SlideShare a Scribd company logo

Successful developers

Download as PPTX, PDF
Kirsten Hunter
Kirsten Hunter

How to support the developers of your API, give them skills and tools to be successful. Webex of my presentation at https://cisco.webex.com/ciscosales/lsr.php?AT=pb&SP=MC&rID=62417452&rKey=caa6309156837b7a

Technology
1 of 14
Kirsten Jones, Technical Leader, Cisco Systems @synedra http://www.princesspolymath.com
 API Developers  Application Developers  Architects / Designers  Focus: Successful Developers
 Good Documentation  Common Pain Points  HTTP Sniffing  Understanding Error Codes  Debugging Strategies
 What can I do?  Walk-throughs and tutorials  Lots of working code  Small chunks with frequent successes  Example applications  Examples:  LinkedIn Javascript Tutorials  LinkedIn Getting Started
 Lack of understanding of HTTP structure  Libraries “masking” responses  Error code confusion  Authentication
 Many developers don’t understand HTTP basics  Libraries allow them to interact with the API but not understand issues  REST feels like a “black box”
 Clear and complete tutorials, with and without libraries  Pointers to HTTP basics  My OSCON presentation has good info  Developer tools demonstrating successful calls (OAuth Test Console, IODocs)
 3rd Party (or company-supported) libraries are great but…  Frequently error codes or other responses are masked  Can get out of sync  Supporting the API is different from supporting a library
 HTTP status is very helpful  50x: we screwed up.  40x: you screwed up.  30x: ask that dude over there.  20x: cool.  Consistency within the API is critical  Useful error messages for broad errors (4xx errors) Document, explain, demonstrate!
 Teach your developers to be successful  Watch the traffic with a sniffer  All requests should include headers, body, exact URL  A great bug report:  I did X  I expected Y to happen  To my dismay, Z happened instead
 Use existing, tested libraries  Code defensively  Servers aren’t that smart  In most cases a working example will help  Lots of code samples, well documented  Use case based
 Macintosh: HTTPScoop http://tuffcode.com/  Macintosh: Charles (supports SSL) http://www.charlesproxy.com/  Windows: Fiddler http://www.fiddler2.com/fiddler2/  Unix (or Mac): Wireshark (X11) http://www.wireshark.org/
 401 authentication errors (signatures, tokens)  403 authorization errors (throttles, permissions)  400 errors – parameters, headers  Content-type errors
 Pain points  HTTP Sniffers  Good questions

Recommended

Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'
Dror Helper
 
4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentation
Rashid Khatmey
 
Sorting Out The Trash
Sorting Out The TrashSorting Out The Trash
Sorting Out The Trash
frisksoftware
 
Php security common 2011
Php security common 2011Php security common 2011
Php security common 2011
10n Software, LLC
 
Rest schema design
Rest schema designRest schema design
Rest schema design
Kirsten Hunter
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
Rashid Khatmey
 
Designing for developers
Designing for developersDesigning for developers
Designing for developers
Kirsten Hunter
 

Recommended

Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'Debugging with visual studio beyond 'F5'
Debugging with visual studio beyond 'F5'
Dror Helper
 
4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentation
Rashid Khatmey
 
Sorting Out The Trash
Sorting Out The TrashSorting Out The Trash
Sorting Out The Trash
frisksoftware
 
Php security common 2011
Php security common 2011Php security common 2011
Php security common 2011
10n Software, LLC
 
Rest schema design
Rest schema designRest schema design
Rest schema design
Kirsten Hunter
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
Rashid Khatmey
 
Designing for developers
Designing for developersDesigning for developers
Designing for developers
Kirsten Hunter
 
Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...
Matthew Skelton
 
HTTP: the Other ESB
HTTP: the Other ESBHTTP: the Other ESB
HTTP: the Other ESB
Ryan Riley
 
1435488539 221998
1435488539 2219981435488539 221998
1435488539 221998
Shree Krishna Shrestha
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
-jyothish kumar sirigidi
 
2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain
Christian Martorella
 
Php manish
Php manishPhp manish
Php manish
Manish Jain
 
Building APIs with FRAPI
Building APIs with FRAPIBuilding APIs with FRAPI
Building APIs with FRAPI
David Coallier
 
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.pptAndrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
BUSHRASHAIKH804312
 
