SlideShare a Scribd company logo

JOSA TechTalks - RESTful API Concepts and Best Practices

Jordan Open Source Association
Jordan Open Source Association

Everyday we create services for our systems. A lot of people create RESTful APIs but much more can be accomplished by following best practices and treating your APIs as a product to be consumed by fellow team members, systems and 3rd party consumers. We will discuss what makes a great RESTful API and share some of our experiences building some that power real systems. This was part of JOSA TechTalks project within Jordan Open Source Association, presented by Yazan Quteishat and Tambi Jalouqa.

Software
1 of 48
Download to read offline
RESTFUL API CONCEPTS AND BEST PRACTICES Yazan Qutieshat Tambi Jalouqa Senior Software Engineer at Souq.com a subsidiary of amazon Head of Products at Propeller inc.
Working on a social media aggregator opened my eyes to many restful APIs such as (Facebook, Twitter, Instagram…) How i used to create API’s `GET /getComments/` [Get Comments] `POST /addComment/` [Add a Comment] `POST /deleteComment/` [Delete a Comment] MY STORY How Facebook API's work `GET /posts/{post_id}/comments` [Get Comments] `POST /posts/{post_id}/comments` [Add a Comment]
 `DELETE /comments/{comment_id}` [Delete a Comment]
RESTFUL ARCHITECTURE WHAT MAKES AN API RESTFUL Representational state transfer (REST) or RESTful web services is a way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations.
RESTFUL ARCHITECTURE WHAT MAKES AN API RESTFUL REST is the underlying architectural principle of the web. The amazing thing about the web is the fact that clients and servers can interact in complex ways without the client knowing anything beforehand about the server and the resources it hosts.
ARCHITECTURAL STYLE
THE SIMPLE VERSION A set of guidelines (attributes and characteristic) that aims to design a single interface that reflect your business to all your consumers while being stateless and readable.
WHAT MAKES AN API RESTFUL The main ingredients of a Restful Api • Resources • Protocol (Http) • Headers • Methods • Status Codes The Guidelines
WHAT MAKES AN API RESTFUL Resources : Any abstraction of information that has a meaning in your domain (business) The Guidelines • Virtual object. • Singleton or a Collection • List of available options. • Result of a mathematical operation.
WHAT MAKES AN API RESTFUL Protocol (HTTP) : Methods : Use Methods to Retrieve and Manipulate (Creation, Mutation) resources. The Guidelines • GET [Retrieve] : Safe, Idempotent , Cacheable • PUT [update] : Idempotent • DELETE [delete]: Idempotent • PATCH [Partial update] : Idempotent • POST [Create]
WHAT MAKES AN API RESTFUL Protocol (HTTP) : Status Codes : Use Status Codes to inform how client how he should proceed. The Guidelines • Successful 2xx (200 Successful, 201 Created, 204 No Content) • Multiple choices 3xx (301 Moved, 302 Found, 304 Not Modified) • User Errors 4xx (401 Unauthorized, 403 Forbidden, 404 Not Found, 422 Unprocessable Entity ) • Server Errors 5xx
THE ALTERNATIVES SOAP RPC GRAPH
THE ALTERNATIVES RPC Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer on a network without having to understand the network's details. A procedure call is also sometimes known as a function call or a subroutine call • Complicated • Lacks consistency • Oriented around procedures
THE ALTERNATIVES SOAP It is method for exchanging XML based message over the Internet for providing and consuming web services. SOAP message are transferred forming the SOAP-Envelope. • Rigid • Requires Development • Requires Knowledge
THE ALTERNATIVES GRAPH QL Instead of working with rigid server-defined endpoints, you can send queries to get exactly the data you’re looking for in one request • Still Young • Requires domain knowledge • Coupled with the backend
BENEFITS • Simple • Scalable • Cacheable • Testable
REINVENTING THE WHEEL Authentication (Basic, OAuth, JWT) Security (ACL, CORS) Traffic control (Rate Limiting, Termination) Logging
TOOLS
TOOLS Word Documents DOCUMENTATION
TOOLS Apiary (Blueprint) DOCUMENTATION
TOOLS Swagger DOCUMENTATION
TOOLS API Gateway AWS Apigee Kong MANAGEMENT
TOOLS Acceptance Testing Continuous Integration TESTING
THANK YOU END OF PART ONE
BEST PRACTICES FOR CREATING A RESTFUL API
