Everything I've Learned About APIs But Been Too Afraid To Talk About... Until Now

Transcript

1. Michael Price Lead Developer, Aero Commerce

2. 👋

3. Michael Price Lead Developer, Aero Commerce Integration Specialist 20+ Years

   Experience 👤

4. Father of two Volunteer at Darlington Football Club Webmaster and

   Commentator 👤

5. (NENDEST) NARKOOTIKUMIDEST EI TEA ME (KÜLL) MIDAGI 5MIINUST x PUULUUP

6. EVERYTHING I’VE LEARNED ABOUT APIS BUT BEEN TOO AFRAID TO

   TALK ABOUT …UNTIL NOW.

7. WHAT’S THIS TALK ABOUT? • WHAT APIS ARE USED FOR

   • WHAT TO DO - AND WHAT NOT TO DO • …WHETHER CREATING OR CONSUMING • BEST PRACTICES • TIPS AND TRICKS

8. WHAT IS AN API?

9. WHAT IS AN API? • APPLICATION PROGRAMMING INTERFACE • A

   WAY FOR TWO APPLICATIONS TO “TALK” TO EACH OTHER • AN “APPLICATION” CAN BE SOFTWARE, SUCH AS A WEBSITE, OR MOBILE APP… • …OR HARDWARE SUCH AS A CARD TERMINAL OR SMART SPEAKER

10. WHAT IS AN API? • APIS EXPOSE ENDPOINTS • YOUR

    APPLICATION CALLS THESE ENDPOINTS TO GET, CREATE OR UPDATE DATA

11. • GEOLOCATION • SEARCH • MAPS • PLACES • DIRECTIONS

    GOOGLE MAPS

12. • LEAGUE TABLES • DIRECT DEBITS • PAYPAL • TICKETING

    • CUSTOM DARLINGTON FC

13. • PAYMENTS • EPOS • STOCK CONTROL • ANALYTICS •

    CRM AERO

14. • PLAYLISTS • ARTISTS • ALBUMS • TRACKS SPOTIFY

15. COMMON API TYPES • SOAP • SIMPLE OBJECT ACCESS PROTOCOL

    • XML ONLY

16. COMMON API TYPES • REST • REPRESENTATIONAL STATE TRANSFER •

    FLEXIBLE PAYLOADS (JSON, XML, PLAIN TEXT ETC.)

17. COMMON API TYPES • GRAPHQL • ORIGINALLY DEVELOPED AT FACEBOOK

    • JSON ONLY

18. AUTHENTICATION

19. AUTHENTICATION • HTTP BASIC • API KEY • OAUTH •

    JWT

20. USE THE RIGHT REQUEST METHOD

21. USE THE RIGHT REQUEST METHOD - retrieve a list of

    resources - retrieve a speci fi c resource - create a new resource - replace a resource - update a resource - delete a resource

22. USE THE RIGHT HEADERS

23. USE THE RIGHT HEADERS • Accept AND Content-Type • USEFUL

    IF AN API CAN OUTPUT MULTIPLE CONTENT TYPES

24. USE THE RIGHT STATUS CODES

25. USE THE RIGHT STATUS CODES • 200 OK • 201

    Created • 202 Accepted • 204 No Content 2xx - THE GOOD ONES

26. USE THE RIGHT STATUS CODES • 301 Permanent Redirect •

    302 Temporary Redirect • 304 Not Modified • 307 Permanent Redirect • 308 Temporary Redirect 3xx - THE INFORMATIONAL ONES

27. USE THE RIGHT STATUS CODES • 400 Bad Request •

    401 Unauthorised • 403 Forbidden • 404 Not Found 4xx - THE CLIENT ERRORS

28. USE THE RIGHT STATUS CODES • 405 Method Not Allowed

    • 429 Too Many Requests • 418 I’m a teapot 4xx - THE CLIENT ERRORS

29. USE THE RIGHT STATUS CODES • 500 Internal Server Error

    • 502 Bad Gateway • 503 Service Unavailable • 504 Gateway Timeout 5xx - THE SERVER ERRORS

30. USE THE RIGHT STATUS CODES

31. USE THE RIGHT STATUS CODES

32. RETURNING CONTENT

33. RETURNING CONTENT

34. RESPECT RATE LIMITS

35. RESPECT RATE LIMITS IF YOU GET THIS… …TRY AND DO

    THIS

36. DOCUMENTATION

37. DOCUMENTATION • BE THOROUGH • INCLUDE EXAMPLE PAYLOADS • INCLUDE

    EXAMPLE RESPONSES • USE THE OPENAPI SPEC • CONSIDER PROVIDING AN SDK • …AND A SANDBOX / PLAYGROUND

38. DOCUMENTATION SWAGGER / OPENAPI Source: swagger.io

39. DOCUMENTATION REDOC Source: redocly.com

40. DOCUMENTATION STOPLIGHT Source: stoplight.io

41. DOCUMENTATION SLATE Source: github.com/slatedocs/slate

42. TESTING TOOLS

43. TESTING TOOLS POSTMAN Source: postman.com

44. TESTING TOOLS RAPIDAPI

45. TESTING TOOLS INSOMNIA Source: insomnia.rest

46. TESTING TOOLS HURL Source: hurl.dev

47. X: @mikkyx82 LinkedIn [email protected]

48. 🙂

49. Q+A