APIs:
The good, the bad, the ugly
@MicheleTitolo
What we’ll cover
Documentation
The Good
It exists
Bonus: it’s interactive
I/O Docs
The Bad
Docs aren’t updated
The Ugly
Documentation?
URLs
The Good
Consistency
/users/22445
/products/3156
/movies/127/times
The Bad
Inconsistency
/users/22445
/reviews/3156
/times/127
Not review or time id’s
The Ugly
“Send GET to /remove to
delete”
Payloads
The Good
You have all the data you need
The Bad
Endpoint “id” field
/products id
/products/:id productID
/cart product_id
Yes, this actually happened
Change
We expect certain things
...like image urls having http://
...like dates sent in the same
format
We expect certain things
to not change
The Ugly
JSON containing HTML
Unstable
Authentication
The Good
HTTP Basc Auth over SSL
...when SSL is secure
OAuth
The Bad
OAuth
The Ugly
Authorization
The Good
App requests permissions
The Bad
A single API key
The Ugly
Authorization?
goto fail;
Errors
The Good
Error codes
Error message in response
Human readable error
message
The Bad
“There was an error”
The Ugly
Caching
The Good
Using one of the standards
Cache-Control
If-Modified-Since
etags
The Bad
Manually processing data
The Ugly
Caching
In Summary
Consistency
Conventions
Simple
Questions?
@MicheleTitolo
• JSONSchema, RAML, API Blueprint,
• HTTP 1.1 Spec: http://www.w3.org/Protocols/rfc2616/
rfc2616.html
• Charles, Postman
•...
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
APIs: The good, the bad, the ugly
Upcoming SlideShare
Loading in...5
×

APIs: The good, the bad, the ugly

5,399

Published on

Apps consume a lot of web services these days. Sometimes, these new services can be fantastic, and other times not so much. Learning how to evaluate APIs and identify problem areas before jumping head first into development can save us frustration, time, and money. This session will walk through evaluating an API, best practices, and red flags, all from the standpoint of an iOS dev. No matter your experience level, you'll leave with the skills to effectively tackle your next API.

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,399
On Slideshare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
Downloads
15
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

APIs: The good, the bad, the ugly

  1. 1. APIs: The good, the bad, the ugly @MicheleTitolo
  2. 2. What we’ll cover
  3. 3. Documentation
  4. 4. The Good
  5. 5. It exists
  6. 6. Bonus: it’s interactive
  7. 7. I/O Docs
  8. 8. The Bad
  9. 9. Docs aren’t updated
  10. 10. The Ugly
  11. 11. Documentation?
  12. 12. URLs
  13. 13. The Good
  14. 14. Consistency
  15. 15. /users/22445 /products/3156 /movies/127/times
  16. 16. The Bad
  17. 17. Inconsistency
  18. 18. /users/22445 /reviews/3156 /times/127 Not review or time id’s
  19. 19. The Ugly
  20. 20. “Send GET to /remove to delete”
  21. 21. Payloads
  22. 22. The Good
  23. 23. You have all the data you need
  24. 24. The Bad
  25. 25. Endpoint “id” field /products id /products/:id productID /cart product_id
  26. 26. Yes, this actually happened
  27. 27. Change
  28. 28. We expect certain things
  29. 29. ...like image urls having http://
  30. 30. ...like dates sent in the same format
  31. 31. We expect certain things to not change
  32. 32. The Ugly
  33. 33. JSON containing HTML
  34. 34. Unstable
  35. 35. Authentication
  36. 36. The Good
  37. 37. HTTP Basc Auth over SSL
  38. 38. ...when SSL is secure
  39. 39. OAuth
  40. 40. The Bad
  41. 41. OAuth
  42. 42. The Ugly
  43. 43. Authorization
  44. 44. The Good
  45. 45. App requests permissions
  46. 46. The Bad
  47. 47. A single API key
  48. 48. The Ugly
  49. 49. Authorization?
  50. 50. goto fail;
  51. 51. Errors
  52. 52. The Good
  53. 53. Error codes
  54. 54. Error message in response
  55. 55. Human readable error message
  56. 56. The Bad
  57. 57. “There was an error”
  58. 58. The Ugly
  59. 59. Caching
  60. 60. The Good
  61. 61. Using one of the standards
  62. 62. Cache-Control
  63. 63. If-Modified-Since
  64. 64. etags
  65. 65. The Bad
  66. 66. Manually processing data
  67. 67. The Ugly
  68. 68. Caching
  69. 69. In Summary
  70. 70. Consistency
  71. 71. Conventions
  72. 72. Simple
  73. 73. Questions? @MicheleTitolo
  74. 74. • JSONSchema, RAML, API Blueprint, • HTTP 1.1 Spec: http://www.w3.org/Protocols/rfc2616/ rfc2616.html • Charles, Postman • http://runscope.com, also http://newrelic.com for backend analytics • Versioning: http://apiux.com/2013/05/14/api- versioning/ Q&A Resources
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×