API FIRST DEVELOPMENT Lets start with a story about a mountain bike trail
I LOVE MOUNTAIN BIKING AND THATS WHY I BUILD TRAILS
BUT BUILDING TRAILS IS HARD AND REQUIRES TRAIL DESIGN
HEAVY MACHINERY COMES LAST. MARKING WITH STICK AND STONE IS FIRST
SKETCHING VS PIXEL PERFECT DESIGN • Include the team • Allow change to happen • Faster feedback loop
TREAT YOUR API LIKE A CONSUMER PRODUCT Consumers of your API should be treated as if they are going to pay for it. Do not take them for granted. They will either move on or have a bad experience.
USER EXPERIENCE
USER EXPERIENCE Using the proper language while naming your endpoints and resources will help users understand how to use your API. Using nouns vs verbs helps set the mental model for using the API. COMMUNICATE PROPERLY Use
 POST /people Instead of 
 POST /addPerson
Be consistent in your return status codes. Try to use a few but well understood status codes such as 200, 201, 403 Do not re-define status codes in a way that will confuse users. Returning a 201 when a resource is edited will confuse the user and increase cognitive load. BE FAMILIAR USER EXPERIENCE
Be clear about the wrong ways of using your API. If you require a certain schema return an error that is descriptive of what is the issue. Invalid keys, invalid datatypes, required fields that are empty. You will make solving issues while using the API much faster if you are clear and helpful. ALWAYS GIVE USEFUL FEEDBACK USER EXPERIENCE
Always return the same schema or status code for the same operations if possible This will help users re-use their learned behavior For example they can create an abstraction around using your API BE CONSISTENT USER EXPERIENCE
Implement a consistent pagination, filtering or relations in your API Different users will have different needs. One user might want the whole collection while another will only need a few pages. Mobile clients would try to be bandwidth conservative and only ask for what they need. DESIGN FOR DIFFERENT USE 
 GET /people?fields=firstname,lastname&limit=10&skip=3 USER EXPERIENCE
HELP USERS BE SMARTER USER EXPERIENCE
HELP USERS BE SMARTER Specify the life of your returned results. Add meta data to allow smart users to cache your data to reduce chatter and allow for offline experiences. Use ETag or Last-Modified to allow users to know if a resource has been updated and they will receive fresh data from your API USER EXPERIENCE
USER EXPERIENCE BE BACKWARDS COMPATIBLE Versioning your api will allow for users that have not updated their code to continue interacting with your API This allows for an incremental move to a newer version on their own paces. But always give them a push toward newer better versions. Available options are URI based versioning or the Accept header or custom request headers.
COMMON PITFALLS
Many times API designers tend to crudify their APIs Always think about each resource and how it fits your domain. Sometimes a resource will only allow for creating a new resource and not editing it. ALWAYS USING CRUD COMMON PITFALLS e.g. financial transactions
 POST /transactions Transactions will not accept PUT, PATCH, DELETE
Changes to an API that will break existing clients need to be clear. If the interface changes underneath without them knowing it systems will break. As discussed before always increment the available version and help onboard users to the newer API Always communicate upcoming changes and create the proper channels to facilitate that NOT USING VERSIONING COMMON PITFALLS
COMMON PITFALLS Designing an API without the proper feedback loop will guarantee that your API is not usable. Not taking the users into consideration will create an API that is not user-centered and will require a re-design for new use cases. NOT INCLUDING YOUR STAKEHOLDERS
COMMON PITFALLS Use industry standards to document your API, Swagger, Blueprint, RAML, etc. Having the users to either ask for the schema or read through your code to understand usage of your API is a recipe for disaster. NOT DOCUMENTING
ALWAYS BE DESIGNING THE API IS A CONSUMER FACING PRODUCT, TREAT THEM THAT WAY.
THANK YOU END OF PART TWO
Q&A Yazan Qutieshat Tambi Jalouqa Senior Software Engineer at Souq.com a subsidiary of amazon
 yazan.qutieshat@gmail.com Head of Products at Propeller inc. 
 tambi@propellerinc.me

