Your API is not a Website!<br />9.15.11 @ 11:05 PST<br />VOIP or Dial-in (see chat)<br />Greg Brail		@gbrail<br />Brian Pa...
@brianpagano<br />@gbrail<br />
API Workshop Webinar Series<br />(videos & slides at http://blog.apigee.com/taglist/webinar) <br />Mapping out your API St...
Setup<br />APIs seem at first like web sites without images.<br />On deeper inspection that’s not the case!<br />Examining...
But first, how are APIs and Websites the same?<br />
Image by caseymultimedia<br />
How are APIs and Websites the same? <br />24x7 operations<br />
How are APIs and Websites the same? <br />24x7 operations<br />Frequent deployment<br />
How are APIs and Websites the same? <br />24x7 operations<br />Frequent deployment<br />Fast expectations<br />On the Inte...
So how are they different?<br />
Image by lindzstrom<br />
How are APIs and Websites different? <br />Audience<br />Longevity<br />Analytics<br />Security<br />Integration<br />Test...
Audience<br />Websites are used by humans<br />APIs are used by programmers.<br />Programmers, in turn, make apps for huma...
Why does this matter?<br />Developers don’t care about images, fonts, colors, and other design elements.<br />Developers d...
Longevity<br />Web sites change all the time.<br />APIs must remain compatible over time.<br />image by wilhelmja<br />
Why Does this Matter?<br />Humans are fairly resilient to change<br />We may complain…<br />…but when a site design change...
Analytics<br />Most web analytics depend on the browser.<br />API clients might not be browsers at all!<br />
Why Does this Matter?<br />API analytics can’t rely on:<br />JavaScript that runs on the client<br />“Beacon” URLs that ge...
Security<br />Web sites can be scraped carefully.<br />APIs are extremely easy to “scrape” and automate.<br />APIs and web...
Why Does this Matter?<br />Since APIs are so easy to program, they are easy to ‘do damage.’<br />Try to crack passwords us...
Why Else Does this Matter?<br />Passwords are lousy for public APIs.<br />They propagate to lots of sites that use the API...
Integration<br />Web sites can pull content from all over.<br />APIs sit in one place.<br />
Why Does this Matter?<br />The architecture is just different.<br />Websites can include scripts, gadgets, and images from...
Testability<br />Automated web site testing is hard.<br />Automated API testing is easier.<br />
Why Does this Matter?<br />Any API needs to:<br />Change quickly<br />Remain compatible<br />Perform consistently<br />How...
Conclusion<br />A great API is not the same as a great web site.<br />A great API is:<br />Fast-moving, yet it never break...
THANK YOU<br />Questions and ideas to:<br />@apigee<br />@gbrail<br />@brianpagano<br />
Upcoming SlideShare
Loading in …5
×

Your API is not a Website!

10,959 views

Published on

Published in: Technology, Design
1 Comment
3 Likes
Statistics
Notes
  • <br /><iframe width="350" height="288" src="http://www.youtube.com/embed/oB_y6gl0gBE" frameborder="0" allowfullscreen></iframe>
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
10,959
On SlideShare
0
From Embeds
0
Number of Embeds
9,141
Actions
Shares
0
Downloads
59
Comments
1
Likes
3
Embeds 0
No embeds

No notes for slide
  • Creative Commons Attribution-Share Alike 3.0 United States License
  • Your API is not a Website!

