Crafting APIs for Mobile Apps - Everything You Need to Know


Published on

Published in: Technology, Business
1 Comment
No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Hi and welcome!
  • All these webinars get posted to YouTube
  • We’ve seen a lot of different API projects, but trend is to power apps
  • We power the APIs of a bunch of large enterprises, such as Walgreens, Best Buy, Dell, Pearson, etc. These companies use internal and external developers to create awesome products. Ed, out of all of our customers, why did you pick these?
  • We’ve seen a lot of different API projects, but trend is to power apps
  • Main Points: Business has moved from the web browser to the growing number of devices that we interact with daily and your business needs to be there Business Points: Same as above Tech Points: Its important to streamline how you support this explosion of devices where business is growing Sequential Story : Establish the need and urgency for business to be in the App Economy Script: So what is the implication of this technology to business? In the late 90’s the web browser was the edge of business interaction, where customers would interact with business in a new online channel. Today that channel has become ubiquitous in our lives moving to the many devices that we interact with daily. You can look at this as the convergence of 3 transformations: Cultural – customers to mobile devices with the expectations that it delivers Business – the differentiator is data, and enterprise data needs to follow to where customers are Technology – new devices and places to interact require moving the data and business support to these devices Apigee technology manages the flow of that data. It secures it, transforms it and enables you to determine who you provide what to and how. We will talk more about this later.
  • So, is APIs all about Mobile Seems that way The A in API stands for Application, or Apps. And the story of mobile is the story of Apps.
  • - Server to Server 500M - Server to Device 10B (8.7B) - 2 orders of magnitude difference - Internet of Everything, etc. is the Internet of APIs
  • My math is probably way bad - 1.5 million apps - 150 times a day - 2 Billion active smartphones in use globally (1.82B) - 300B API calls a day? 3500 requests per second
  • Major types of functionality is driven by API-powered features
  • We talk about a bunch of features to provide those, and these are APIs
  • Mobile is about delivering rich interaction from client apps running on the device with services and data on-demand from the cloud Tim Macauley, sr director of mobile at walgreens "“Engaged customers have a higher satisfaction and spend more,” customers who spend online, in-store and via mobile spend at a level six times higher.
  • So how is building apps against API’s different for app development and API development?
  • We can look at apple provided services, or apigee provided services to quickly build great data driven apps that users love. You can reach out to them with push notifications, give them contextually aware information using geolocation, have them setup profiles with user management, keep their data secure, work with files and pictures, or even build your own social graph! Apigee enables you to do all of this!
  • Architecture is quite a bit different
  • 2 tier architecture – the return of client/server Web is now just another client – HTML5/JS is the new web Sometimes a lot of the logic sits in the app New ways to build these things
  • By using a lightweight library you can use API calls to Create, Read, Update, and Delete data with ease. The backend manages access and security through it ’ s API, and the server infrastructure make ’ s sure your data is backed up and safe.
  • Building clients that use APIs is different than the server to server stuff
  • - most mobile devs think in terms of SDKs Last mile problem? Code not calls. - most device languages are static (class based)   - except Javascript/HTML5 (PhoneGap, Appcelerator, etc.)   - asynchronous (and now background)
  • Security issues
  • - Security    - Identity (OAuth, sign in with FB, etc.)   - Untrusted Device (extract keys out of app packages)   - Untrusted Network (mitmproxy - Game Center, Path, etc.)
  • Making API calls is different than usual request response
  •   - batching and MQs   - failures (transactions - idempotent, buy two tickets?)
  • Lots of things go wrong
  • Not always clear where to start Timeouts – things that work on your laptop on a stable connection will timeout when you’re going from 3G to LTE on the Caltrain Headers – some devices might change them, frameworks might not send them Auth issues are very thorny Need to log everything that goes into the API call or use a gateway
  • Thanks!
  • Thanks!
  • Crafting APIs for Mobile Apps - Everything You Need to Know

    1. 1. Crafting APIs for Mobile Apps @apigee
    2. 2. Ed Anuff @edanuff Marsh Gardiner @earth2marsh
    3. 3.
    4. 4.
    5. 5.
    6. 6. Apigee powers Walgreens, Best Buy, Gilt Groupe, NewEgg,, Dell, GraceNote, Shazam, HomeAway, Pearson, cheezburger, eBay…
    7. 7. Almost all of those are Mobile Apps that connect to the cloud with APIs
    8. 8. 2000 Today Smart Phone Partner Integration Mobile Device Connected Car Internet TVInnovation DVR Web App Gaming Console Website Tablet Your Company 2006 The App Economy
    9. 9. Mobile == APIs? Just about…
    10. 10. 100x Devices To Servers Internet of Everything? Internet of APIs
    11. 11. Websites Apps Multiple Devices Companies ConsumerApps & Developers
    12. 12. 1.5M Apps 150 Times a day 2B Smartphones 300B API calls a day? Some Quick Math… Quite Possibly
    13. 13. Personalization Content Social Transactions Analytics
    14. 14. Push Notifications Geolocation Identity Management File Storage Picture Sharing Social Networking Security
    15. 15. Requirements of all modern app development User Management Datastore Location Messaging Social Graph Analytics Activity Streams
    16. 16. Sign-in Upload Photo Calculate Cost Place Order /photos /coupons /orders/token
    17. 17. Example: Mobile Conference AppSign In To The Conference /token See What Colleagues Are Here /users/me/friends What sessions should I attend? /sessions
    18. 18. Example: Mobile Conference AppRSVP to sessions Ask Questions /users/me/sessions Check-in at a Session /users/me/activities /sessions/23/questions
    19. 19. What’s different?
    20. 20. Architecture Client Development Security Models Async & Disconnected Debugging
    21. 21. Architecture
    22. 22. 2-Tier (and 2 Teams) Web is a client More logic on device New Stacks (Node.js) Backend-as-a-Service
    23. 23. Server Infrastructure App Code SDK API
    24. 24. Client Development
    25. 25. SDK or API? Static Obj-C and Java HTML5/JS (PhoneGap) Async (& background)
    26. 26. Security
    27. 27. Identity (FB, OAuth) Untrusted Device Token Vending Policies & Permissions Untrusted Network MITM
    28. 28. Async & Offline
    29. 29. Notifications Push, Poll, WebSocket Network Availability Intermittent & Offline Message Queues SQS, etc. Latency
    30. 30. Debugging
    31. 31. Where To Start? App, Network, Server Timeouts Missing Headers Auth & Security Log EVERYTHING
    32. 32. Summary Apps & APIs 2 sides of same coin
    33. 33. Key App Features Cloud Connected New Architecture Client/Server Redux New Development SDKs, Async, Offline
    34. 34. Questions? Ed Anuff @edanuff Marsh Gardiner @earth2marsh
    35. 35. Thanks!