SlideShare a Scribd company logo

Successful developers

Download as PPTX, PDF
Kirsten Hunter
Kirsten Hunter

How to support the developers of your API, give them skills and tools to be successful. Webex of my presentation at https://cisco.webex.com/ciscosales/lsr.php?AT=pb&SP=MC&rID=62417452&rKey=caa6309156837b7a

Technology
1 of 14
Kirsten Jones, Technical Leader, Cisco Systems @synedra http://www.princesspolymath.com
 API Developers  Application Developers  Architects / Designers  Focus: Successful Developers
 Good Documentation  Common Pain Points  HTTP Sniffing  Understanding Error Codes  Debugging Strategies
 What can I do?  Walk-throughs and tutorials  Lots of working code  Small chunks with frequent successes  Example applications  Examples:  LinkedIn Javascript Tutorials  LinkedIn Getting Started
 Lack of understanding of HTTP structure  Libraries “masking” responses  Error code confusion  Authentication
 Many developers don’t understand HTTP basics  Libraries allow them to interact with the API but not understand issues  REST feels like a “black box”
 Clear and complete tutorials, with and without libraries  Pointers to HTTP basics  My OSCON presentation has good info  Developer tools demonstrating successful calls (OAuth Test Console, IODocs)
 3rd Party (or company-supported) libraries are great but…  Frequently error codes or other responses are masked  Can get out of sync  Supporting the API is different from supporting a library
 HTTP status is very helpful  50x: we screwed up.  40x: you screwed up.  30x: ask that dude over there.  20x: cool.  Consistency within the API is critical  Useful error messages for broad errors (4xx errors) Document, explain, demonstrate!
 Teach your developers to be successful  Watch the traffic with a sniffer  All requests should include headers, body, exact URL  A great bug report:  I did X  I expected Y to happen  To my dismay, Z happened instead
 Use existing, tested libraries  Code defensively  Servers aren’t that smart  In most cases a working example will help  Lots of code samples, well documented  Use case based
 Macintosh: HTTPScoop http://tuffcode.com/  Macintosh: Charles (supports SSL) http://www.charlesproxy.com/  Windows: Fiddler http://www.fiddler2.com/fiddler2/  Unix (or Mac): Wireshark (X11) http://www.wireshark.org/
 401 authentication errors (signatures, tokens)  403 authorization errors (throttles, permissions)  400 errors – parameters, headers  Content-type errors
 Pain points  HTTP Sniffers  Good questions

Recommended

Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'
Dror Helper
 
4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentation
Rashid Khatmey
 
Sorting Out The Trash
Sorting Out The TrashSorting Out The Trash
Sorting Out The Trash
frisksoftware
 
Php security common 2011
Php security common 2011Php security common 2011
Php security common 2011
10n Software, LLC
 
Rest schema design
Rest schema designRest schema design
Rest schema design
Kirsten Hunter
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
Rashid Khatmey
 
Designing for developers
Designing for developersDesigning for developers
Designing for developers
Kirsten Hunter
 

Recommended

Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'
Dror Helper
 
4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentation
Rashid Khatmey
 
Sorting Out The Trash
Sorting Out The TrashSorting Out The Trash
Sorting Out The Trash
frisksoftware
 
Php security common 2011
Php security common 2011Php security common 2011
Php security common 2011
10n Software, LLC
 
Rest schema design
Rest schema designRest schema design
Rest schema design
Kirsten Hunter
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
Rashid Khatmey
 
Designing for developers
Designing for developersDesigning for developers
Designing for developers
Kirsten Hunter
 
Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...
Matthew Skelton
 
HTTP: the Other ESB
HTTP: the Other ESBHTTP: the Other ESB
HTTP: the Other ESB
Ryan Riley
 
1435488539 221998
1435488539 2219981435488539 221998
1435488539 221998
Shree Krishna Shrestha
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
-jyothish kumar sirigidi
 
2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain
Christian Martorella
 
Php manish
Php manishPhp manish
Php manish
Manish Jain
 
Building APIs with FRAPI
Building APIs with FRAPIBuilding APIs with FRAPI
Building APIs with FRAPI
David Coallier
 
