Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Designing mobile APIs

Radoslav Stankov
November 30, 2013
Technology
3
230

Designing mobile APIs

Video: https://www.youtube.com/watch?v=Y6LiPJV0EH4

Radoslav Stankov

November 30, 2013
Tweet

More Decks by Radoslav Stankov

See All by Radoslav Stankov
Ruby on Rails The Single Engineer Framework
rstankov
0
4
Rails: The Missing Parts
rstankov
1
130
The dream that turned into nightmare
rstankov
0
230
The dream that turned into nightmare (lightning)
rstankov
0
65
Ruby on Rails - The Single Engineer Framework
rstankov
0
270
Living Without Exceptions
rstankov
1
240
One engineer company with Ruby on Rails
rstankov
2
690
Eliminating noise from your code
rstankov
0
130
Best JavaScript is No Javascript
rstankov
0
160

Other Decks in Technology

See All in Technology
All You Need Is Kusa 〜Slackデータで始めるデータドリブン〜
jonnojun
0
150
NLP2025 参加報告会 / NLP2025
sansan_randd
4
570
AWSLambdaMCPServerを使ってツールとMCPサーバを分離する
tkikuchi
1
2.9k
IVRyにおけるNLP活用と NLP2025の関連論文紹介
keisukeosone
0
190
さくらの夕べ Debianナイト - さくらのVPS編
dictoss
0
200
Lakeflow Connectのご紹介
databricksjapan
0
110
OpenSearchでレガシーな検索処理の大幅改善をやってやろう
dznbk
2
170
技術者はかっこいいものだ!!~キルラキルから学んだエンジニアの生き方~
masakiokuda
2
250
SREの視点で考えるSIEM活用術 〜AWS環境でのセキュリティ強化〜
coconala_engineer
1
290
フロントエンドも盛り上げたい!フロントエンドCBとAmplifyの軌跡
mkdev10
2
260
クォータ監視、AWS Organizations環境でも楽勝です✌️
iwamot
PRO
1
270
От ручной разметки к LLM: как мы создавали облако тегов в Lamoda. Анастасия Ангелова, Data Scientist, Lamoda Tech
lamodatech
0
690

Featured

See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
30
8.5k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
9
750
GitHub's CSS Performance
jonrohan
1030
460k
VelocityConf: Rendering Performance Case Studies
addyosmani
328
24k
Facilitating Awesome Meetings
lara
54
6.3k
Automating Front-end Workflow
addyosmani
1369
200k
BBQ
matthewcrist
88
9.6k
StorybookのUI Testing Handbookを読んだ
zakiyama
29
5.6k
Scaling GitHub
holman
459
140k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
How STYLIGHT went responsive
nonsquared
99
5.5k

Transcript

  1. Radoslav Stankov BlagoevgradConf 2013 30/11/2013 Designing Mobile APIs

  2. Radoslav Stankov @rstankov ! ! ! ! http://rstankov.com http://github.com/rstankov

  3. None

  4. I have a plan!

  5. None

  6. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  7. Mobile in numbers

  8. None

  9. Web App Mobile API

  10. Mobile API

  11. Example

  12. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  13. 1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  14. Versioning

  15. http://fantasy-football.com/api/v1/team/1.json

  16. http://fantasy-football.com/api/v1/team/1.json

  17. https://fantasy-football.com/api/v1/team/1.json

  18. https://fantasy-football.com/api/v1/team/1.json

  19. https://fantasy-football.com/api/v1/team/1.json

  20. https://mobile.fantasy-football.com/v1/team/1.json

  21. https://mobile.fantasy-football.com/v1/team/1.json

  22. https://mobile.fantasy-football.com/v1/team/1.json

  23. Content-Types that are acceptable for the response. Accept Header

  24. https://mobile.fantasy-football.com/v1/team/1.json

  25. Accept: application/json https://mobile.fantasy-football.com/v1/team/1.json

  26. Accept: application/json https://mobile.fantasy-football.com/v1/team/1

  27. Accept: application/json https://mobile.fantasy-football.com/v1/team/1

  28. Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/v1/team/1

  29. Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/team/1

  30. 1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  31. 1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda

  32. Headers

  33. User-Agent User-Agent: iOS 7.1

  34. Accept-Language Accept-Language: en

  35. ! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom

  36. ! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom

  37. 1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda

  38. 1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda

  39. Error responses

  40. HTTP Statuses Code Description 400 Bad Request 401 Unauthorized 402

    Account Is Locked 404 Not Found 405 Method Not Allowed 422 Unprocessable Entity 426 To Many Requests 500 Internal Server Error

  41. HTTP Statuses http://httpstatus.es/

  42. Response Body { “message”: “Invalid api key” } GET https://mobile.fantasy-football.com/teams/1

  43. 422 - Unprocessable Entity { “errors”: {
 “name”: [“Already taken”],

    “budget”: [“Must be more than 0”] } } POST https://mobile.fantasy-football.com/teams/

  44. 1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda

  45. 1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda

  46. Authentication

  47. WWW-Authentication > WWW-Authenticate: Basic realm=“Fantasy Football” ! < Authorization: Basic

    QWxhZGRpbjpvcGVuIHNlc2FtZQ==

  48. WWW-Authentication > WWW-Authenticate: Digest realm=“Fantasy Football", … ! < Authorization:

    Digest username=“User", …

  49. WWW-Authentication Authorization: Token token=“7C1100AD4A6D45A6B2E022B”

  50. None

  51. Public ~ vs ~ Private

  52. OAuth ~ vs ~ Token

  53. OAuth ~ vs ~ Token

  54. Tokens Method URL Description POST /token Create new token
 (with

    login credentials) DELETE /token Delete token HEAD /token Check if token is active PATCH /token Renew a token (if tokens can expire)

  55. 1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda

  56. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  57. REST

  58. Teams Method URL Description GET /my/teams Returns all teams POST

    /my/teams Create new team GET /my/teams/1 Return given team PATCH /my/teams/1 Update given team DELETE /my/teams/1 Delete given team

  59. {
 “id”: 1, “name”: “Real Blagoevgrad”,
 “players”: { /* players

    */ } } POST /my/teams Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

  60. {
 “id”: 1, “name”: “Real Blagoevgrad”,
 “players”: { /* players

    */ } } GET /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

  61. {
 “id”: 1, “name”: “Bayern Blagoevgrad”,
 “players”: { /* players

    */ } } PATCH /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

  62. GET /teams Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

    [{
 “id”: 1, “name”: “Bayern Blagoevgrad”,
 “owner”: { /* owner */ },
 “players”: { /* players */ }, }, { /* other team */ }]

  63. Paging (1) X-Total: 10 X-Offset: 2 X-Offset: 3

  64. Paging (2) Link: <https://fantasy-football.com/teams/?page=3>; rel="next", <https://fantasy-football.com/teams/?page=1>; rel=“previous”, <https://fantasy-football.com/teams/?page=1>; rel=“first”, <https://fantasy-football.com/teams/?page=100>;

    rel=“last”

  65. Paging (3) Link: <https://fantasy-football.com/teams/?after-id=1213>; rel="next"

  66. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  67. Bonus

  68. Mobile API ~ vs ~ Regular API

  69. Syncing / Offline

  70. Postman Chrome plugin

  71. Good API example http://developer.github.com/v3/

  72. Questions?

  73. @rstankov Thank you :)