Introduction to CodeIgniter
Introduction to CodeIgniterIntroduction to CodeIgniter
Introduction to CodeIgniter
kindafunnylookin
 
Wfuzz for Penetration Testers
Wfuzz for Penetration TestersWfuzz for Penetration Testers
Wfuzz for Penetration Testers
Christian Martorella
 
Why documentation osidays
Why documentation osidaysWhy documentation osidays
Why documentation osidays
Bastian Feder
 
PHP Performance: Principles and tools
PHP Performance: Principles and toolsPHP Performance: Principles and tools
PHP Performance: Principles and tools
10n Software, LLC
 
Open Source Compliance at Twitter
Open Source Compliance at TwitterOpen Source Compliance at Twitter
Open Source Compliance at Twitter
Chris Aniszczyk
 
Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010
Twilio Inc
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
nhepner
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
International College of Security Studies
 
Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016
Andrew McNicol
 
API Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC ChapterAPI Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC Chapter
Tom Johnson
 
API Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC ChapterAPI Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC Chapter
Tom Johnson
 
C#.net
C#.netC#.net
C#.net
AllsoftSolutions
 
Git store
Git storeGit store
Git store
Kirsten Hunter
 
Polyglot copy
Polyglot copyPolyglot copy
Polyglot copy
Kirsten Hunter
 

More Related Content

Similar to Successful developers

PHP Performance: Principles and tools
PHP Performance: Principles and toolsPHP Performance: Principles and tools
PHP Performance: Principles and tools
10n Software, LLC
 
Open Source Compliance at Twitter
Open Source Compliance at TwitterOpen Source Compliance at Twitter
Open Source Compliance at Twitter
Chris Aniszczyk
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
nhepner
 

Similar to Successful developers (20)

Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...Practical, team-focused operability techniques for distributed systems - DevO...
Practical, team-focused operability techniques for distributed systems - DevO...
 
HTTP: the Other ESB
HTTP: the Other ESBHTTP: the Other ESB
HTTP: the Other ESB
 
1435488539 221998
1435488539 2219981435488539 221998
1435488539 221998
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
 
2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain2011 and still bruteforcing - OWASP Spain
2011 and still bruteforcing - OWASP Spain
 
Php manish
Php manishPhp manish
Php manish
 
Building APIs with FRAPI
Building APIs with FRAPIBuilding APIs with FRAPI
Building APIs with FRAPI
 
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.pptAndrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
 
Introduction to CodeIgniter
Introduction to CodeIgniterIntroduction to CodeIgniter
Introduction to CodeIgniter
 
Wfuzz for Penetration Testers
Wfuzz for Penetration TestersWfuzz for Penetration Testers
Wfuzz for Penetration Testers
 
Why documentation osidays
Why documentation osidaysWhy documentation osidays
Why documentation osidays
 
PHP Performance: Principles and tools
PHP Performance: Principles and toolsPHP Performance: Principles and tools
PHP Performance: Principles and tools
 
Open Source Compliance at Twitter
Open Source Compliance at TwitterOpen Source Compliance at Twitter
Open Source Compliance at Twitter
 
Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010Building A Great API - Evan Cooke, Cloudstock, December 2010
Building A Great API - Evan Cooke, Cloudstock, December 2010
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
 
Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016
 
API Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC ChapterAPI Documentation presentation to East Bay STC Chapter
API Documentation presentation to East Bay STC Chapter
 
API Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC ChapterAPI Documentation -- Presentation to East Bay STC Chapter
API Documentation -- Presentation to East Bay STC Chapter
 
C#.net
C#.netC#.net
C#.net
 

More from Kirsten Hunter

Polyglot copy
Polyglot copyPolyglot copy
Polyglot copy
Kirsten Hunter
 
API 101 - Understanding APIs.
API 101 - Understanding APIs.API 101 - Understanding APIs.
API 101 - Understanding APIs.
Kirsten Hunter
 
Demystifying REST - SFRails meetup
Demystifying REST - SFRails meetupDemystifying REST - SFRails meetup
Demystifying REST - SFRails meetup
Kirsten Hunter
 
Demystifying REST
Demystifying RESTDemystifying REST
Demystifying REST
Kirsten Hunter
 

More from Kirsten Hunter (20)

Git store
Git storeGit store
Git store
 
Polyglot copy
Polyglot copyPolyglot copy
Polyglot copy
 
Quantifying your-fitness
Quantifying your-fitnessQuantifying your-fitness
Quantifying your-fitness
 
