Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Designing mobile APIs
Search
Radoslav Stankov
November 30, 2013
Technology
3
210
Designing mobile APIs
Video:
https://www.youtube.com/watch?v=Y6LiPJV0EH4
Radoslav Stankov
November 30, 2013
Tweet
Share
More Decks by Radoslav Stankov
See All by Radoslav Stankov
Rails: The Missing Parts
rstankov
1
16
The dream that turned into nightmare
rstankov
0
84
The dream that turned into nightmare (lightning)
rstankov
0
33
Ruby on Rails - The Single Engineer Framework
rstankov
0
230
Living Without Exceptions
rstankov
1
190
One engineer company with Ruby on Rails
rstankov
2
640
Eliminating noise from your code
rstankov
0
92
Best JavaScript is No Javascript
rstankov
0
130
React Mid Game
rstankov
2
110
Other Decks in Technology
See All in Technology
Android 15 でウィジェットピッカーのプレビュー画像をGlanceで魅せたい/nikkei-tech-talk-27-1
nikkei_engineer_recruiting
0
120
Oracle Cloud Infrastructureデータベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
30
15k
140年の歴史あるエンタープライズ企業の内製化×マイクロサービス化への航海
yussugi
0
3.3k
AWS re:Invent 2024 予選落ちのBedrockアプデをまとめて解説!
minorun365
PRO
2
210
もう一度、 事業を支えるシステムに。
leveragestech
5
2.9k
最強DB講義 #35 大規模言語モデルに基づく検索モデル
mpkato
1
110
Engineer Recruting Deck
siva_official
PRO
1
3.1k
LINEヤフーにおける超大規模プラットフォーム実現への挑戦と学び / Challenges and Lessons in Building an Ultra-Large-Scale Platform at LY Corporation
hhiroshell
1
780
MTDDC Meetup TOKYO 2024 運用フェーズに突入したウェブサイト。年々コスト増えていませんか?
kurashige
1
130
次のコンテナセキュリティの時代 - User Namespace With a Pod / CloudNative Days Winter 2024
pfn
PRO
4
380
ARRが3年で10倍になったプロダクト開発とAI活用の軌跡
akiroom
0
160
【LT】ソフトウェア産業は進化しているのか? #Agilejapan
takabow
1
130
Featured
See All Featured
Scaling GitHub
holman
458
140k
Why Our Code Smells
bkeepers
PRO
334
57k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
27
2.1k
A Tale of Four Properties
chriscoyier
156
23k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
The Cult of Friendly URLs
andyhume
78
6.1k
Agile that works and the tools we love
rasmusluckow
327
21k
KATA
mclloyd
29
14k
Making Projects Easy
brettharned
115
5.9k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
42
9.3k
Transcript
Radoslav Stankov BlagoevgradConf 2013 30/11/2013 Designing Mobile APIs
Radoslav Stankov @rstankov ! ! ! ! http://rstankov.com http://github.com/rstankov
None
I have a plan!
None
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Mobile in numbers
None
Web App Mobile API
Mobile API
Example
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Versioning
http://fantasy-football.com/api/v1/team/1.json
http://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://fantasy-football.com/api/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
https://mobile.fantasy-football.com/v1/team/1.json
Content-Types that are acceptable for the response. Accept Header
https://mobile.fantasy-football.com/v1/team/1.json
Accept: application/json https://mobile.fantasy-football.com/v1/team/1.json
Accept: application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/v1/team/1
Accept: application/vnd.football-team.com; version=1, application/json https://mobile.fantasy-football.com/team/1
1.Versioning! 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda
Headers
User-Agent User-Agent: iOS 7.1
Accept-Language Accept-Language: en
! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom
! • X-Api-Key • X-Push-Notification-Id • X-Checksum • …. Custom
1.Versioning 2.Headers! 3.Error responses 4.Authentication 5.REST Agenda
1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda
Error responses
HTTP Statuses Code Description 400 Bad Request 401 Unauthorized 402
Account Is Locked 404 Not Found 405 Method Not Allowed 422 Unprocessable Entity 426 To Many Requests 500 Internal Server Error
HTTP Statuses http://httpstatus.es/
Response Body { “message”: “Invalid api key” } GET https://mobile.fantasy-football.com/teams/1
422 - Unprocessable Entity { “errors”: { “name”: [“Already taken”],
“budget”: [“Must be more than 0”] } } POST https://mobile.fantasy-football.com/teams/
1.Versioning 2.Headers 3.Error responses! 4.Authentication 5.REST Agenda
1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda
Authentication
WWW-Authentication > WWW-Authenticate: Basic realm=“Fantasy Football” ! < Authorization: Basic
QWxhZGRpbjpvcGVuIHNlc2FtZQ==
WWW-Authentication > WWW-Authenticate: Digest realm=“Fantasy Football", … ! < Authorization:
Digest username=“User", …
WWW-Authentication Authorization: Token token=“7C1100AD4A6D45A6B2E022B”
None
Public ~ vs ~ Private
OAuth ~ vs ~ Token
OAuth ~ vs ~ Token
Tokens Method URL Description POST /token Create new token (with
login credentials) DELETE /token Delete token HEAD /token Check if token is active PATCH /token Renew a token (if tokens can expire)
1.Versioning 2.Headers 3.Error responses 4.Authentication! 5.REST Agenda
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
REST
Teams Method URL Description GET /my/teams Returns all teams POST
/my/teams Create new team GET /my/teams/1 Return given team PATCH /my/teams/1 Update given team DELETE /my/teams/1 Delete given team
{ “id”: 1, “name”: “Real Blagoevgrad”, “players”: { /* players
*/ } } POST /my/teams Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
{ “id”: 1, “name”: “Real Blagoevgrad”, “players”: { /* players
*/ } } GET /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
{ “id”: 1, “name”: “Bayern Blagoevgrad”, “players”: { /* players
*/ } } PATCH /my/teams/1 Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
GET /teams Accept: application/vnd.fantasy-football.com; version=1,application/json Authentication: Token token=“0BD8AF0AAB86619” X-Api-Key: “7C1100AD4A6D45A6B2E022B”
[{ “id”: 1, “name”: “Bayern Blagoevgrad”, “owner”: { /* owner */ }, “players”: { /* players */ }, }, { /* other team */ }]
Paging (1) X-Total: 10 X-Offset: 2 X-Offset: 3
Paging (2) Link: <https://fantasy-football.com/teams/?page=3>; rel="next", <https://fantasy-football.com/teams/?page=1>; rel=“previous”, <https://fantasy-football.com/teams/?page=1>; rel=“first”, <https://fantasy-football.com/teams/?page=100>;
rel=“last”
Paging (3) Link: <https://fantasy-football.com/teams/?after-id=1213>; rel="next"
1.Versioning 2.Headers 3.Error responses 4.Authentication 5.REST Agenda
Bonus
Mobile API ~ vs ~ Regular API
Syncing / Offline
Postman Chrome plugin
Good API example http://developer.github.com/v3/
Questions?
@rstankov Thank you :)