Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Designing mobile APIs

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Radoslav Stankov Radoslav Stankov
November 30, 2013
Technology
300
3

Designing mobile APIs

Video: https://www.youtube.com/watch?v=Y6LiPJV0EH4

Avatar for Radoslav Stankov

Radoslav Stankov

November 30, 2013

More Decks by Radoslav Stankov

See All by Radoslav Stankov
Building LLM Powered Features
Avatar for Radoslav Stankov rstankov
0
120
Tips for Tailwind CSS
Avatar for Radoslav Stankov rstankov
0
42
Building LLM Powered Features (lightning talk)
Avatar for Radoslav Stankov rstankov
0
59
All you need is CSS
Avatar for Radoslav Stankov rstankov
0
130
Ruby on Rails The Single Engineer Framework
Avatar for Radoslav Stankov rstankov
0
46
Rails: The Missing Parts
Avatar for Radoslav Stankov rstankov
1
240
The dream that turned into nightmare
Avatar for Radoslav Stankov rstankov
0
310
The dream that turned into nightmare (lightning)
Avatar for Radoslav Stankov rstankov
0
120
Ruby on Rails - The Single Engineer Framework
Avatar for Radoslav Stankov rstankov
0
350

Other Decks in Technology

See All in Technology
ハーネスエンジニアリング×AI適応開発
Avatar for Ryohei Kamiya aictokamiya
1
910
Tour of Agent Protocols: MCP, A2A, AG-UI, A2UI with ADK
Avatar for Mete Atamel meteatamel
0
170
AI時代のIssue駆動開発のススメ
Avatar for Atsushi Nakatsugawa moongift
PRO
0
320
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
11k
GitHub Copilot CLI で Azure Portal to Bicep
Avatar for Yuta Matsumura tsubakimoto_s
0
300
来期の評価で変えようと思っていること 〜AI時代に変わること・変わらないこと〜
Avatar for estie | エスティ estie
0
130
40代からのアウトプット ― 経験は価値ある学びに変わる / 20260404 Naoki Takahashi
Avatar for SHIFT EVOLVE shift_evolve
PRO
3
460
Oracle Cloud Infrastructure:2026年3月度サービス・アップデート
Avatar for oracle4engineer oracle4engineer
PRO
0
220
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
Avatar for Cybozu cybozuinsideout
PRO
10
77k
JEDAI認定プログラム JEDAI Order 2026 受賞者一覧 / JEDAI Order 2026 Winners
Avatar for Databricks Japan databricksjapan
0
410
AI時代のオンプレ-クラウドキャリアチェンジ考
Avatar for Yutaro Shirayama yuu0w0yuu
0
670
ThetaOS - A Mythical Machine comes Alive
Avatar for Martijn aslander
0
230

Featured

See All Featured
BBQ
Avatar for Matthew Crist matthewcrist
89
10k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
5
1k
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
Avatar for Andy Polaine apolaine
0
250
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
Leveraging Curiosity to Care for An Aging Population
Avatar for Cassini Nazir cassininazir
1
200
Lessons Learnt from Crawling 1000+ Websites
Avatar for Charles Meaden charlesmeaden
PRO
1
1.2k
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
Avatar for Szymon Słowik szymonslowik
1
990
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k
From Legacy to Launchpad: Building Startup-Ready Communities
Avatar for Dug Song dugsong
0
190
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
34
9.2k
Tell your own story through comics
Avatar for letsgokoyo letsgokoyo
1
880
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
2
320

Transcript

  1. Radoslav Stankov BlagoevgradConf 2013 30/11/2013 Designing Mobile APIs

  2. Radoslav Stankov @rstankov ! ! ! ! http://rstankov.com http://github.com/rstankov

  3. None

  4. I have a plan!

  5. None

  6. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  7. Mobile in numbers

  8. None

  9. Web App Mobile API

  10. Mobile API

  11. Example

  12. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  13. 1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  14. Versioning

