Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Api design and development

114 views

Published on

Basics of API Design and development. After the presentation, we developed a python flask-based app that you use to remind yourself anything via an api https://github.com/oquidave/reminderme

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Api design and development

  1. 1. API Design & Devp with AT
  2. 2. What is an API Similarly, an API lists a bunch of operations that developers can use, along with a description of what they do.
  3. 3. How an API works
  4. 4. API protocols and Architecture
  5. 5. SOAP XML used as data format, - Too verbose on client and server side - Still used by banks and Telcos
  6. 6. REST
  7. 7. GraphQL
  8. 8. HTTP Basics
  9. 9. Anatomy of an HTTP Request - The version of the HTTP protocol. - Optional headers that convey additional information for the servers. - Body, for some methods like POST, similar to those in responses, which contain the resource sent.
  10. 10. Anatomy of an HTTP Response - HTTP version protocol they follow. - Status code indicating if the request has been successful, or not, and why. - Status message a non-authoritative short description of the status code. - HTTP headers like those for requests. - Optionally a body containing the fetched resource.
  11. 11. Representing Data: REST Data formats curl -i -u application_name:application_password --data '{"password": "my_password"}' http://localhost/myapi/1/auth?username=my_usernam e --header 'Content-Type: application/json' --header 'Accept: application/json'
  12. 12. API Authentication - There are three common API authentication schemes; - Basic Auth - API keys - OAuth
  13. 13. Authentication: Basic Authentication - Basic Auth only requires a username and password. - Passed on via Authorization HTTP header - Server returns http code 401 to let client know authorization failed
  14. 14. API Key Authentication - key is usually a long series of letters and numbers that is distinct from the account owner's login password - keys are used simply so the user does not have to give out their password - You can put the key in the Authorization header or add the key onto the URL (http://example.com?api_key=my_se cret_key)
  15. 15. Open Authorization (OAuth) - Automates key exchange by providing a standard way for the client to get a key from server through walking user via simple steps. - OAuth 2 involves; - User: Person who wants to connect two websites they use - Client: Website that will be granted access to the user's data - Server: website that has the user's data
  16. 16. API design basics - Resources are the nouns of APIs - Key pointers; - Decide what resource(s) need to be available. - Assign URLs to those resources. - Decide what actions the client should be allowed to perform on those resources. - Figure out what pieces of data are required for each action and what format they should be in.
  17. 17. Example Rest API actions & url endpoints
  18. 18. API Development & testing tools
  19. 19. Try out Africa’s Talking APIs
  20. 20. Thank You David Okwii, Developer relations, Africa’s talking dokwi@africastalking.com @oquidave on Twitter More cool Resources: ● Api security checklist https://github.com/shieldfy/API-Security-Checklist ● API best practices: https://www.vinaysahni.com/best-practices-for-a-prag matic-restful-api ● Mozilla: https://developer.mozilla.org/en-US/docs/Web/HTTP/ Overview ● Zapier: https://zapier.com/learn/apis/

×