Api intensive - What they Are
Api intensive - What they AreApi intensive - What they Are
Api intensive - What they Are
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apis
 
Api 101
Api 101Api 101
Api 101
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apis
 
Api 101
Api 101Api 101
Api 101
 
Designing irresistible APIs
Designing irresistible APIsDesigning irresistible APIs
Designing irresistible APIs
 
API First
API FirstAPI First
API First
 
API 101 Workshop from APIStrat Conference
API 101 Workshop from APIStrat ConferenceAPI 101 Workshop from APIStrat Conference
API 101 Workshop from APIStrat Conference
 
Liberating your data
Liberating your dataLiberating your data
Liberating your data
 
Liberating your data
Liberating your dataLiberating your data
Liberating your data
 
API 101 - Understanding APIs.
API 101 - Understanding APIs.API 101 - Understanding APIs.
API 101 - Understanding APIs.
 
Demystifying REST - SFRails meetup
Demystifying REST - SFRails meetupDemystifying REST - SFRails meetup
Demystifying REST - SFRails meetup
 
Quantifying fitness
Quantifying fitnessQuantifying fitness
Quantifying fitness
 
Prototyping in the cloud
Prototyping in the cloudPrototyping in the cloud
Prototyping in the cloud
 
Facebook appsincloud
Facebook appsincloudFacebook appsincloud
Facebook appsincloud
 
Demystifying REST
Demystifying RESTDemystifying REST
Demystifying REST
 
PHP Architect Virtual Cloud summit
PHP Architect Virtual Cloud summitPHP Architect Virtual Cloud summit
PHP Architect Virtual Cloud summit
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

Successful developers

  • 1. Kirsten Jones, Technical Leader, Cisco Systems @synedra http://www.princesspolymath.com
  • 2. API Developers  Application Developers  Architects / Designers  Focus: Successful Developers
  • 3. Good Documentation  Common Pain Points  HTTP Sniffing  Understanding Error Codes  Debugging Strategies
  • 4. What can I do?  Walk-throughs and tutorials  Lots of working code  Small chunks with frequent successes  Example applications  Examples:  LinkedIn Javascript Tutorials  LinkedIn Getting Started
  • 5. Lack of understanding of HTTP structure  Libraries “masking” responses  Error code confusion  Authentication
  • 6. Many developers don’t understand HTTP basics  Libraries allow them to interact with the API but not understand issues  REST feels like a “black box”
  • 7. Clear and complete tutorials, with and without libraries  Pointers to HTTP basics  My OSCON presentation has good info  Developer tools demonstrating successful calls (OAuth Test Console, IODocs)
  • 8.  3rd Party (or company-supported) libraries are great but…  Frequently error codes or other responses are masked  Can get out of sync  Supporting the API is different from supporting a library
  • 9. HTTP status is very helpful  50x: we screwed up.  40x: you screwed up.  30x: ask that dude over there.  20x: cool.  Consistency within the API is critical  Useful error messages for broad errors (4xx errors) Document, explain, demonstrate!
  • 10. Teach your developers to be successful  Watch the traffic with a sniffer  All requests should include headers, body, exact URL  A great bug report:  I did X  I expected Y to happen  To my dismay, Z happened instead
  • 11. Use existing, tested libraries  Code defensively  Servers aren’t that smart  In most cases a working example will help  Lots of code samples, well documented  Use case based
  • 12. Macintosh: HTTPScoop http://tuffcode.com/  Macintosh: Charles (supports SSL) http://www.charlesproxy.com/  Windows: Fiddler http://www.fiddler2.com/fiddler2/  Unix (or Mac): Wireshark (X11) http://www.wireshark.org/
  • 13. 401 authentication errors (signatures, tokens)  403 authorization errors (throttles, permissions)  400 errors – parameters, headers  Content-type errors
  • 14. Pain points  HTTP Sniffers  Good questions

Editor's Notes

  1. How do they differ?Sometimes they can be used interchangeably – we’ll see an example of this later with OAuth – then the developer can chooseUsually parameters are used to refine the request, better define what’s being requested, and headers are used for metadataFormat or metadata about the request
  2. Secure/not securePretty/not prettyWireshark is nice but ugly (X11)