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.pptAndrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
BUSHRASHAIKH804312
 
Introduction to CodeIgniter
Introduction to CodeIgniterIntroduction to CodeIgniter
Introduction to CodeIgniter
kindafunnylookin
 
Wfuzz for Penetration Testers
Wfuzz for Penetration TestersWfuzz for Penetration Testers
Wfuzz for Penetration Testers
Christian Martorella
 
Why documentation osidays
Why documentation osidaysWhy documentation osidays
Why documentation osidays
Bastian Feder
 
PHP Performance: Principles and tools
PHP Performance: Principles and toolsPHP Performance: Principles and tools
PHP Performance: Principles and tools
10n Software, LLC
 
Open Source Compliance at Twitter
Open Source Compliance at TwitterOpen Source Compliance at Twitter
Open Source Compliance at Twitter
Chris Aniszczyk
 
Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010
Twilio Inc
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
nhepner
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
International College of Security Studies
 
Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016
Andrew McNicol
 
API Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC ChapterAPI Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC Chapter
Tom Johnson
 
API Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC ChapterAPI Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC Chapter
Tom Johnson
 
C#.net
C#.netC#.net
C#.net
AllsoftSolutions
 
Git store
Git storeGit store
Git store
Kirsten Hunter
 
Polyglot copy
Polyglot copyPolyglot copy
Polyglot copy
Kirsten Hunter
 

More Related Content

Similar to Successful developers

PHP Performance: Principles and tools
PHP Performance: Principles and toolsPHP Performance: Principles and tools
PHP Performance: Principles and tools
10n Software, LLC
 
Open Source Compliance at Twitter
Open Source Compliance at TwitterOpen Source Compliance at Twitter
Open Source Compliance at Twitter
Chris Aniszczyk
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
nhepner
 

Similar to Successful developers (20)

Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...
 
HTTP: the Other ESB
HTTP: the Other ESBHTTP: the Other ESB
HTTP: the Other ESB
 
1435488539 221998
1435488539 2219981435488539 221998
1435488539 221998
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
 
2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain
 
Php manish
Php manishPhp manish
Php manish
 
Building APIs with FRAPI
Building APIs with FRAPIBuilding APIs with FRAPI
Building APIs with FRAPI
 
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.pptAndrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
 
Introduction to CodeIgniter
Introduction to CodeIgniterIntroduction to CodeIgniter
Introduction to CodeIgniter
 
Wfuzz for Penetration Testers
Wfuzz for Penetration TestersWfuzz for Penetration Testers
Wfuzz for Penetration Testers
 
Why documentation osidays
Why documentation osidaysWhy documentation osidays
Why documentation osidays
 
PHP Performance: Principles and tools
PHP Performance: Principles and toolsPHP Performance: Principles and tools
PHP Performance: Principles and tools
 
Open Source Compliance at Twitter
Open Source Compliance at TwitterOpen Source Compliance at Twitter
Open Source Compliance at Twitter
 
Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
 
Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016
 
API Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC ChapterAPI Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC Chapter
 
API Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC ChapterAPI Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC Chapter
 
C#.net
C#.netC#.net
C#.net
 

More from Kirsten Hunter

Polyglot copy
Polyglot copyPolyglot copy
Polyglot copy
Kirsten Hunter
 
API 101 - Understanding APIs.
API 101 - Understanding APIs.API 101 - Understanding APIs.
API 101 - Understanding APIs.
Kirsten Hunter
 
Demystifying REST - SFRails meetup
Demystifying REST - SFRails meetupDemystifying REST - SFRails meetup
Demystifying REST - SFRails meetup
Kirsten Hunter
 
Demystifying REST
Demystifying RESTDemystifying REST
Demystifying REST
Kirsten Hunter
 

More from Kirsten Hunter (20)

Git store
Git storeGit store
Git store
 
Polyglot copy
Polyglot copyPolyglot copy
Polyglot copy
 
Quantifying your-fitness
Quantifying your-fitnessQuantifying your-fitness
Quantifying your-fitness
 
Api intensive - What they Are
Api intensive - What they AreApi intensive - What they Are
Api intensive - What they Are
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apis
 
