Crafting APIs for
Mobile Apps
@apigee
Ed Anuff
@edanuff
Marsh Gardiner
@earth2marsh
youtube.com/apigee
slideshare.net/apigee
j.mp/api-craft
j.mp/app-craft
Apigee powers
Walgreens, Best Buy,
Gilt Groupe, NewEgg,
Cars.com, Dell,
GraceNote, Shazam,
HomeAway, Pearson,
cheezburger,...
Almost all of those are
Mobile Apps that
connect to the cloud
with APIs
2000 Today
Smart
Phone
Partner
Integration
Mobile
Device
Connected Car
Internet TVInnovation
DVR
Web App
Gaming
Console
We...
Mobile == APIs?
Just about…
100x Devices To
Servers
Internet of Everything?
Internet of APIs
Websites Apps
Multiple
Devices
Companies ConsumerApps &
Developers
1.5M Apps
150 Times a day
2B Smartphones
300B API calls a day?
Some Quick Math…
Quite Possibly
Personalization
Content
Social
Transactions
Analytics
Push Notifications
Geolocation
Identity Management
File Storage
Picture Sharing
Social Networking
Security
Requirements of all modern app development
User Management Datastore
Location
Messaging
Social Graph
Analytics
Activity St...
Sign-in
Upload
Photo
Calculate
Cost
Place
Order
/photos /coupons /orders/token
Example: Mobile
Conference AppSign In To
The
Conference
/token
See What
Colleagues
Are Here
/users/me/friends
What session...
Example: Mobile
Conference AppRSVP to
sessions
Ask
Questions
/users/me/sessions
Check-in at
a Session
/users/me/activities...
What’s different?
Architecture
Client Development
Security Models
Async & Disconnected
Debugging
Architecture
2-Tier (and 2 Teams)
Web is a client
More logic on device
New Stacks (Node.js)
Backend-as-a-Service
Server
Infrastructure
App
Code
SDK API
Client Development
SDK or API?
Static Obj-C and Java
HTML5/JS (PhoneGap)
Async (& background)
Security
Identity (FB, OAuth)
Untrusted Device
Token Vending
Policies & Permissions
Untrusted Network
MITM
Async & Offline
Notifications
Push, Poll, WebSocket
Network Availability
Intermittent & Offline
Message Queues
SQS, etc.
Latency
Debugging
Where To Start?
App, Network, Server
Timeouts
Missing Headers
Auth & Security
Log EVERYTHING
Summary
Apps & APIs
2 sides of same coin
Key App Features
Cloud Connected
New Architecture
Client/Server Redux
New Development
SDKs, Async, Offline
Questions?
Ed Anuff
@edanuff
Marsh Gardiner
@earth2marsh
Thanks!
youtube.com/apigee
slideshare.net/apigee
linkedin.com/company/apigee
Crafting APIs for Mobile Apps - Everything You Need to Know
Upcoming SlideShare
Loading in...5
×

Crafting APIs for Mobile Apps - Everything You Need to Know

4,962

Published on

Published in: Technology, Business
1 Comment
15 Likes
Statistics
Notes
No Downloads
Views
Total Views
4,962
On Slideshare
0
From Embeds
0
Number of Embeds
18
Actions
Shares
0
Downloads
105
Comments
1
Likes
15
Embeds 0
No embeds

