Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API Antipatterns
Search
Mike Pearce
March 26, 2012
Technology
3
240
API Antipatterns
Everyone *knows* how to build an API. This document describes how to NOT build one.
Mike Pearce
March 26, 2012
Tweet
Share
More Decks by Mike Pearce
See All by Mike Pearce
Being Agile
mikepearce
9
4.6k
How Big Is It? A guide to agile estimation and planning
mikepearce
5
870
Effective User Stories
mikepearce
2
240
Thimbl
mikepearce
1
150
UX for Developers
mikepearce
2
320
The Shu Ha Ri of Agile
mikepearce
1
610
The Anatomical Dissection of a Sprint Backlog
mikepearce
1
280
Other Decks in Technology
See All in Technology
Platform開発が先行する Platform Engineeringの違和感
kintotechdev
4
560
COVESA VSSによる車両データモデルの標準化とAWS IoT FleetWiseの活用
osawa
1
270
これでもう迷わない!Jetpack Composeの書き方実践ガイド
zozotech
PRO
0
370
250905 大吉祥寺.pm 2025 前夜祭 「プログラミングに出会って20年、『今』が1番楽しい」
msykd
PRO
1
810
2つのフロントエンドと状態管理
mixi_engineers
PRO
3
100
生成AIでセキュリティ運用を効率化する話
sakaitakeshi
0
650
バイブスに「型」を!Kent Beckに学ぶ、AI時代のテスト駆動開発
amixedcolor
2
540
5分でカオスエンジニアリングを分かった気になろう
pandayumi
0
240
ZOZOマッチのアーキテクチャと技術構成
zozotech
PRO
3
1.5k
[ JAWS-UG 東京 CommunityBuilders Night #2 ]SlackとAmazon Q Developerで 運用効率化を模索する
sh_fk2
3
400
大「個人開発サービス」時代に僕たちはどう生きるか
sotarok
20
9.9k
Function Body Macros で、SwiftUI の View に Accessibility Identifier を自動付与する/Function Body Macros: Autogenerate accessibility identifiers for SwiftUI Views
miichan
2
180
Featured
See All Featured
Facilitating Awesome Meetings
lara
55
6.5k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Speed Design
sergeychernyshev
32
1.1k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
520
Balancing Empowerment & Direction
lara
3
620
Optimising Largest Contentful Paint
csswizardry
37
3.4k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
Side Projects
sachag
455
43k
Building Applications with DynamoDB
mza
96
6.6k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
36
2.5k
The World Runs on Bad Software
bkeepers
PRO
70
11k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
358
30k
Transcript
API Anti Patterns or, how to not f**k up your
API
API Anti Patterns or, how to not f**k up your
API
or, tips on how to annoy your API consumers
or, think you know REST? Awesome!
or, some of the crazy s**t people do with REST
Hello
Mike Pearce
http://social-network.com /MikePearce
http://social-network.com /MikeyPearce
http://social-network.com /mikepearce.net
http://social-network.com /MikePearce
An Apology
SONISPHERE @ Knebworth Flags should be banned a festivals!
Burritos: Best. Festival. Food. Ever.
None
Mike, Lee and Rog
SORRY
( ) HTTP REQUEST: That you get on with it...
Why am I here? REST
Why am I here? REST
Why am I here? REST Hah!
Why am I here? REST Huh?! ST
Do’s ✔
Do’s Dont’s ✔ ✘
Do’s Dont’s Whatevs.. ✔ ✘ ☠
But first... Some background
Who? Roy Fielding (the grandfather)
There!
Architectural Styles and the Design of Network- based Software Architectures
Can’t sleep? Read this...
None
A quick primer And now ...
REST != HTTP
REST != HTTP REST != The Web
REST
REST IS NOT
REST IS NOT HARD
REST IS NOT HARD Seriously!
Standards? We don’t need no steenkin’ standards!
MY CONSTRAINTS, LET ME SHOW YOU THEM
Some verbs...
Some nouns...
GET
PINT
PINT Please!
ANTI patterns Onto the main event
Overuse of ...
GET
None
Overuse of GET and POST or, GET/POST tunnelling.
