Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

APIs: The Good, The Bad, The Ugly

50 views

Published on

Service oriented systems have become hugely popular, and the golden age of the monolith has past. Sometimes these services can be fantastic, and other times not so much. Learning how to evaluate APIs and identify problem areas before jumping head first into development can save teams frustration, time, and money. This session will walk through evaluating an API, best practices, and red flags, all from the standpoint of a developer consuming them. No matter your experience level, you'll leave with the skills to effectively tackle your next API.

This version given at 200ok May 2019

Published in: Software
  • Be the first to comment

  • Be the first to like this

APIs: The Good, The Bad, The Ugly

  1. 1. APIs: The Good, The Bad, The Ugly Michele Titolo Software Engineer, Square
  2. 2. @micheletitolo Consulting Mobile Backend
  3. 3. @micheletitolo What Do API Consumers Care About?
  4. 4. @micheletitolo • Documentation • URLs • Payloads • Authentication • Authorization • Errors • Caching They Care About…
  5. 5. Documentation
  6. 6. @micheletitolo The Good
  7. 7. @micheletitolo It Exists
  8. 8. @micheletitolo Bonus: It’s Interactive
  9. 9. @micheletitolo Open Api Specification
  10. 10. @micheletitolo ReDoc https://rebilly.github.io/ReDoc/
  11. 11. @micheletitolo The Bad
  12. 12. @micheletitolo Docs Aren’t Updated
  13. 13. @micheletitolo The Ugly
  14. 14. @micheletitolo Documentation?
  15. 15. Urls
  16. 16. @micheletitolo The Good
  17. 17. @micheletitolo Consistency
  18. 18. /users/22445 /products/3156 /movies/127/times
  19. 19. @micheletitolo REST Conventions
  20. 20. @micheletitolo The Bad
  21. 21. @micheletitolo Inconsistency
  22. 22. /users/22445 /reviews/3156 /times/127 Not review or time id’s
  23. 23. @micheletitolo The Ugly
  24. 24. @micheletitolo “GET /remove to delete”
  25. 25. Payloads
  26. 26. @micheletitolo The Good
  27. 27. @micheletitolo Respect Content-Type
  28. 28. @micheletitolo Versioning
  29. 29. @micheletitolo The Bad
  30. 30. Endpoint “id” field /products id /products/:id productID /cart product_id
  31. 31. @micheletitolo Change
  32. 32. @micheletitolo We Expect Certain Things
  33. 33. @micheletitolo ...like image urls having http://
  34. 34. @micheletitolo ...Like Dates Sent In The Same Format
  35. 35. @micheletitolo We Expect Certain Things To Not Change
  36. 36. @micheletitolo The Ugly
  37. 37. @micheletitolo Json Containing Html
  38. 38. @micheletitolo Unstable
  39. 39. Authentication
  40. 40. @micheletitolo The Good
  41. 41. @micheletitolo SSL
  42. 42. @micheletitolo ...when SSL is secure
  43. 43. goto fail;
  44. 44. @micheletitolo SSL Pinning
  45. 45. @micheletitolo OAuth
  46. 46. @micheletitolo The Bad
  47. 47. @micheletitolo OAuth
  48. 48. @micheletitolo The Ugly
  49. 49. Authorization
  50. 50. @micheletitolo The Good
  51. 51. @micheletitolo App Requests Permissions
  52. 52. @micheletitolo The Bad
  53. 53. @micheletitolo A Single Api Key
  54. 54. @micheletitolo {"message":"API rate limit exceeded"}
  55. 55. @micheletitolo The Ugly
  56. 56. @micheletitolo Authorization?
  57. 57. Errors
  58. 58. @micheletitolo The Good
  59. 59. @micheletitolo Error Codes
  60. 60. @micheletitolo Error Message In Response
  61. 61. @micheletitolo Human Readable Error Message
  62. 62. @micheletitolo The Bad
  63. 63. @micheletitolo “There Was An Error”
  64. 64. @micheletitolo The Ugly
  65. 65. Caching
  66. 66. @micheletitolo The Good
  67. 67. @micheletitolo Using One Of The Standards
  68. 68. @micheletitolo Cache-Control
  69. 69. @micheletitolo If-Modified-Since
  70. 70. @micheletitolo Etags
  71. 71. @micheletitolo The Bad
  72. 72. @micheletitolo Manually Processing Data
  73. 73. @micheletitolo The Ugly
  74. 74. @micheletitolo Caching
  75. 75. In Summary
  76. 76. @micheletitolo Consistency
  77. 77. @micheletitolo Conventions
  78. 78. @micheletitolo Simple
  79. 79. Questions? @MicheleTitolo
  80. 80. JSONSchema, Open Api Spec, RAML Charles, Postman http://runscope.com, also http://newrelic.com for backend analytics Versioning: http://apiux.com/2013/05/14/api-versioning/ Resources
  81. 81. • https://unsplash.com/photos/slItfWbhijc • https://unsplash.com/photos/D6uxeDSylxo • https://unsplash.com/photos/fbDPzqOXwuY • https://unsplash.com/photos/8yYAaguVDgY • https://unsplash.com/photos/yVXUtrNzJBM • https://unsplash.com/photos/BFRdqVAMAhU • https://unsplash.com/photos/1eWaod96d3k • https://unsplash.com/photos/IUY_3DvM__w

×