Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API Antipatterns
Search
Mike Pearce
March 26, 2012
Technology
3
240
API Antipatterns
Everyone *knows* how to build an API. This document describes how to NOT build one.
Mike Pearce
March 26, 2012
Tweet
Share
More Decks by Mike Pearce
See All by Mike Pearce
Being Agile
mikepearce
9
4.6k
How Big Is It? A guide to agile estimation and planning
mikepearce
5
870
Effective User Stories
mikepearce
2
240
Thimbl
mikepearce
1
150
UX for Developers
mikepearce
2
320
The Shu Ha Ri of Agile
mikepearce
1
610
The Anatomical Dissection of a Sprint Backlog
mikepearce
1
280
Other Decks in Technology
See All in Technology
「魔法少女まどか☆マギカ Magia Exedra」の必殺技演出を徹底解剖! -キャラクターの魅力を最大限にファンに届けるためのこだわり-
gree_tech
PRO
0
430
Kubernetes における cgroup driver のしくみ: runwasi の bugfix より
z63d
2
110
オブザーバビリティが広げる AIOps の世界 / The World of AIOps Expanded by Observability
aoto
PRO
0
240
Kiroと学ぶコンテキストエンジニアリング
oikon48
5
4.3k
まだ間に合う! StrandsとBedrock AgentCoreでAIエージェント構築に入門しよう
minorun365
PRO
10
700
サポートエンジニアから見たRancher運用の現場
masap
0
110
シークレット管理だけじゃない!HashiCorp Vault でデータ暗号化をしよう / Beyond Secret Management! Let's Encrypt Data with HashiCorp Vault
nnstt1
2
130
ヘブンバーンズレッドにおける、世界観を活かしたミニゲーム企画の作り方
gree_tech
PRO
0
420
『FailNet~やらかし共有SNS~』エレベーターピッチ
yokomachi
1
190
プロダクトの成長に合わせたアーキテクチャの段階的進化と成長痛、そして、ユニットエコノミクスの最適化
kakehashi
PRO
1
110
250905 大吉祥寺.pm 2025 前夜祭 「プログラミングに出会って20年、『今』が1番楽しい」
msykd
PRO
1
200
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
30k
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
100
5.8k
Art, The Web, and Tiny UX
lynnandtonic
302
21k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
131
19k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Code Reviewing Like a Champion
maltzj
525
40k
The Language of Interfaces
destraynor
160
25k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.6k
Java REST API Framework Comparison - PWX 2021
mraible
33
8.8k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
570
Site-Speed That Sticks
csswizardry
10
800
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
Transcript
API Anti Patterns or, how to not f**k up your
API
API Anti Patterns or, how to not f**k up your
API
or, tips on how to annoy your API consumers
or, think you know REST? Awesome!
or, some of the crazy s**t people do with REST
Hello
Mike Pearce
http://social-network.com /MikePearce
http://social-network.com /MikeyPearce
http://social-network.com /mikepearce.net
http://social-network.com /MikePearce
An Apology
SONISPHERE @ Knebworth Flags should be banned a festivals!
Burritos: Best. Festival. Food. Ever.
None
Mike, Lee and Rog
SORRY
( ) HTTP REQUEST: That you get on with it...
Why am I here? REST
Why am I here? REST
Why am I here? REST Hah!
Why am I here? REST Huh?! ST
Do’s ✔
Do’s Dont’s ✔ ✘
Do’s Dont’s Whatevs.. ✔ ✘ ☠
But first... Some background
Who? Roy Fielding (the grandfather)
There!
Architectural Styles and the Design of Network- based Software Architectures
Can’t sleep? Read this...
None
A quick primer And now ...
REST != HTTP
REST != HTTP REST != The Web
REST
REST IS NOT
REST IS NOT HARD
REST IS NOT HARD Seriously!
Standards? We don’t need no steenkin’ standards!
MY CONSTRAINTS, LET ME SHOW YOU THEM
Some verbs...
Some nouns...
GET
PINT
PINT Please!
ANTI patterns Onto the main event
Overuse of ...
GET
None
Overuse of GET and POST or, GET/POST tunnelling.