None
None
BAD http://api.flickr.com/services/ rest/?method= flickr.photos.people.add &api_key=nnn&photo_id=yyy&u ser_id=xxx GET:
PUT: /user/MikePearce api_key=moo& age=33& size=medium& power=flight GOOD
PUT or POST? ASIDE PUT: /users/MikePearce PUT: /links/google PUT: /articles/100805/putorpost
PUT or POST? ASIDE POST: /documents/save name=styleguide.css& category=design
PUT or POST? ASIDE PUT when the resource will live
at the target URI POST when you want the server to handle the location of the resource.
POST: /dostuff/ user=MikePearce& action=delete& api_key=moo& token=quack& mode=3 BAD
GOOD DELETE: /user/MikePearce Wait! What? Why!?
Tunneling Errors through 200 OK?
Are you OK? I’m fine! Great! A 200 OK!
I’m fine! Are you OK? ARGGHH! He doesn’t understand me!
Great! A 200 OK!
This is better...
GET: /droid/r2d2 GET: /droid/c3po 404: Not the droids you’re looking
for
HTTP/1.1 200 OK Content-Type: text/plain <?xml version="1.0" encoding="UTF-8" ?> <response
code="error"> <error>Error!</error> <text>You have errored.</text> </response> What am I supposed to do with this?
RESPONSE CODES Which leads me nicely to...
IE has failed Informational
Success FTW!1
Redirection
Client Error (you try illustrating client error!)
Server Error It’s 1am. I can’t find an image for
server error.
HTTP/1.1 200 OK PUT: /user/MikePearce Meh..
HTTP/1.1 201 CREATED PUT: /user/MikePearce Huzzah!
HTTP/1.1 418 GET: /whatareyou
HTTP/1.1 418 I’m a teapot GET: /whatareyou This one is
real1!!
Caching
None
E-Tags
HTTP/1.1 304 NOT MODIFIED HTTP/1.1 200 OK Date: Mon, 23
May 2005 22:38:34 GMT Last-Modified: Wed, 08 Jan 2003 23:11:55 Etag: "3f80f-1b6-3e1cb03b" Connection: close Content-Type: text/html; charset=UTF-8
Mmm ... Delicious!
NO
HYPERMEDIA
HYPERMEDIA What is it?
HYPERMEDIA What is it?
HYPERMEDIA AS THE ENGINE OF APPLICATION STATE
oar...
HATEOAS (Remember hating oars)
Grey Areas
V3r510n1ng Versioning
GET: /user/MikePearce Him again. Prolific bastard.
GET: /user/MikePearce GET: /user/66
GET: /v1/user/MikePearce 1. Versioning with the URI GET: /v2/user/66
GET: /user/66 2. Not versioning the primary URI GET: /v1/user/MikePearce
GET: /user/66 3. No versioning
Document Extensions
Either
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml or
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml or Accept: text/xml Accept: application/json
SUM MARY Phew!
Overuse of GET and POST or, GET/POST tunnelling.
Tunneling Errors through 200 OK?
RESPONSE CODES Which leads me nicely to...
E-Tags
NO
HATEOAS (Remember hating oars)
V3r510n1ng Versioning
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml or Accept: text/xml Accept: application/json
Any questions? (that I can answer!)
Photo Credits Wordle.net flickr.com/photos/wouterkiel/3717057757/ - Wouter Kiel flickr.com/photos/joe_13/19946186/ - joe_13
flickr.com/photos/23846880@N00/391925649/ - Rutger de Moddertukker flickr.com/photos/mararie/264942105/ - mararie flickr.com/photos/ndanger/7841795/ - ndanger flickr.com/photos/yourdon/2573762303/ - Ed Yourdon flickr.com/photos/thunderchild5/225675773/ - Thunderchild7 flickr.com/photos/duchamp/126115989/ - Duchamp flickr.com/photos/thefangmonster/490423135/ - The fang monster flickr.com/photos/nostri-imago/2894328425/ - cliff1066 flickr.com/photos/epsos/4582789354/ - epSos.de flickr.com/photos/projector/2092517108/ - allie pasquier flickr.com/photos/nickstone333/3135320160/ - nickstone333 flickr.com/photos/rdrcollection/116454033/ - Rodney Ramsey flickr.com/photos/christophercarfi/2730304130/ - Christophercarfi flickr.com/photos/turatti/4526352835/ - jaci xIII
Mike Pearce
[email protected]
mikepearce.net twtitter.com/mikepearce Thanks!