Recommended

JOSA TechTalks - Better Web Apps with React and Redux
JOSA TechTalks - Better Web Apps with React and ReduxJOSA TechTalks - Better Web Apps with React and Redux
JOSA TechTalks - Better Web Apps with React and ReduxJordan Open Source Association
 
Building Modern Web Applications using React and Redux
Building Modern Web Applications using React and Redux Building Modern Web Applications using React and Redux
Building Modern Web Applications using React and ReduxMaxime Najim
 
Introduction to React
Introduction to ReactIntroduction to React
Introduction to ReactRob Quick
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .paradisetechsoftsolutions
 
React js - The Core Concepts
React js - The Core ConceptsReact js - The Core Concepts
React js - The Core ConceptsDivyang Bhambhani
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .paradisetechsoftsolutions
 
React JS: A Secret Preview
React JS: A Secret PreviewReact JS: A Secret Preview
React JS: A Secret Previewvaluebound
 
Reactjs
Reactjs Reactjs
Reactjs Neha Sharma
 

Recommended

JOSA TechTalks - Better Web Apps with React and Redux
JOSA TechTalks - Better Web Apps with React and ReduxJOSA TechTalks - Better Web Apps with React and Redux
JOSA TechTalks - Better Web Apps with React and ReduxJordan Open Source Association
 
Building Modern Web Applications using React and Redux
Building Modern Web Applications using React and Redux Building Modern Web Applications using React and Redux
Building Modern Web Applications using React and ReduxMaxime Najim
 
Introduction to React
Introduction to ReactIntroduction to React
Introduction to ReactRob Quick
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .paradisetechsoftsolutions
 
React js - The Core Concepts
React js - The Core ConceptsReact js - The Core Concepts
React js - The Core ConceptsDivyang Bhambhani
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .paradisetechsoftsolutions
 
React JS: A Secret Preview
React JS: A Secret PreviewReact JS: A Secret Preview
React JS: A Secret Previewvaluebound
 
Reactjs
Reactjs Reactjs
Reactjs Neha Sharma
 
React js
React jsReact js
React jsAlireza Akbari
 
Getting Started with React-Nathan Smith
Getting Started with React-Nathan SmithGetting Started with React-Nathan Smith
Getting Started with React-Nathan SmithTandemSeven
 
React-js
React-jsReact-js
React-jsAvi Kedar
 
Internal workshop react-js-mruiz
Internal workshop react-js-mruizInternal workshop react-js-mruiz
Internal workshop react-js-mruizMiguel Ruiz Rodriguez
 
React js basics
React js basicsReact js basics
React js basicsMaulik Shah
 
Tech Talk on ReactJS
Tech Talk on ReactJSTech Talk on ReactJS
Tech Talk on ReactJSAtlogys Technical Consulting
 
React js programming concept
React js programming conceptReact js programming concept
React js programming conceptTariqul islam
 
Fundamental concepts of react js
Fundamental concepts of react jsFundamental concepts of react js
Fundamental concepts of react jsStephieJohn
 
React js Rahil Memon
React js Rahil MemonReact js Rahil Memon
React js Rahil MemonRahilMemon5
 
[React Native Tutorial] Lecture 6: Component, Props, and Network
[React Native Tutorial] Lecture 6: Component, Props, and Network[React Native Tutorial] Lecture 6: Component, Props, and Network
[React Native Tutorial] Lecture 6: Component, Props, and NetworkKobkrit Viriyayudhakorn
 
React introduction
React introductionReact introduction
React introductionKashyap Parmar
 
Ryan Christiani I Heard React Was Good
Ryan Christiani I Heard React Was GoodRyan Christiani I Heard React Was Good
Ryan Christiani I Heard React Was GoodFITC
 
React JS
React JSReact JS
React JSSoftware Infrastructure
 
learning react
learning reactlearning react
learning reactEueung Mulyana
 
An Overview of the React Ecosystem
An Overview of the React EcosystemAn Overview of the React Ecosystem
An Overview of the React EcosystemFITC
 
How native is React Native? | React Native vs Native App Development
How native is React Native? | React Native vs Native App DevelopmentHow native is React Native? | React Native vs Native App Development
How native is React Native? | React Native vs Native App DevelopmentDevathon
 
