Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Designing mobile APIs
Search
Radoslav Stankov
November 30, 2013
Technology
3
240
Designing mobile APIs
Video:
https://www.youtube.com/watch?v=Y6LiPJV0EH4
Radoslav Stankov
November 30, 2013
Tweet
Share
More Decks by Radoslav Stankov
See All by Radoslav Stankov
Building LLM Powered Features (lightning talk)
rstankov
0
9
All you need is CSS
rstankov
0
52
Ruby on Rails The Single Engineer Framework
rstankov
0
8
Rails: The Missing Parts
rstankov
1
160
The dream that turned into nightmare
rstankov
0
250
The dream that turned into nightmare (lightning)
rstankov
0
78
Ruby on Rails - The Single Engineer Framework
rstankov
0
300
Living Without Exceptions
rstankov
1
260
One engineer company with Ruby on Rails
rstankov
2
750
Other Decks in Technology
See All in Technology
Shadow DOM & Security - Exploring the boundary between light and shadow
masatokinugawa
0
750
経理出身PdMがAIプロダクト開発を_ハンズオンで学んだ話.pdf
shunsukenarita
1
220
[TechNight #91] Oracle Database 最新パフォーマンス分析手法
oracle4engineer
PRO
3
140
スプリントレビューを効果的にするために
miholovesq
9
1.7k
【CEDEC2025】LLMを活用したゲーム開発支援と、生成AIの利活用を進める組織的な取り組み
cygames
PRO
1
1.6k
20250719_JAWS_kobe
takuyay0ne
1
170
激動の時代、新卒エンジニアはAIツールにどう向き合うか。 [LayerX Bet AI Day Countdown LT Day1 ツールの選択]
tak848
0
600
SAE J1939シミュレーション環境構築
daikiokazaki
1
190
OTel 公式ドキュメント翻訳 PJ から始めるコミュニティ活動/Community activities starting with the OTel official document translation project
msksgm
0
300
AIエージェントを支える設計
tkikuchi1002
11
2.2k
Kiro Hookを Terraformで検証
ao_inoue
0
130
データエンジニアがクラシルでやりたいことの現在地
gappy50
3
630
Featured
See All Featured
Statistics for Hackers
jakevdp
799
220k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
1k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Become a Pro
speakerdeck
PRO
29
5.4k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Building an army of robots
kneath
306
45k
The Language of Interfaces
destraynor
158
25k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.7k
Embracing the Ebb and Flow
colly
86
4.8k
Writing Fast Ruby
sferik
628
62k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.9k
Transcript
Radoslav Stankov BlagoevgradConf 2013 30/11/2013 Designing Mobile APIs
Radoslav Stankov @rstankov ! ! ! ! http://rstankov.com http://github.com/rstankov
None
I have a plan!
None
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Mobile in numbers
None
Web App Mobile API
Mobile API
Example
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Versioning
http://fantasy-football.com/api/v1/team/1.json
http://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
Content-Types that are acceptable for the response. Accept Header
https://mobile.fantasy-football.com/v1/team/1.json
Accept: application/json https://mobile.fantasy-football.com/v1/team/1.json
Accept: application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/team/1
1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda
Headers
User-Agent User-Agent: iOS 7.1
Accept-Language Accept-Language: en
! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom
! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom
1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda
Error responses
HTTP Statuses Code Description 400 Bad Request 401 Unauthorized 402
Account Is Locked 404 Not Found 405 Method Not Allowed 422 Unprocessable Entity 426 To Many Requests 500 Internal Server Error
HTTP Statuses http://httpstatus.es/
Response Body { “message”: “Invalid api key” } GET https://mobile.fantasy-football.com/teams/1
422 - Unprocessable Entity { “errors”: { “name”: [“Already taken”],
“budget”: [“Must be more than 0”] } } POST https://mobile.fantasy-football.com/teams/
1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda
1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda
Authentication
WWW-Authentication > WWW-Authenticate: Basic realm=“Fantasy Football” ! < Authorization: Basic
QWxhZGRpbjpvcGVuIHNlc2FtZQ==
WWW-Authentication > WWW-Authenticate: Digest realm=“Fantasy Football", … ! < Authorization:
Digest username=“User", …
WWW-Authentication Authorization: Token token=“7C1100AD4A6D45A6B2E022B”
None
Public ~ vs ~ Private
OAuth ~ vs ~ Token
OAuth ~ vs ~ Token
Tokens Method URL Description POST /token Create new token (with
login credentials) DELETE /token Delete token HEAD /token Check if token is active PATCH /token Renew a token (if tokens can expire)
1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
REST
Teams Method URL Description GET /my/teams Returns all teams POST
/my/teams Create new team GET /my/teams/1 Return given team PATCH /my/teams/1 Update given team DELETE /my/teams/1 Delete given team
{ “id”: 1, “name”: “Real Blagoevgrad”, “players”: { /* players
*/ } } POST /my/teams Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
{ “id”: 1, “name”: “Real Blagoevgrad”, “players”: { /* players
*/ } } GET /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
{ “id”: 1, “name”: “Bayern Blagoevgrad”, “players”: { /* players
*/ } } PATCH /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
GET /teams Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
[{ “id”: 1, “name”: “Bayern Blagoevgrad”, “owner”: { /* owner */ }, “players”: { /* players */ }, }, { /* other team */ }]
Paging (1) X-Total: 10 X-Offset: 2 X-Offset: 3
Paging (2) Link: <https://fantasy-football.com/teams/?page=3>; rel="next", <https://fantasy-football.com/teams/?page=1>; rel=“previous”, <https://fantasy-football.com/teams/?page=1>; rel=“first”, <https://fantasy-football.com/teams/?page=100>;
rel=“last”
Paging (3) Link: <https://fantasy-football.com/teams/?after-id=1213>; rel="next"
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Bonus
Mobile API ~ vs ~ Regular API
Syncing / Offline
Postman Chrome plugin
Good API example http://developer.github.com/v3/
Questions?
@rstankov Thank you :)