Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Designing mobile APIs
Search
Radoslav Stankov
November 30, 2013
Technology
3
240
Designing mobile APIs
Video:
https://www.youtube.com/watch?v=Y6LiPJV0EH4
Radoslav Stankov
November 30, 2013
Tweet
Share
More Decks by Radoslav Stankov
See All by Radoslav Stankov
All you need is CSS
rstankov
0
48
Ruby on Rails The Single Engineer Framework
rstankov
0
8
Rails: The Missing Parts
rstankov
1
150
The dream that turned into nightmare
rstankov
0
250
The dream that turned into nightmare (lightning)
rstankov
0
76
Ruby on Rails - The Single Engineer Framework
rstankov
0
290
Living Without Exceptions
rstankov
1
250
One engineer company with Ruby on Rails
rstankov
2
740
Eliminating noise from your code
rstankov
0
140
Other Decks in Technology
See All in Technology
KubeCon + CloudNativeCon Japan 2025 Recap by CA
ponkio_o
PRO
0
260
LangSmith×Webhook連携で実現するプロンプトドリブンCI/CD
sergicalsix
1
160
WordPressから ヘッドレスCMSへ! Storyblokへの移行プロセス
nyata
0
350
Amazon S3標準/ S3 Tables/S3 Express One Zoneを使ったログ分析
shigeruoda
6
600
AI導入の理想と現実~コストと浸透〜
oprstchn
0
160
開発生産性を組織全体の「生産性」へ! 部門間連携の壁を越える実践的ステップ
sudo5in5k
1
1.2k
asken AI勉強会(Android)
tadashi_sato
0
150
「良さそう」と「とても良い」の間には 「良さそうだがホンマか」がたくさんある / 2025.07.01 LLM品質Night
smiyawaki0820
1
450
論文紹介:LLMDet (CVPR2025 Highlight)
tattaka
0
250
mrubyと micro-ROSが繋ぐロボットの世界
kishima
3
390
OPENLOGI Company Profile
hr01
0
67k
MUITにおける開発プロセスモダナイズの取り組みと開発生産性可視化の取り組みについて / Modernize the Development Process and Visualize Development Productivity at MUIT
muit
1
2.3k
Featured
See All Featured
Unsuck your backbone
ammeep
671
58k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
45
7.5k
GraphQLとの向き合い方2022年版
quramy
49
14k
Adopting Sorbet at Scale
ufuk
77
9.4k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.7k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
The Language of Interfaces
destraynor
158
25k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
5
240
Making Projects Easy
brettharned
116
6.3k
The Cult of Friendly URLs
andyhume
79
6.5k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.5k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
138
34k
Transcript
Radoslav Stankov BlagoevgradConf 2013 30/11/2013 Designing Mobile APIs
Radoslav Stankov @rstankov ! ! ! ! http://rstankov.com http://github.com/rstankov
None
I have a plan!
None
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Mobile in numbers
None
Web App Mobile API
Mobile API
Example
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Versioning
http://fantasy-football.com/api/v1/team/1.json
http://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
Content-Types that are acceptable for the response. Accept Header
https://mobile.fantasy-football.com/v1/team/1.json
Accept: application/json https://mobile.fantasy-football.com/v1/team/1.json
Accept: application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/team/1
1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda
Headers
User-Agent User-Agent: iOS 7.1
Accept-Language Accept-Language: en
! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom
! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom
1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda
Error responses
HTTP Statuses Code Description 400 Bad Request 401 Unauthorized 402
Account Is Locked 404 Not Found 405 Method Not Allowed 422 Unprocessable Entity 426 To Many Requests 500 Internal Server Error
HTTP Statuses http://httpstatus.es/
Response Body { “message”: “Invalid api key” } GET https://mobile.fantasy-football.com/teams/1
422 - Unprocessable Entity { “errors”: { “name”: [“Already taken”],
“budget”: [“Must be more than 0”] } } POST https://mobile.fantasy-football.com/teams/
1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda
1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda
Authentication
WWW-Authentication > WWW-Authenticate: Basic realm=“Fantasy Football” ! < Authorization: Basic
QWxhZGRpbjpvcGVuIHNlc2FtZQ==
WWW-Authentication > WWW-Authenticate: Digest realm=“Fantasy Football", … ! < Authorization:
Digest username=“User", …
WWW-Authentication Authorization: Token token=“7C1100AD4A6D45A6B2E022B”
None
Public ~ vs ~ Private
OAuth ~ vs ~ Token
OAuth ~ vs ~ Token
Tokens Method URL Description POST /token Create new token (with
login credentials) DELETE /token Delete token HEAD /token Check if token is active PATCH /token Renew a token (if tokens can expire)
1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
REST
Teams Method URL Description GET /my/teams Returns all teams POST
/my/teams Create new team GET /my/teams/1 Return given team PATCH /my/teams/1 Update given team DELETE /my/teams/1 Delete given team
{ “id”: 1, “name”: “Real Blagoevgrad”, “players”: { /* players
*/ } } POST /my/teams Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
{ “id”: 1, “name”: “Real Blagoevgrad”, “players”: { /* players
*/ } } GET /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
{ “id”: 1, “name”: “Bayern Blagoevgrad”, “players”: { /* players
*/ } } PATCH /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
GET /teams Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
[{ “id”: 1, “name”: “Bayern Blagoevgrad”, “owner”: { /* owner */ }, “players”: { /* players */ }, }, { /* other team */ }]
Paging (1) X-Total: 10 X-Offset: 2 X-Offset: 3
Paging (2) Link: <https://fantasy-football.com/teams/?page=3>; rel="next", <https://fantasy-football.com/teams/?page=1>; rel=“previous”, <https://fantasy-football.com/teams/?page=1>; rel=“first”, <https://fantasy-football.com/teams/?page=100>;
rel=“last”
Paging (3) Link: <https://fantasy-football.com/teams/?after-id=1213>; rel="next"
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Bonus
Mobile API ~ vs ~ Regular API
Syncing / Offline
Postman Chrome plugin
Good API example http://developer.github.com/v3/
Questions?
@rstankov Thank you :)