Intro to React
Intro to ReactIntro to React
Intro to ReactJustin Reock
 
Top 8 benefits of react js
Top 8 benefits of react jsTop 8 benefits of react js
Top 8 benefits of react jsRani Sinha
 
React workshop
React workshopReact workshop
React workshopImran Sayed
 
Introduction to react
Introduction to reactIntroduction to react
Introduction to reactkiranabburi
 
Business Applications Integration In The Cloud
Business Applications Integration In The CloudBusiness Applications Integration In The Cloud
Business Applications Integration In The CloudAnna Brzezińska
 
Building the Eventbrite API Ecosystem
Building the Eventbrite API EcosystemBuilding the Eventbrite API Ecosystem
Building the Eventbrite API EcosystemMitch Colleran
 

More Related Content

What's hot

Getting Started with React-Nathan Smith
Getting Started with React-Nathan SmithGetting Started with React-Nathan Smith
Getting Started with React-Nathan SmithTandemSeven
 
React js programming concept
React js programming conceptReact js programming concept
React js programming conceptTariqul islam
 
Fundamental concepts of react js
Fundamental concepts of react jsFundamental concepts of react js
Fundamental concepts of react jsStephieJohn
 
React js Rahil Memon
React js Rahil MemonReact js Rahil Memon
React js Rahil MemonRahilMemon5
 
[React Native Tutorial] Lecture 6: Component, Props, and Network
[React Native Tutorial] Lecture 6: Component, Props, and Network[React Native Tutorial] Lecture 6: Component, Props, and Network
[React Native Tutorial] Lecture 6: Component, Props, and NetworkKobkrit Viriyayudhakorn
 
Ryan Christiani I Heard React Was Good
Ryan Christiani I Heard React Was GoodRyan Christiani I Heard React Was Good
Ryan Christiani I Heard React Was GoodFITC
 
An Overview of the React Ecosystem
An Overview of the React EcosystemAn Overview of the React Ecosystem
An Overview of the React EcosystemFITC
 
How native is React Native? | React Native vs Native App Development
How native is React Native? | React Native vs Native App DevelopmentHow native is React Native? | React Native vs Native App Development
How native is React Native? | React Native vs Native App DevelopmentDevathon
 
Top 8 benefits of react js
Top 8 benefits of react jsTop 8 benefits of react js
Top 8 benefits of react jsRani Sinha
 
Introduction to react
Introduction to reactIntroduction to react
Introduction to reactkiranabburi
 

What's hot (20)

React js
React jsReact js
React js
 
Getting Started with React-Nathan Smith
Getting Started with React-Nathan SmithGetting Started with React-Nathan Smith
Getting Started with React-Nathan Smith
 
React-js
React-jsReact-js
React-js
 
Internal workshop react-js-mruiz
Internal workshop react-js-mruizInternal workshop react-js-mruiz
Internal workshop react-js-mruiz
 
React js basics
React js basicsReact js basics
React js basics
 
Tech Talk on ReactJS
Tech Talk on ReactJSTech Talk on ReactJS
Tech Talk on ReactJS
 
React js programming concept
React js programming conceptReact js programming concept
React js programming concept
 
Fundamental concepts of react js
Fundamental concepts of react jsFundamental concepts of react js
Fundamental concepts of react js
 
React js Rahil Memon
React js Rahil MemonReact js Rahil Memon
React js Rahil Memon
 
[React Native Tutorial] Lecture 6: Component, Props, and Network
[React Native Tutorial] Lecture 6: Component, Props, and Network[React Native Tutorial] Lecture 6: Component, Props, and Network
[React Native Tutorial] Lecture 6: Component, Props, and Network
 
React introduction
React introductionReact introduction
React introduction
 
Ryan Christiani I Heard React Was Good
Ryan Christiani I Heard React Was GoodRyan Christiani I Heard React Was Good
Ryan Christiani I Heard React Was Good
 
React JS
React JSReact JS
React JS
 
learning react
learning reactlearning react
learning react
 
An Overview of the React Ecosystem
An Overview of the React EcosystemAn Overview of the React Ecosystem
An Overview of the React Ecosystem
 
