Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Building APIs
Search
Justin Yost
July 03, 2015
Programming
1
7.3k
Building APIs
Justin Yost
July 03, 2015
Tweet
Share
More Decks by Justin Yost
See All by Justin Yost
Laravel 6, 7 and Other Goodies
justinyost
2
87
PHP and Databases
justinyost
2
51
Ansible: What Is It and What Is It Good For?
justinyost
0
43
Generators: All About the Yield
justinyost
0
11
Laravel 6: What's New and What's Changed
justinyost
0
220
Middleware: Between the Framework and the Browser
justinyost
2
97
Caching and You and You and You and You...
justinyost
0
66
Git: The Pain and the Gain
justinyost
0
140
Generators: All About the Yield
justinyost
0
270
Other Decks in Programming
See All in Programming
@Environment(\.keyPath)那么好我不允许你们不知道! / atEnvironment keyPath is so good and you should know it!
lovee
0
120
AIと私たちの学習の変化を考える - Claude Codeの学習モードを例に
azukiazusa1
11
4.4k
パッケージ設計の黒魔術/Kyoto.go#63
lufia
3
440
Cache Me If You Can
ryunen344
2
3.1k
機能追加とリーダー業務の類似性
rinchoku
2
1.3k
知っているようで知らない"rails new"の世界 / The World of "rails new" You Think You Know but Don't
luccafort
PRO
1
190
Android 16 × Jetpack Composeで縦書きテキストエディタを作ろう / Vertical Text Editor with Compose on Android 16
cc4966
2
260
はじめてのMaterial3 Expressive
ym223
2
900
AIでLINEスタンプを作ってみた
eycjur
1
230
個人開発で徳島大学生60%以上の心を掴んだアプリ、そして手放した話
akidon0000
1
150
楽して成果を出すためのセルフリソース管理
clipnote
0
190
テストカバレッジ100%を10年続けて得られた学びと品質
mottyzzz
2
610
Featured
See All Featured
Producing Creativity
orderedlist
PRO
347
40k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
GraphQLの誤解/rethinking-graphql
sonatard
72
11k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
The Cost Of JavaScript in 2023
addyosmani
53
8.9k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
131
19k
A Modern Web Designer's Workflow
chriscoyier
696
190k
Thoughts on Productivity
jonyablonski
70
4.8k
A better future with KSS
kneath
239
17k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
252
21k
GraphQLとの向き合い方2022年版
quramy
49
14k
Transcript
Building APIs Justin Yost Web Developer at Loadsys 4 twitter.com/jtyost2
4 github.com/jtyost2 4 yostivanich.com
What is an API 4 API - Application Programming Interface
4 One thing talks to another thing. 4 Twitter, Facebook, AWS, all have APIs.
Why do you need an API 4 JS Front End
Framework? 4 An app? 4 Talk to other servers than the ones you own/ provision?
Design 4 APIs are for developers 4 APIs are for
in-house developers 4 APS are for outside developers 4 APIs are for possibly all level of developers
https://stripe.com/docs/ api
APIs are hard
Key Tips For Designing an API 4 Consistency 4 Standards
(REST, HTTP, OAuth) 4 Versioning 4 Documentation (API Blueprint) 4 Don't just present the database
Consistency 4 Endpoints /people and /people/15 vs /person and /person/15
Consistency 4 Output { "people": { {"name": "First"}, {"name": "Second"}
} } vs { "person": { "name": "First" } }
Standards 4 REST 4 OAuth 2.0 4 JSON (JSON API
hit 1.0 recently)
REST Uniform Interface 4 System of endpoints 4 Provides enough
information to be self describing 4 Provides enough information to manipulate 4 The interface is HTTP itself
REST Stateless 4 HTTP is Stateless by design 4 Web
apps though tend to care about state 4 State is what stored information do I already know when you make the request (Session is State)
REST Cacheable 4 API should respond with Cache Headers as
appropriate 4 API Clients should respect Cache Headers
REST Client-Server 4 Separation of Concerns 4 Client - presents
data, protects user state 4 Server - stores data
REST Layered System 4 Clients may not always talk directly
to the API server 4 Talk to an Auth Server, then a caching server, then API server
Design REST 4 REST enforces a pattern
Design REST 4 REST is HTTP 4 HTTP is more
than GET, POST, PUT, DELETE 4 OPTIONS and HEAD 4 Idempotent Methods (GET, HEAD, DELETE, PUT) 4 Return Correct and Valid Headers
Design OAuth 2.0 4 http://oauth.net/2/ 4 https://aaronparecki.com/articles/2012/07/29/1/ oauth2-simplified 4 Short
URL: http://jty.me/1dEQyge 4 Support for a variety of authentication schemes 4 Tons of pre-existing libraries and packages
Design JSON 4 Use JSON 1st and primarily 4 Maybe
XML - are you a bank or law firm or Google? 4 Consider JSON API (Like really really consider it)
Design Versioning 4 /api/v1/foo 4 /api/foo HEADERS: {'api-v': '1.0'} 4
/api/foo HEADERS: {'Accept': 'application/ vnd.domain.v2+json'} 4 https://v1.domain.com/api/foo
Design Documentation 4 Clear 4 Complete 4 Examples (CURL, PHP,
Java, Ruby, Node, Go, etc)
Design Documentation 4 API Blueprint: https://apiblueprint.org/ # GET /message +
Response 200 (text/plain) Hello World!
Design Documentation 4 Dredd: https://github.com/apiaryio/dredd
Design Don't just present the Database 4 Database and API
are different and unique 4 Think through the complex pieces of the API 4 APIs can make thins simpler in the final view
This stuff is really hard 4 You'll mess up 4
You'll forget something 4 You'll build it weird 4 That's why we version things
Some other tips 4 SSL 4 Build stuff with your
API, that'll tell you how hard it is 4 Read other API docs and build with their API 4 Provide Libraries
Questions?