.Attr / Kyoto.go #63
utgwkk
2
220
Langfuseと歩む生成AI活用推進
licux
3
320
Featured
See All Featured
Designing for Performance
lara
610
69k
Agile that works and the tools we love
rasmusluckow
330
21k
Making Projects Easy
brettharned
117
6.4k
4 Signs Your Business is Dying
shpigford
184
22k
The Cult of Friendly URLs
andyhume
79
6.6k
Being A Developer After 40
akosma
90
590k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
800
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.9k
Six Lessons from altMBA
skipperchong
28
4k
Building a Modern Day E-commerce SEO Strategy
aleyda
43
7.5k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3.1k
Transcript
Building APIs Justin Yost Web Developer at Loadsys 4 twitter.com/jtyost2
4 github.com/jtyost2 4 yostivanich.com
What is an API 4 API - Application Programming Interface
4 One thing talks to another thing. 4 Twitter, Facebook, AWS, all have APIs.
Why do you need an API 4 JS Front End
Framework? 4 An app? 4 Talk to other servers than the ones you own/ provision?
Design 4 APIs are for developers 4 APIs are for
in-house developers 4 APS are for outside developers 4 APIs are for possibly all level of developers
https://stripe.com/docs/ api
APIs are hard
Key Tips For Designing an API 4 Consistency 4 Standards
(REST, HTTP, OAuth) 4 Versioning 4 Documentation (API Blueprint) 4 Don't just present the database
Consistency 4 Endpoints /people and /people/15 vs /person and /person/15
Consistency 4 Output { "people": { {"name": "First"}, {"name": "Second"}
} } vs { "person": { "name": "First" } }
Standards 4 REST 4 OAuth 2.0 4 JSON (JSON API
hit 1.0 recently)
REST Uniform Interface 4 System of endpoints 4 Provides enough
information to be self describing 4 Provides enough information to manipulate 4 The interface is HTTP itself
REST Stateless 4 HTTP is Stateless by design 4 Web
apps though tend to care about state 4 State is what stored information do I already know when you make the request (Session is State)
REST Cacheable 4 API should respond with Cache Headers as
appropriate 4 API Clients should respect Cache Headers
REST Client-Server 4 Separation of Concerns 4 Client - presents
data, protects user state 4 Server - stores data
REST Layered System 4 Clients may not always talk directly
to the API server 4 Talk to an Auth Server, then a caching server, then API server
Design REST 4 REST enforces a pattern
Design REST 4 REST is HTTP 4 HTTP is more
than GET, POST, PUT, DELETE 4 OPTIONS and HEAD 4 Idempotent Methods (GET, HEAD, DELETE, PUT) 4 Return Correct and Valid Headers
Design OAuth 2.0 4 http://oauth.net/2/ 4 https://aaronparecki.com/articles/2012/07/29/1/ oauth2-simplified 4 Short
URL: http://jty.me/1dEQyge 4 Support for a variety of authentication schemes 4 Tons of pre-existing libraries and packages
Design JSON 4 Use JSON 1st and primarily 4 Maybe
XML - are you a bank or law firm or Google? 4 Consider JSON API (Like really really consider it)
Design Versioning 4 /api/v1/foo 4 /api/foo HEADERS: {'api-v': '1.0'} 4
/api/foo HEADERS: {'Accept': 'application/ vnd.domain.v2+json'} 4 https://v1.domain.com/api/foo
Design Documentation 4 Clear 4 Complete 4 Examples (CURL, PHP,
Java, Ruby, Node, Go, etc)
Design Documentation 4 API Blueprint: https://apiblueprint.org/ # GET /message +
Response 200 (text/plain) Hello World!
Design Documentation 4 Dredd: https://github.com/apiaryio/dredd
Design Don't just present the Database 4 Database and API
are different and unique 4 Think through the complex pieces of the API 4 APIs can make thins simpler in the final view
This stuff is really hard 4 You'll mess up 4
You'll forget something 4 You'll build it weird 4 That's why we version things
Some other tips 4 SSL 4 Build stuff with your
API, that'll tell you how hard it is 4 Read other API docs and build with their API 4 Provide Libraries
Questions?