How native is React Native? | React Native vs Native App Development
How native is React Native? | React Native vs Native App DevelopmentHow native is React Native? | React Native vs Native App Development
How native is React Native? | React Native vs Native App Development
 
Intro to React
Intro to ReactIntro to React
Intro to React
 
Top 8 benefits of react js
Top 8 benefits of react jsTop 8 benefits of react js
Top 8 benefits of react js
 
React workshop
React workshopReact workshop
React workshop
 
Introduction to react
Introduction to reactIntroduction to react
Introduction to react
 

Similar to JOSA TechTalks - RESTful API Concepts and Best Practices

Business Applications Integration In The Cloud
Business Applications Integration In The CloudBusiness Applications Integration In The Cloud
Business Applications Integration In The CloudAnna Brzezińska
 
Building the Eventbrite API Ecosystem
Building the Eventbrite API EcosystemBuilding the Eventbrite API Ecosystem
Building the Eventbrite API EcosystemMitch Colleran
 
Best practices and advantages of REST APIs
Best practices and advantages of REST APIsBest practices and advantages of REST APIs
Best practices and advantages of REST APIsAparna Sharma
 
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays
 
The ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.ioThe ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.ioBlendr.io
 
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...Jitendra Bafna
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxapidays
 
DataHero / Eventbrite - API Best Practices
DataHero / Eventbrite - API Best PracticesDataHero / Eventbrite - API Best Practices
DataHero / Eventbrite - API Best PracticesJeff Zabel
 
RefCard API Architecture Strategy
RefCard API Architecture StrategyRefCard API Architecture Strategy
RefCard API Architecture StrategyOCTO Technology
 
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech Calidad Infotech
 
Do not automate GUI testing
Do not automate GUI testingDo not automate GUI testing
Do not automate GUI testingAtila Inovecký
 
Java Test Automation for REST, Web and Mobile
Java Test Automation for REST, Web and MobileJava Test Automation for REST, Web and Mobile
Java Test Automation for REST, Web and MobileElias Nogueira
 
Oracle API Platform Cloud Service Best Practices & Lessons Learnt
Oracle API Platform Cloud Service Best Practices & Lessons LearntOracle API Platform Cloud Service Best Practices & Lessons Learnt
Oracle API Platform Cloud Service Best Practices & Lessons Learntluisw19
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?Jouni Heikniemi
 

Similar to JOSA TechTalks - RESTful API Concepts and Best Practices (20)

Business Applications Integration In The Cloud
Business Applications Integration In The CloudBusiness Applications Integration In The Cloud
Business Applications Integration In The Cloud
 
Building the Eventbrite API Ecosystem
Building the Eventbrite API EcosystemBuilding the Eventbrite API Ecosystem
Building the Eventbrite API Ecosystem
 
Best practices and advantages of REST APIs
Best practices and advantages of REST APIsBest practices and advantages of REST APIs
Best practices and advantages of REST APIs
 
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
 
The ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.ioThe ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.io
 
Open Banking & Open Insurance
Open Banking & Open InsuranceOpen Banking & Open Insurance
Open Banking & Open Insurance
 
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptx
 
DataHero / Eventbrite - API Best Practices
DataHero / Eventbrite - API Best PracticesDataHero / Eventbrite - API Best Practices
DataHero / Eventbrite - API Best Practices
 
RefCard API Architecture Strategy
RefCard API Architecture StrategyRefCard API Architecture Strategy
RefCard API Architecture Strategy
 
Api design part 1
Api design part 1Api design part 1
Api design part 1
 
APITalkMeetupSharable
APITalkMeetupSharableAPITalkMeetupSharable
APITalkMeetupSharable
 
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
 
Do not automate GUI testing
Do not automate GUI testingDo not automate GUI testing
Do not automate GUI testing
 
Java Test Automation for REST, Web and Mobile
Java Test Automation for REST, Web and MobileJava Test Automation for REST, Web and Mobile
Java Test Automation for REST, Web and Mobile
 
M meijer api management - tech-days 2015
M meijer api management - tech-days 2015M meijer api management - tech-days 2015
M meijer api management - tech-days 2015
 
Oracle API Platform Cloud Service Best Practices & Lessons Learnt
Oracle API Platform Cloud Service Best Practices & Lessons LearntOracle API Platform Cloud Service Best Practices & Lessons Learnt
Oracle API Platform Cloud Service Best Practices & Lessons Learnt
 
Crafting APIs
Crafting APIsCrafting APIs
Crafting APIs
 
Api Testing.pdf
Api Testing.pdfApi Testing.pdf
Api Testing.pdf
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?
 

