Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Designing mobile APIs

Radoslav Stankov
November 30, 2013
Technology
3
170

Designing mobile APIs

Video: https://www.youtube.com/watch?v=Y6LiPJV0EH4

Radoslav Stankov

November 30, 2013
Tweet

More Decks by Radoslav Stankov

See All by Radoslav Stankov
Product Development
rstankov
0
19
How to Be Effective Javascript Developer
rstankov
0
80
Dealing with Dependencies in JavaScript
rstankov
0
23
Building tools on top of Apollo
rstankov
0
31
React Architecture at Product Hunt
rstankov
2
98
React Component Anti-Patterns
rstankov
0
520
How to an effective developer
rstankov
0
140
Domain Driven Design Kinda
rstankov
1
500
Testing React Hooks with Confidence
rstankov
1
150

Other Decks in Technology

See All in Technology
2023.06.01_LangChain/Llamaindex/Whisperを使ったアプリケーション開発のまとめと展望
pharma_x_tech
0
720
Web API development in Visual Studio 2022
tsubakimoto_s
0
160
応用から学ぶ強化学習
nearme_tech
0
210
Virtual Threads - 導入の背景と、効果的な使い方 -
skrb
2
320
株式会社オプティム_採用会社紹介資料 / optim-recruit
optim
0
9.6k
安心して現場で学習できる環境として Flutter Web の管理サイトがおすすめな話
htsuruo
5
140
GO TechTalk #19 タクシーアプリ『GO』事業成長を支えるデータ分析基盤の継続的改善!
mot_techtalk
2
1.1k
Predictive back transition Animation on Android 14
line_developers
PRO
1
450
OCI Data Integration技術情報 / ocidi_technical_jp
oracle4engineer
PRO
0
460
1人目QA奮闘記-2023年ver-/QA Engineer's Struggle 2023
mii3king
1
760
無理なく始めるGoでのユニットテストの並行化戦略
shohata
1
550
IoTの振り返りと、IoTが産み出すデータ形式のおさらい【IoT-Tech Meetup】
soracom
PRO
0
870

Featured

See All Featured
Robots, Beer and Maslow
schacon
154
7.5k
Why Our Code Smells
bkeepers
PRO
327
55k
How To Stay Up To Date on Web Technology
chriscoyier
779
250k
Reflections from 52 weeks, 52 projects
jeffersonlam
341
18k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
A Tale of Four Properties
chriscoyier
149
21k
Building a Scalable Design System with Sketch
lauravandoore
451
31k
Intergalactic Javascript Robots from Outer Space
tanoku
263
26k
It's Worth the Effort
3n
179
26k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
239
19k
Six Lessons from altMBA
skipperchong
16
2.5k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
3
550

Transcript

  1. Radoslav Stankov
    BlagoevgradConf 2013 30/11/2013
    Designing Mobile APIs

    View Slide

  2. Radoslav Stankov
    @rstankov
    !
    !
    !
    !
    http://rstankov.com
    http://github.com/rstankov

    View Slide

  3. View Slide

  4. I have a plan!

    View Slide

  5. View Slide

  6. 1.Versioning
    2.Headers
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  7. Mobile in numbers

    View Slide

  8. View Slide

  9. Web
    App
    Mobile API

    View Slide

  10. Mobile API

    View Slide

  11. Example

    View Slide

  12. 1.Versioning
    2.Headers
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  13. 1.Versioning!
    2.Headers
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  14. Versioning

    View Slide

  15. http://fantasy-football.com/api/v1/team/1.json

    View Slide

  16. http://fantasy-football.com/api/v1/team/1.json

    View Slide

  17. https://fantasy-football.com/api/v1/team/1.json

    View Slide

  18. https://fantasy-football.com/api/v1/team/1.json

    View Slide

  19. https://fantasy-football.com/api/v1/team/1.json

    View Slide

  20. https://mobile.fantasy-football.com/v1/team/1.json

    View Slide

  21. https://mobile.fantasy-football.com/v1/team/1.json

    View Slide

  22. https://mobile.fantasy-football.com/v1/team/1.json

    View Slide

  23. Content-Types that are acceptable for the response.
    Accept Header

    View Slide

  24. https://mobile.fantasy-football.com/v1/team/1.json

    View Slide

  25. Accept: application/json
    https://mobile.fantasy-football.com/v1/team/1.json

    View Slide

  26. Accept: application/json
    https://mobile.fantasy-football.com/v1/team/1

    View Slide

  27. Accept: application/json
    https://mobile.fantasy-football.com/v1/team/1

    View Slide

  28. Accept: application/vnd.football-team.com; version=1,
    application/json
    https://mobile.fantasy-football.com/v1/team/1

    View Slide

  29. Accept: application/vnd.football-team.com; version=1,
    application/json
    https://mobile.fantasy-football.com/team/1

    View Slide

  30. 1.Versioning!
    2.Headers
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  31. 1.Versioning
    2.Headers!
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  32. Headers

    View Slide

  33. User-Agent
    User-Agent: iOS 7.1

    View Slide

  34. Accept-Language
    Accept-Language: en

    View Slide

  35. !
    • X-Api-Key
    • X-Push-Notification-Id
    • X-Checksum
    • ….
    Custom