No notes for slide
  • Hi and welcome!
  • All these webinars get posted to YouTube
  • We’ve seen a lot of different API projects, but trend is to power apps
  • We power the APIs of a bunch of large enterprises, such as Walgreens, Best Buy, Dell, Pearson, etc. These companies use internal and external developers to create awesome products. Ed, out of all of our customers, why did you pick these?
  • We’ve seen a lot of different API projects, but trend is to power apps
  • Main Points: Business has moved from the web browser to the growing number of devices that we interact with daily and your business needs to be there Business Points: Same as above Tech Points: Its important to streamline how you support this explosion of devices where business is growing Sequential Story : Establish the need and urgency for business to be in the App Economy Script: So what is the implication of this technology to business? In the late 90’s the web browser was the edge of business interaction, where customers would interact with business in a new online channel. Today that channel has become ubiquitous in our lives moving to the many devices that we interact with daily. You can look at this as the convergence of 3 transformations: Cultural – customers to mobile devices with the expectations that it delivers Business – the differentiator is data, and enterprise data needs to follow to where customers are Technology – new devices and places to interact require moving the data and business support to these devices Apigee technology manages the flow of that data. It secures it, transforms it and enables you to determine who you provide what to and how. We will talk more about this later.
  • So, is APIs all about Mobile Seems that way The A in API stands for Application, or Apps. And the story of mobile is the story of Apps.
  • - Server to Server 500M - Server to Device 10B (8.7B) - 2 orders of magnitude difference - Internet of Everything, etc. is the Internet of APIs
  • My math is probably way bad - 1.5 million apps - 150 times a day - 2 Billion active smartphones in use globally (1.82B) - 300B API calls a day? 3500 requests per second
  • Major types of functionality is driven by API-powered features
  • We talk about a bunch of features to provide those, and these are APIs
  • Mobile is about delivering rich interaction from client apps running on the device with services and data on-demand from the cloud Tim Macauley, sr director of mobile at walgreens "“Engaged customers have a higher satisfaction and spend more,” customers who spend online, in-store and via mobile spend at a level six times higher.
  • So how is building apps against API’s different for app development and API development?
  • We can look at apple provided services, or apigee provided services to quickly build great data driven apps that users love. You can reach out to them with push notifications, give them contextually aware information using geolocation, have them setup profiles with user management, keep their data secure, work with files and pictures, or even build your own social graph! Apigee enables you to do all of this!
  • Architecture is quite a bit different
  • 2 tier architecture – the return of client/server Web is now just another client – HTML5/JS is the new web Sometimes a lot of the logic sits in the app New ways to build these things
  • By using a lightweight library you can use API calls to Create, Read, Update, and Delete data with ease. The backend manages access and security through it ’ s API, and the server infrastructure make ’ s sure your data is backed up and safe.
  • Building clients that use APIs is different than the server to server stuff
  • - most mobile devs think in terms of SDKs Last mile problem? Code not calls. - most device languages are static (class based)   - except Javascript/HTML5 (PhoneGap, Appcelerator, etc.)   - asynchronous (and now background)
  • Security issues
  • - Security    - Identity (OAuth, sign in with FB, etc.)   - Untrusted Device (extract keys out of app packages)   - Untrusted Network (mitmproxy - Game Center, Path, etc.)
  • Making API calls is different than usual request response
  •   - batching and MQs   - failures (transactions - idempotent, buy two tickets?)
  • Lots of things go wrong
  • Not always clear where to start Timeouts – things that work on your laptop on a stable connection will timeout when you’re going from 3G to LTE on the Caltrain Headers – some devices might change them, frameworks might not send them Auth issues are very thorny Need to log everything that goes into the API call or use a gateway
  • Thanks!
  • Thanks!
  • Crafting APIs for Mobile Apps - Everything You Need to Know

    1. 1. Crafting APIs for Mobile Apps @apigee
    2. 2. Ed Anuff @edanuff Marsh Gardiner @earth2marsh
    3. 3. youtube.com/apigee
    4. 4. slideshare.net/apigee
    5. 5. j.mp/api-craft j.mp/app-craft
    6. 6. Apigee powers Walgreens, Best Buy, Gilt Groupe, NewEgg, Cars.com, Dell, GraceNote, Shazam, HomeAway, Pearson, cheezburger, eBay…
    7. 7. Almost all of those are Mobile Apps that connect to the cloud with APIs
    8. 8. 2000 Today Smart Phone Partner Integration Mobile Device Connected Car Internet TVInnovation DVR Web App Gaming Console Website Tablet Your Company 2006 The App Economy
    9. 9. Mobile == APIs? Just about…
    10. 10. 100x Devices To Servers Internet of Everything? Internet of APIs
    11. 11. Websites Apps Multiple Devices Companies ConsumerApps & Developers
    12. 12. 1.5M Apps 150 Times a day 2B Smartphones 300B API calls a day? Some Quick Math… Quite Possibly
    13. 13. Personalization Content Social Transactions Analytics
    14. 14. Push Notifications Geolocation Identity Management File Storage Picture Sharing Social Networking Security
    15. 15. Requirements of all modern app development User Management Datastore Location Messaging Social Graph Analytics Activity Streams
    16. 16. Sign-in Upload Photo Calculate Cost Place Order /photos /coupons /orders/token
    17. 17. Example: Mobile Conference AppSign In To The Conference /token See What Colleagues Are Here /users/me/friends What sessions should I attend? /sessions
    18. 18. Example: Mobile Conference AppRSVP to sessions Ask Questions /users/me/sessions Check-in at a Session /users/me/activities /sessions/23/questions
    19. 19. What’s different?
    20. 20. Architecture Client Development Security Models Async & Disconnected Debugging
    21. 21. Architecture
    22. 22. 2-Tier (and 2 Teams) Web is a client More logic on device New Stacks (Node.js) Backend-as-a-Service
    23. 23. Server Infrastructure App Code SDK API
    24. 24. Client Development
    25. 25. SDK or API? Static Obj-C and Java HTML5/JS (PhoneGap) Async (& background)
    26. 26. Security
    27. 27. Identity (FB, OAuth) Untrusted Device Token Vending Policies & Permissions Untrusted Network MITM
    28. 28. Async & Offline
    29. 29. Notifications Push, Poll, WebSocket Network Availability Intermittent & Offline Message Queues SQS, etc. Latency
    30. 30. Debugging
    31. 31. Where To Start? App, Network, Server Timeouts Missing Headers Auth & Security Log EVERYTHING
    32. 32. Summary Apps & APIs 2 sides of same coin
    33. 33. Key App Features Cloud Connected New Architecture Client/Server Redux New Development SDKs, Async, Offline
    34. 34. Questions? Ed Anuff @edanuff Marsh Gardiner @earth2marsh
    35. 35. Thanks! youtube.com/apigee slideshare.net/apigee linkedin.com/company/apigee

    ×