More from Jordan Open Source Association

JOSA TechTalks - Machine Learning on Graph-Structured Data
JOSA TechTalks - Machine Learning on Graph-Structured DataJOSA TechTalks - Machine Learning on Graph-Structured Data
JOSA TechTalks - Machine Learning on Graph-Structured DataJordan Open Source Association
 
JOSA TechTalks - Word Embedding and Word2Vec Explained
JOSA TechTalks - Word Embedding and Word2Vec ExplainedJOSA TechTalks - Word Embedding and Word2Vec Explained
JOSA TechTalks - Word Embedding and Word2Vec ExplainedJordan Open Source Association
 

More from Jordan Open Source Association (20)

JOSA TechTalks - Data Oriented Architecture
JOSA TechTalks - Data Oriented ArchitectureJOSA TechTalks - Data Oriented Architecture
JOSA TechTalks - Data Oriented Architecture
 
JOSA TechTalks - Machine Learning on Graph-Structured Data
JOSA TechTalks - Machine Learning on Graph-Structured DataJOSA TechTalks - Machine Learning on Graph-Structured Data
JOSA TechTalks - Machine Learning on Graph-Structured Data
 
OpenSooq Mobile Infrastructure @ Scale
OpenSooq Mobile Infrastructure @ ScaleOpenSooq Mobile Infrastructure @ Scale
OpenSooq Mobile Infrastructure @ Scale
 
Data-Driven Digital Transformation
Data-Driven Digital TransformationData-Driven Digital Transformation
Data-Driven Digital Transformation
 
Data Science in Action
Data Science in ActionData Science in Action
Data Science in Action
 
Processing Arabic Text
Processing Arabic TextProcessing Arabic Text
Processing Arabic Text
 
JOSA TechTalks - Downgrade your Costs
JOSA TechTalks - Downgrade your CostsJOSA TechTalks - Downgrade your Costs
JOSA TechTalks - Downgrade your Costs
 
JOSA TechTalks - Docker in Production
JOSA TechTalks - Docker in ProductionJOSA TechTalks - Docker in Production
JOSA TechTalks - Docker in Production
 
JOSA TechTalks - Word Embedding and Word2Vec Explained
JOSA TechTalks - Word Embedding and Word2Vec ExplainedJOSA TechTalks - Word Embedding and Word2Vec Explained
JOSA TechTalks - Word Embedding and Word2Vec Explained
 
Web app architecture
Web app architectureWeb app architecture
Web app architecture
 
Intro to the Principles of Graphic Design
Intro to the Principles of Graphic DesignIntro to the Principles of Graphic Design
Intro to the Principles of Graphic Design
 
Intro to Graphic Design Elements
Intro to Graphic Design ElementsIntro to Graphic Design Elements
Intro to Graphic Design Elements
 
JOSA TechTalk: Realtime monitoring and alerts
JOSA TechTalk: Realtime monitoring and alerts JOSA TechTalk: Realtime monitoring and alerts
JOSA TechTalk: Realtime monitoring and alerts
 
JOSA TechTalk: Metadata Management
in Big Data
JOSA TechTalk: Metadata Management
in Big DataJOSA TechTalk: Metadata Management
in Big Data
JOSA TechTalk: Metadata Management
in Big Data
 
JOSA TechTalk: Introduction to Supervised Learning
JOSA TechTalk: Introduction to Supervised LearningJOSA TechTalk: Introduction to Supervised Learning
JOSA TechTalk: Introduction to Supervised Learning
 
JOSA TechTalk: Taking Docker to Production
JOSA TechTalk: Taking Docker to ProductionJOSA TechTalk: Taking Docker to Production
JOSA TechTalk: Taking Docker to Production
 
JOSA TechTalk: Introduction to docker
JOSA TechTalk: Introduction to dockerJOSA TechTalk: Introduction to docker
JOSA TechTalk: Introduction to docker
 