    View Slide

  36. !
    • X-Api-Key
    • X-Push-Notification-Id
    • X-Checksum
    • ….
    Custom

    View Slide

  37. 1.Versioning
    2.Headers!
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  38. 1.Versioning
    2.Headers
    3.Error responses!
    4.Authentication
    5.REST
    Agenda

    View Slide

  39. Error responses

    View Slide

  40. HTTP Statuses
    Code Description
    400 Bad Request
    401 Unauthorized
    402 Account Is Locked
    404 Not Found
    405 Method Not Allowed
    422 Unprocessable Entity
    426 To Many Requests
    500 Internal Server Error

    View Slide

  41. HTTP Statuses
    http://httpstatus.es/

    View Slide

  42. Response Body
    {
    “message”: “Invalid api key”
    }
    GET https://mobile.fantasy-football.com/teams/1

    View Slide

  43. 422 - Unprocessable Entity
    {
    “errors”: {

    “name”: [“Already taken”],
    “budget”: [“Must be more than 0”]
    }
    }
    POST https://mobile.fantasy-football.com/teams/

    View Slide

  44. 1.Versioning
    2.Headers
    3.Error responses!
    4.Authentication
    5.REST
    Agenda

    View Slide

  45. 1.Versioning
    2.Headers
    3.Error responses
    4.Authentication!
    5.REST
    Agenda

    View Slide

  46. Authentication

    View Slide

  47. WWW-Authentication
    > WWW-Authenticate: Basic realm=“Fantasy Football”
    !
    < Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

    View Slide

  48. WWW-Authentication
    > WWW-Authenticate: Digest realm=“Fantasy Football", …
    !
    < Authorization: Digest username=“User", …

    View Slide

  49. WWW-Authentication
    Authorization: Token token=“7C1100AD4A6D45A6B2E022B”

    View Slide

  50. View Slide

  51. Public
    ~ vs ~
    Private

    View Slide

  52. OAuth
    ~ vs ~
    Token

    View Slide

  53. OAuth
    ~ vs ~
    Token

    View Slide

  54. Tokens
    Method URL Description
    POST /token Create new token

    (with login credentials)
    DELETE /token Delete token
    HEAD /token Check if token is active
    PATCH /token Renew a token
    (if tokens can expire)

    View Slide

  55. 1.Versioning
    2.Headers
    3.Error responses
    4.Authentication!
    5.REST
    Agenda

    View Slide

  56. 1.Versioning
    2.Headers
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  57. REST

    View Slide

  58. Teams
    Method URL Description
    GET /my/teams Returns all teams
    POST /my/teams Create new team
    GET /my/teams/1 Return given team
    PATCH /my/teams/1 Update given team
    DELETE /my/teams/1 Delete given team

    View Slide

  59. {

    “id”: 1,
    “name”: “Real Blagoevgrad”,

    “players”: { /* players */ }
    }
    POST /my/teams
    Accept: application/vnd.fantasy-football.com; version=1,application/json

    Authentication: Token token=“0BD8AF0AAB86619”
    X-Api-Key: “7C1100AD4A6D45A6B2E022B”

    View Slide

  60. {

    “id”: 1,
    “name”: “Real Blagoevgrad”,

    “players”: { /* players */ }
    }
    GET /my/teams/1
    Accept: application/vnd.fantasy-football.com; version=1,application/json

    Authentication: Token token=“0BD8AF0AAB86619”
    X-Api-Key: “7C1100AD4A6D45A6B2E022B”

    View Slide

  61. {

    “id”: 1,
    “name”: “Bayern Blagoevgrad”,

    “players”: { /* players */ }
    }
    PATCH /my/teams/1
    Accept: application/vnd.fantasy-football.com; version=1,application/json

    Authentication: Token token=“0BD8AF0AAB86619”
    X-Api-Key: “7C1100AD4A6D45A6B2E022B”

    View Slide

  62. GET /teams
    Accept: application/vnd.fantasy-football.com; version=1,application/json

    Authentication: Token token=“0BD8AF0AAB86619”
    X-Api-Key: “7C1100AD4A6D45A6B2E022B”
    [{

    “id”: 1,
    “name”: “Bayern Blagoevgrad”,

    “owner”: { /* owner */ },

    “players”: { /* players */ },
    }, { /* other team */
    }]

    View Slide

  63. Paging (1)
    X-Total: 10
    X-Offset: 2
    X-Offset: 3

    View Slide

  64. Paging (2)
    Link: ; rel="next",
    ; rel=“previous”,
    ; rel=“first”,
    ; rel=“last”

    View Slide

  65. Paging (3)
    Link: ; rel="next"

    View Slide

  66. 1.Versioning
    2.Headers
    3.Error responses
    4.Authentication
    5.REST
    Agenda

    View Slide

  67. Bonus

    View Slide

  68. Mobile API
    ~ vs ~
    Regular API

    View Slide

  69. Syncing / Offline

    View Slide

  70. Postman Chrome plugin

    View Slide

  71. Good API example
    http://developer.github.com/v3/

    View Slide

  72. Questions?

    View Slide

  73. @rstankov
    Thank you :)

    View Slide