  15. http://fantasy-football.com/api/v1/team/1.json

  16. http://fantasy-football.com/api/v1/team/1.json

  17. https://fantasy-football.com/api/v1/team/1.json

  18. https://fantasy-football.com/api/v1/team/1.json

  19. https://fantasy-football.com/api/v1/team/1.json

  20. https://mobile.fantasy-football.com/v1/team/1.json

  21. https://mobile.fantasy-football.com/v1/team/1.json

  22. https://mobile.fantasy-football.com/v1/team/1.json

  23. Content-Types that are acceptable for the response. Accept Header

  24. https://mobile.fantasy-football.com/v1/team/1.json

  25. Accept: application/json https://mobile.fantasy-football.com/v1/team/1.json

  26. Accept: application/json https://mobile.fantasy-football.com/v1/team/1

  27. Accept: application/json https://mobile.fantasy-football.com/v1/team/1

  28. Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/v1/team/1

  29. Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/team/1

  30. 1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  31. 1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda

  32. Headers

  33. User-Agent User-Agent: iOS 7.1

  34. Accept-Language Accept-Language: en

  35. ! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom

  36. ! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom

  37. 1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda

  38. 1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda

  39. Error responses

  40. HTTP Statuses Code Description 400 Bad Request 401 Unauthorized 402

    Account Is Locked 404 Not Found 405 Method Not Allowed 422 Unprocessable Entity 426 To Many Requests 500 Internal Server Error

  41. HTTP Statuses http://httpstatus.es/

  42. Response Body { “message”: “Invalid api key” } GET https://mobile.fantasy-football.com/teams/1

  43. 422 - Unprocessable Entity { “errors”: {
 “name”: [“Already taken”],

    “budget”: [“Must be more than 0”] } } POST https://mobile.fantasy-football.com/teams/

  44. 1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda

  45. 1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda

  46. Authentication

  47. WWW-Authentication > WWW-Authenticate: Basic realm=“Fantasy Football” ! < Authorization: Basic

    QWxhZGRpbjpvcGVuIHNlc2FtZQ==

  48. WWW-Authentication > WWW-Authenticate: Digest realm=“Fantasy Football", … ! < Authorization:

    Digest username=“User", …

  49. WWW-Authentication Authorization: Token token=“7C1100AD4A6D45A6B2E022B”

  50. None

  51. Public ~ vs ~ Private

  52. OAuth ~ vs ~ Token

  53. OAuth ~ vs ~ Token

  54. Tokens Method URL Description POST /token Create new token
 (with

    login credentials) DELETE /token Delete token HEAD /token Check if token is active PATCH /token Renew a token (if tokens can expire)

  55. 1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda

  56. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  57. REST

  58. Teams Method URL Description GET /my/teams Returns all teams POST

    /my/teams Create new team GET /my/teams/1 Return given team PATCH /my/teams/1 Update given team DELETE /my/teams/1 Delete given team

  59. {
 “id”: 1, “name”: “Real Blagoevgrad”,
 “players”: { /* players

    */ } } POST /my/teams Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

  60. {
 “id”: 1, “name”: “Real Blagoevgrad”,
 “players”: { /* players

    */ } } GET /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

  61. {
 “id”: 1, “name”: “Bayern Blagoevgrad”,
 “players”: { /* players

    */ } } PATCH /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

  62. GET /teams Accept: application/vnd.fantasy-football.com; version=1,application/json
 Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”

    [{
 “id”: 1, “name”: “Bayern Blagoevgrad”,
 “owner”: { /* owner */ },
 “players”: { /* players */ }, }, { /* other team */ }]

  63. Paging (1) X-Total: 10 X-Offset: 2 X-Offset: 3

  64. Paging (2) Link: <https://fantasy-football.com/teams/?page=3>; rel="next", <https://fantasy-football.com/teams/?page=1>; rel=“previous”, <https://fantasy-football.com/teams/?page=1>; rel=“first”, <https://fantasy-football.com/teams/?page=100>;

    rel=“last”

  65. Paging (3) Link: <https://fantasy-football.com/teams/?after-id=1213>; rel="next"

  66. 1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda

  67. Bonus

  68. Mobile API ~ vs ~ Regular API

  69. Syncing / Offline

  70. Postman Chrome plugin

  71. Good API example http://developer.github.com/v3/

  72. Questions?

  73. @rstankov Thank you :)