D programming language
D programming languageD programming language
D programming language
 
A taste of Functional Programming
A taste of Functional ProgrammingA taste of Functional Programming
A taste of Functional Programming
 
JOSA TechTalks - Machine Learning in Practice
JOSA TechTalks - Machine Learning in PracticeJOSA TechTalks - Machine Learning in Practice
JOSA TechTalks - Machine Learning in Practice
 

Recently uploaded

React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 

Recently uploaded (20)

React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 

JOSA TechTalks - RESTful API Concepts and Best Practices

  • 1. RESTFUL API CONCEPTS AND BEST PRACTICES Yazan Qutieshat Tambi Jalouqa Senior Software Engineer at Souq.com a subsidiary of amazon Head of Products at Propeller inc.
  • 2. Working on a social media aggregator opened my eyes to many restful APIs such as (Facebook, Twitter, Instagram…) How i used to create API’s `GET /getComments/` [Get Comments] `POST /addComment/` [Add a Comment] `POST /deleteComment/` [Delete a Comment] MY STORY How Facebook API's work `GET /posts/{post_id}/comments` [Get Comments] `POST /posts/{post_id}/comments` [Add a Comment]
 `DELETE /comments/{comment_id}` [Delete a Comment]
  • 3. RESTFUL ARCHITECTURE WHAT MAKES AN API RESTFUL Representational state transfer (REST) or RESTful web services is a way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations.
  • 4. RESTFUL ARCHITECTURE WHAT MAKES AN API RESTFUL REST is the underlying architectural principle of the web. The amazing thing about the web is the fact that clients and servers can interact in complex ways without the client knowing anything beforehand about the server and the resources it hosts.
  • 6. THE SIMPLE VERSION A set of guidelines (attributes and characteristic) that aims to design a single interface that reflect your business to all your consumers while being stateless and readable.
  • 7. WHAT MAKES AN API RESTFUL The main ingredients of a Restful Api • Resources • Protocol (Http) • Headers • Methods • Status Codes The Guidelines
  • 8. WHAT MAKES AN API RESTFUL Resources : Any abstraction of information that has a meaning in your domain (business) The Guidelines • Virtual object. • Singleton or a Collection • List of available options. • Result of a mathematical operation.
  • 9. WHAT MAKES AN API RESTFUL Protocol (HTTP) : Methods : Use Methods to Retrieve and Manipulate (Creation, Mutation) resources. The Guidelines • GET [Retrieve] : Safe, Idempotent , Cacheable • PUT [update] : Idempotent • DELETE [delete]: Idempotent • PATCH [Partial update] : Idempotent • POST [Create]
  • 10. WHAT MAKES AN API RESTFUL Protocol (HTTP) : Status Codes : Use Status Codes to inform how client how he should proceed. The Guidelines • Successful 2xx (200 Successful, 201 Created, 204 No Content) • Multiple choices 3xx (301 Moved, 302 Found, 304 Not Modified) • User Errors 4xx (401 Unauthorized, 403 Forbidden, 404 Not Found, 422 Unprocessable Entity ) • Server Errors 5xx
  • 12. THE ALTERNATIVES RPC Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer on a network without having to understand the network's details. A procedure call is also sometimes known as a function call or a subroutine call • Complicated • Lacks consistency • Oriented around procedures
  • 13. THE ALTERNATIVES SOAP It is method for exchanging XML based message over the Internet for providing and consuming web services. SOAP message are transferred forming the SOAP-Envelope. • Rigid • Requires Development • Requires Knowledge
  • 14. THE ALTERNATIVES GRAPH QL Instead of working with rigid server-defined endpoints, you can send queries to get exactly the data you’re looking for in one request • Still Young • Requires domain knowledge • Coupled with the backend
  • 15. BENEFITS • Simple • Scalable • Cacheable • Testable
  • 16. REINVENTING THE WHEEL Authentication (Basic, OAuth, JWT) Security (ACL, CORS) Traffic control (Rate Limiting, Termination) Logging
  • 17. TOOLS
  • 23. THANK YOU END OF PART ONE
  • 25. API FIRST DEVELOPMENT Lets start with a story about a mountain bike trail
  • 26. I LOVE MOUNTAIN BIKING AND THATS WHY I BUILD TRAILS
  • 27. BUT BUILDING TRAILS IS HARD AND REQUIRES TRAIL DESIGN
