Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Building APIs
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Justin Yost
July 03, 2015
Programming
1
7.4k
Building APIs
Justin Yost
July 03, 2015
Tweet
Share
More Decks by Justin Yost
See All by Justin Yost
Laravel 6, 7 and Other Goodies
justinyost
2
92
PHP and Databases
justinyost
2
55
Ansible: What Is It and What Is It Good For?
justinyost
0
55
Generators: All About the Yield
justinyost
0
11
Laravel 6: What's New and What's Changed
justinyost
0
220
Middleware: Between the Framework and the Browser
justinyost
2
100
Caching and You and You and You and You...
justinyost
0
76
Git: The Pain and the Gain
justinyost
0
170
Generators: All About the Yield
justinyost
0
280
Other Decks in Programming
See All in Programming
ぼくの開発環境2026
yuzneri
0
110
16年目のピクシブ百科事典を支える最新の技術基盤 / The Modern Tech Stack Powering Pixiv Encyclopedia in its 16th Year
ahuglajbclajep
5
990
AI Agent Tool のためのバックエンドアーキテクチャを考える #encraft
izumin5210
6
1.8k
FOSDEM 2026: STUNMESH-go: Building P2P WireGuard Mesh Without Self-Hosted Infrastructure
tjjh89017
0
150
React 19でつくる「気持ちいいUI」- 楽観的UIのすすめ
himorishige
11
6k
CSC307 Lecture 04
javiergs
PRO
0
660
AI巻き込み型コードレビューのススメ
nealle
0
120
それ、本当に安全? ファイルアップロードで見落としがちなセキュリティリスクと対策
penpeen
7
2.4k
AI前提で考えるiOSアプリのモダナイズ設計
yuukiw00w
0
220
MDN Web Docs に日本語翻訳でコントリビュート
ohmori_yusuke
0
640
Oxlintはいいぞ
yug1224
5
1.3k
疑似コードによるプロンプト記述、どのくらい正確に実行される?
kokuyouwind
0
380
Featured
See All Featured
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
How to train your dragon (web standard)
notwaldorf
97
6.5k
HDC tutorial
michielstock
1
360
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
0
270
Build The Right Thing And Hit Your Dates
maggiecrowley
38
3k
Google's AI Overviews - The New Search
badams
0
900
Producing Creativity
orderedlist
PRO
348
40k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
minecr
0
140
The AI Search Optimization Roadmap by Aleyda Solis
aleyda
1
5.2k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
180
Designing Powerful Visuals for Engaging Learning
tmiket
0
220
Transcript
Building APIs Justin Yost Web Developer at Loadsys 4 twitter.com/jtyost2
4 github.com/jtyost2 4 yostivanich.com
What is an API 4 API - Application Programming Interface
4 One thing talks to another thing. 4 Twitter, Facebook, AWS, all have APIs.
Why do you need an API 4 JS Front End
Framework? 4 An app? 4 Talk to other servers than the ones you own/ provision?
Design 4 APIs are for developers 4 APIs are for
in-house developers 4 APS are for outside developers 4 APIs are for possibly all level of developers
https://stripe.com/docs/ api
APIs are hard
Key Tips For Designing an API 4 Consistency 4 Standards
(REST, HTTP, OAuth) 4 Versioning 4 Documentation (API Blueprint) 4 Don't just present the database
Consistency 4 Endpoints /people and /people/15 vs /person and /person/15
Consistency 4 Output { "people": { {"name": "First"}, {"name": "Second"}
} } vs { "person": { "name": "First" } }
Standards 4 REST 4 OAuth 2.0 4 JSON (JSON API
hit 1.0 recently)
REST Uniform Interface 4 System of endpoints 4 Provides enough
information to be self describing 4 Provides enough information to manipulate 4 The interface is HTTP itself
REST Stateless 4 HTTP is Stateless by design 4 Web
apps though tend to care about state 4 State is what stored information do I already know when you make the request (Session is State)
REST Cacheable 4 API should respond with Cache Headers as
appropriate 4 API Clients should respect Cache Headers
REST Client-Server 4 Separation of Concerns 4 Client - presents
data, protects user state 4 Server - stores data
REST Layered System 4 Clients may not always talk directly
to the API server 4 Talk to an Auth Server, then a caching server, then API server
Design REST 4 REST enforces a pattern
Design REST 4 REST is HTTP 4 HTTP is more
than GET, POST, PUT, DELETE 4 OPTIONS and HEAD 4 Idempotent Methods (GET, HEAD, DELETE, PUT) 4 Return Correct and Valid Headers
Design OAuth 2.0 4 http://oauth.net/2/ 4 https://aaronparecki.com/articles/2012/07/29/1/ oauth2-simplified 4 Short
URL: http://jty.me/1dEQyge 4 Support for a variety of authentication schemes 4 Tons of pre-existing libraries and packages
Design JSON 4 Use JSON 1st and primarily 4 Maybe
XML - are you a bank or law firm or Google? 4 Consider JSON API (Like really really consider it)
Design Versioning 4 /api/v1/foo 4 /api/foo HEADERS: {'api-v': '1.0'} 4
/api/foo HEADERS: {'Accept': 'application/ vnd.domain.v2+json'} 4 https://v1.domain.com/api/foo
Design Documentation 4 Clear 4 Complete 4 Examples (CURL, PHP,
Java, Ruby, Node, Go, etc)
Design Documentation 4 API Blueprint: https://apiblueprint.org/ # GET /message +
Response 200 (text/plain) Hello World!
Design Documentation 4 Dredd: https://github.com/apiaryio/dredd
Design Don't just present the Database 4 Database and API
are different and unique 4 Think through the complex pieces of the API 4 APIs can make thins simpler in the final view
This stuff is really hard 4 You'll mess up 4
You'll forget something 4 You'll build it weird 4 That's why we version things
Some other tips 4 SSL 4 Build stuff with your
API, that'll tell you how hard it is 4 Read other API docs and build with their API 4 Provide Libraries
Questions?