Api 101
Api 101Api 101
Api 101
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apis
 
Api 101
Api 101Api 101
Api 101
 
Designing irresistible APIs
Designing irresistible APIsDesigning irresistible APIs
Designing irresistible APIs
 
API First
API FirstAPI First
API First
 
API 101 Workshop from APIStrat Conference
API 101 Workshop from APIStrat ConferenceAPI 101 Workshop from APIStrat Conference
API 101 Workshop from APIStrat Conference
 
Liberating your data
Liberating your dataLiberating your data
Liberating your data
 
Liberating your data
Liberating your dataLiberating your data
Liberating your data
 
API 101 - Understanding APIs.
API 101 - Understanding APIs.API 101 - Understanding APIs.
API 101 - Understanding APIs.
 
Demystifying REST - SFRails meetup
Demystifying REST - SFRails meetupDemystifying REST - SFRails meetup
Demystifying REST - SFRails meetup
 
Quantifying fitness
Quantifying fitnessQuantifying fitness
Quantifying fitness
 
Prototyping in the cloud
Prototyping in the cloudPrototyping in the cloud
Prototyping in the cloud
 
Facebook appsincloud
Facebook appsincloudFacebook appsincloud
Facebook appsincloud
 
Demystifying REST
Demystifying RESTDemystifying REST
Demystifying REST
 
PHP Architect Virtual Cloud summit
PHP Architect Virtual Cloud summitPHP Architect Virtual Cloud summit
PHP Architect Virtual Cloud summit
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Successful developers

  • 1. Kirsten Jones, Technical Leader, Cisco Systems @synedra http://www.princesspolymath.com
  • 2. API Developers  Application Developers  Architects / Designers  Focus: Successful Developers
  • 3. Good Documentation  Common Pain Points  HTTP Sniffing  Understanding Error Codes  Debugging Strategies
  • 4. What can I do?  Walk-throughs and tutorials  Lots of working code  Small chunks with frequent successes  Example applications  Examples:  LinkedIn Javascript Tutorials  LinkedIn Getting Started
  • 5. Lack of understanding of HTTP structure  Libraries “masking” responses  Error code confusion  Authentication
  • 6. Many developers don’t understand HTTP basics  Libraries allow them to interact with the API but not understand issues  REST feels like a “black box”
  • 7. Clear and complete tutorials, with and without libraries  Pointers to HTTP basics  My OSCON presentation has good info  Developer tools demonstrating successful calls (OAuth Test Console, IODocs)
  • 8.  3rd Party (or company-supported) libraries are great but…  Frequently error codes or other responses are masked  Can get out of sync  Supporting the API is different from supporting a library
  • 9. HTTP status is very helpful  50x: we screwed up.  40x: you screwed up.  30x: ask that dude over there.  20x: cool.  Consistency within the API is critical  Useful error messages for broad errors (4xx errors) Document, explain, demonstrate!
  • 10. Teach your developers to be successful  Watch the traffic with a sniffer  All requests should include headers, body, exact URL  A great bug report:  I did X  I expected Y to happen  To my dismay, Z happened instead
  • 11. Use existing, tested libraries  Code defensively  Servers aren’t that smart  In most cases a working example will help  Lots of code samples, well documented  Use case based
  • 12. Macintosh: HTTPScoop http://tuffcode.com/  Macintosh: Charles (supports SSL) http://www.charlesproxy.com/  Windows: Fiddler http://www.fiddler2.com/fiddler2/  Unix (or Mac): Wireshark (X11) http://www.wireshark.org/
  • 13. 401 authentication errors (signatures, tokens)  403 authorization errors (throttles, permissions)  400 errors – parameters, headers  Content-type errors
  • 14. Pain points  HTTP Sniffers  Good questions

Editor's Notes

  1. How do they differ?Sometimes they can be used interchangeably – we’ll see an example of this later with OAuth – then the developer can chooseUsually parameters are used to refine the request, better define what’s being requested, and headers are used for metadataFormat or metadata about the request
  2. Secure/not securePretty/not prettyWireshark is nice but ugly (X11)