  • 28. HEAVY MACHINERY COMES LAST. MARKING WITH STICK AND STONE IS FIRST
  • 29. SKETCHING VS PIXEL PERFECT DESIGN • Include the team • Allow change to happen • Faster feedback loop
  • 30. TREAT YOUR API LIKE A CONSUMER PRODUCT Consumers of your API should be treated as if they are going to pay for it. Do not take them for granted. They will either move on or have a bad experience.
  • 32. USER EXPERIENCE Using the proper language while naming your endpoints and resources will help users understand how to use your API. Using nouns vs verbs helps set the mental model for using the API. COMMUNICATE PROPERLY Use
 POST /people Instead of 
 POST /addPerson
  • 33. Be consistent in your return status codes. Try to use a few but well understood status codes such as 200, 201, 403 Do not re-define status codes in a way that will confuse users. Returning a 201 when a resource is edited will confuse the user and increase cognitive load. BE FAMILIAR USER EXPERIENCE
  • 34. Be clear about the wrong ways of using your API. If you require a certain schema return an error that is descriptive of what is the issue. Invalid keys, invalid datatypes, required fields that are empty. You will make solving issues while using the API much faster if you are clear and helpful. ALWAYS GIVE USEFUL FEEDBACK USER EXPERIENCE
  • 35. Always return the same schema or status code for the same operations if possible This will help users re-use their learned behavior For example they can create an abstraction around using your API BE CONSISTENT USER EXPERIENCE
  • 36. Implement a consistent pagination, filtering or relations in your API Different users will have different needs. One user might want the whole collection while another will only need a few pages. Mobile clients would try to be bandwidth conservative and only ask for what they need. DESIGN FOR DIFFERENT USE 
 GET /people?fields=firstname,lastname&limit=10&skip=3 USER EXPERIENCE
  • 37. HELP USERS BE SMARTER USER EXPERIENCE
  • 38. HELP USERS BE SMARTER Specify the life of your returned results. Add meta data to allow smart users to cache your data to reduce chatter and allow for offline experiences. Use ETag or Last-Modified to allow users to know if a resource has been updated and they will receive fresh data from your API USER EXPERIENCE
  • 39. USER EXPERIENCE BE BACKWARDS COMPATIBLE Versioning your api will allow for users that have not updated their code to continue interacting with your API This allows for an incremental move to a newer version on their own paces. But always give them a push toward newer better versions. Available options are URI based versioning or the Accept header or custom request headers.
  • 40.
  • 42. Many times API designers tend to crudify their APIs Always think about each resource and how it fits your domain. Sometimes a resource will only allow for creating a new resource and not editing it. ALWAYS USING CRUD COMMON PITFALLS e.g. financial transactions
 POST /transactions Transactions will not accept PUT, PATCH, DELETE
  • 43. Changes to an API that will break existing clients need to be clear. If the interface changes underneath without them knowing it systems will break. As discussed before always increment the available version and help onboard users to the newer API Always communicate upcoming changes and create the proper channels to facilitate that NOT USING VERSIONING COMMON PITFALLS
  • 44. COMMON PITFALLS Designing an API without the proper feedback loop will guarantee that your API is not usable. Not taking the users into consideration will create an API that is not user-centered and will require a re-design for new use cases. NOT INCLUDING YOUR STAKEHOLDERS
  • 45. COMMON PITFALLS Use industry standards to document your API, Swagger, Blueprint, RAML, etc. Having the users to either ask for the schema or read through your code to understand usage of your API is a recipe for disaster. NOT DOCUMENTING
  • 46. ALWAYS BE DESIGNING THE API IS A CONSUMER FACING PRODUCT, TREAT THEM THAT WAY.
  • 47. THANK YOU END OF PART TWO
  • 48. Q&A Yazan Qutieshat Tambi Jalouqa Senior Software Engineer at Souq.com a subsidiary of amazon
 yazan.qutieshat@gmail.com Head of Products at Propeller inc. 
 tambi@propellerinc.me