    1. 1. Your API is not a Website!<br />9.15.11 @ 11:05 PST<br />VOIP or Dial-in (see chat)<br />Greg Brail @gbrail<br />Brian Pagano@brianpagano<br />
    2. 2. @brianpagano<br />@gbrail<br />
    3. 3. API Workshop Webinar Series<br />(videos & slides at http://blog.apigee.com/taglist/webinar) <br />Mapping out your API Strategy <br />Pragmatic REST: API Design Fu <br />10 Patterns in Successful API Programs<br />What to Measure: API Analytics<br />Is your API Naked? API Tech & Operations<br />Does your API need PCI? (Compliance)<br />Developers Hate Marketing: Driving API Adoption<br />OAuth: The Big Picture <br />“Boss, we need an API”<br />Your API is not a Website!<br />
    4. 4. Setup<br />APIs seem at first like web sites without images.<br />On deeper inspection that’s not the case!<br />Examining the differences is a great discussion on API technology.<br />
    5. 5. But first, how are APIs and Websites the same?<br />
    6. 6. Image by caseymultimedia<br />
    7. 7. How are APIs and Websites the same? <br />24x7 operations<br />
    8. 8. How are APIs and Websites the same? <br />24x7 operations<br />Frequent deployment<br />
    9. 9. How are APIs and Websites the same? <br />24x7 operations<br />Frequent deployment<br />Fast expectations<br />On the Internet this is not news.<br />But inside corporate IT, it is a new way of life!<br />This is the case for public and private APIs.<br />
    10. 10. So how are they different?<br />
    11. 11. Image by lindzstrom<br />
    12. 12. How are APIs and Websites different? <br />Audience<br />Longevity<br />Analytics<br />Security<br />Integration<br />Testability<br />
    13. 13. Audience<br />Websites are used by humans<br />APIs are used by programmers.<br />Programmers, in turn, make apps for humans.<br />image by maanow<br />
    14. 14. Why does this matter?<br />Developers don’t care about images, fonts, colors, and other design elements.<br />Developers do care about the “look and feel” of the API itself.<br />Is it easy to develop to?<br />Does it use REST appropriately? <br />(according to their own definition of “REST”)<br />Does it make me do anything weird?<br />Does it work?<br />Is it down a lot?<br />
    15. 15. Longevity<br />Web sites change all the time.<br />APIs must remain compatible over time.<br />image by wilhelmja<br />
    16. 16. Why Does this Matter?<br />Humans are fairly resilient to change<br />We may complain…<br />…but when a site design changes, we (usually) adapt<br />Programs are not resilient to change<br />Developers don’t want to re-write<br />Old apps might not have developers any more<br />Users don’t install updates right away<br />
    17. 17. Analytics<br />Most web analytics depend on the browser.<br />API clients might not be browsers at all!<br />
    18. 18. Why Does this Matter?<br />API analytics can’t rely on:<br />JavaScript that runs on the client<br />“Beacon” URLs that get downloaded all the time<br />Cookies the client must return<br />API clients just don’t do these things - especially when built by 3rd parties<br />You need to embed analytics on the server.<br />Use what is sent in the request and only that<br />
    19. 19. Security<br />Web sites can be scraped carefully.<br />APIs are extremely easy to “scrape” and automate.<br />APIs and web sites need different types of security.<br />OAuth for APIs, passwords for web sites,<br />SSL for both!<br />
    20. 20. Why Does this Matter?<br />Since APIs are so easy to program, they are easy to ‘do damage.’<br />Try to crack passwords using an API<br />Download a company’s whole product catalog<br />Book a whole bunch of flights to mess with pricing<br />Rate limits and quotas are essential.<br />
    21. 21. Why Else Does this Matter?<br />Passwords are lousy for public APIs.<br />They propagate to lots of sites that use the APIs<br />They propagate to devices that use the APIs<br />Consider OAuth for these cases<br />
    22. 22. Integration<br />Web sites can pull content from all over.<br />APIs sit in one place.<br />
    23. 23. Why Does this Matter?<br />The architecture is just different.<br />Websites can include scripts, gadgets, and images from all over the web<br />APIs can’t – developers expect a few API calls to do it all<br />But you can pull things together on the server side…<br />
    24. 24. Testability<br />Automated web site testing is hard.<br />Automated API testing is easier.<br />
    25. 25. Why Does this Matter?<br />Any API needs to:<br />Change quickly<br />Remain compatible<br />Perform consistently<br />How do you ensure this?<br />Test early and test often<br />Automated regression testing is the key<br />A good API should make this EASY<br />
    26. 26. Conclusion<br />A great API is not the same as a great web site.<br />A great API is:<br />Fast-moving, yet it never breaks the apps<br />Reliable, stable, and fast<br />Easy to understand and program to<br />Secure and resilient to failure<br />You need both.<br />
    27. 27. THANK YOU<br />Questions and ideas to:<br />@apigee<br />@gbrail<br />@brianpagano<br />

    ×