None
None
BAD http://api.flickr.com/services/ rest/?method= flickr.photos.people.add &api_key=nnn&photo_id=yyy&u ser_id=xxx GET:
PUT: /user/MikePearce api_key=moo& age=33& size=medium& power=flight GOOD
PUT or POST? ASIDE PUT: /users/MikePearce PUT: /links/google PUT: /articles/100805/putorpost
PUT or POST? ASIDE POST: /documents/save name=styleguide.css& category=design
PUT or POST? ASIDE PUT when the resource will live
at the target URI POST when you want the server to handle the location of the resource.
POST: /dostuff/ user=MikePearce& action=delete& api_key=moo& token=quack& mode=3 BAD
GOOD DELETE: /user/MikePearce Wait! What? Why!?
Tunneling Errors through 200 OK?
Are you OK? I’m fine! Great! A 200 OK!
I’m fine! Are you OK? ARGGHH! He doesn’t understand me!
Great! A 200 OK!
This is better...
GET: /droid/r2d2 GET: /droid/c3po 404: Not the droids you’re looking
for
HTTP/1.1 200 OK Content-Type: text/plain <?xml version="1.0" encoding="UTF-8" ?> <response
code="error"> <error>Error!</error> <text>You have errored.</text> </response> What am I supposed to do with this?
RESPONSE CODES Which leads me nicely to...
IE has failed Informational
Success FTW!1
Redirection
Client Error (you try illustrating client error!)
Server Error It’s 1am. I can’t find an image for
server error.
HTTP/1.1 200 OK PUT: /user/MikePearce Meh..
HTTP/1.1 201 CREATED PUT: /user/MikePearce Huzzah!
HTTP/1.1 418 GET: /whatareyou
HTTP/1.1 418 I’m a teapot GET: /whatareyou This one is
real1!!
Caching
None
E-Tags
HTTP/1.1 304 NOT MODIFIED HTTP/1.1 200 OK Date: Mon, 23
May 2005 22:38:34 GMT Last-Modified: Wed, 08 Jan 2003 23:11:55 Etag: "3f80f-1b6-3e1cb03b" Connection: close Content-Type: text/html; charset=UTF-8
Mmm ... Delicious!
NO
HYPERMEDIA
HYPERMEDIA What is it?
HYPERMEDIA What is it?
HYPERMEDIA AS THE ENGINE OF APPLICATION STATE
oar...
HATEOAS (Remember hating oars)
Grey Areas
V3r510n1ng Versioning
GET: /user/MikePearce Him again. Prolific bastard.
GET: /user/MikePearce GET: /user/66
GET: /v1/user/MikePearce 1. Versioning with the URI GET: /v2/user/66
GET: /user/66 2. Not versioning the primary URI GET: /v1/user/MikePearce
GET: /user/66 3. No versioning
Document Extensions
Either
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml or
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml or Accept: text/xml Accept: application/json
SUM MARY Phew!
Overuse of GET and POST or, GET/POST tunnelling.
Tunneling Errors through 200 OK?
RESPONSE CODES Which leads me nicely to...
E-Tags
NO
HATEOAS (Remember hating oars)
V3r510n1ng Versioning
Either GET: /reports/tpsreport/summary.json GET: /reports/tpsreport/summary.xml or Accept: text/xml Accept: application/json
Any questions? (that I can answer!)
Photo Credits Wordle.net flickr.com/photos/wouterkiel/3717057757/ - Wouter Kiel flickr.com/photos/joe_13/19946186/ - joe_13
flickr.com/photos/23846880@N00/391925649/ - Rutger de Moddertukker flickr.com/photos/mararie/264942105/ - mararie flickr.com/photos/ndanger/7841795/ - ndanger flickr.com/photos/yourdon/2573762303/ - Ed Yourdon flickr.com/photos/thunderchild5/225675773/ - Thunderchild7 flickr.com/photos/duchamp/126115989/ - Duchamp flickr.com/photos/thefangmonster/490423135/ - The fang monster flickr.com/photos/nostri-imago/2894328425/ - cliff1066 flickr.com/photos/epsos/4582789354/ - epSos.de flickr.com/photos/projector/2092517108/ - allie pasquier flickr.com/photos/nickstone333/3135320160/ - nickstone333 flickr.com/photos/rdrcollection/116454033/ - Rodney Ramsey flickr.com/photos/christophercarfi/2730304130/ - Christophercarfi flickr.com/photos/turatti/4526352835/ - jaci xIII
Mike Pearce
[email protected]
mikepearce.net twtitter.com/mikepearce Thanks!