Download to read offline
More Related Content
Api crash
- 1. OUTLINE • What isan API? • Why are API’s useful? • What is HTTP? JSON? XML? • What is a RESTful API? • How do we consume an API? • How do we create an API? API’s are available from many large websites and businesses
- 2. WHAT IS ANAPI? • API = Application Programming Interface • You use API’s all the time. Scanner class Java • Web API: A set of methods exposed over the web via HTTP to allow programmatic access to applications. • Allows you to quickly add functionality/data that others have created. • Very similar to how a web page works
- 3. WHY API’S AREUSEFUL • Abstraction / DRY Principle • Less data transfer • Can be implemented or consumed in almost any language • Can expose some methods to public developers • Allows frontend developers and backend developers to agree on a common interface
- 4. HTTP, JSON, XML •Three important technologies that are often used by API’s • HTTP: Hyper text transfer protocol, transfers data over a network • GET : Read • POST : Create • PUT : Update • PATCH : Partial Update • DELETE : Delete • JSON: JavaScript Object Notation, a format for data transfer • {“key”: “value”, “key2”:{“subkey”: 2, “error”: false}} • XML: EXtensible Markup Language: a format for data transfer • Designed to be human and machine readable <?PHP json_decode(‘{“key”:true}’); ?>
- 5. WHAT IS ARESTFUL API? • Uniform Interface • Resources (Nouns) URI’s that HTTP Verbs act on. The uniform interface allows Client / Server to evolve independently. • Stateless • Ever have back button issues? Stateless does not care what order requests are made in. • Cacheable • Client-Server • Separation, client should not manage database, server should not manage UI. • Layered System • Can uses layered system, cache, middle ware, load balancing, redundancy etc. https://api.example.com/v1/resource/identifier/relation?filtersortParams=value GitHub's API lets you star a gist with PUT /gists/:id/star and unstar with DELETE /gists/:id/star.
- 6. HOW TO CONSUMEAN API • Firefox: RESTClient • Chrome: Postman • Online: https://www.hurl.it/ • Examples: • http://nflarrest.com/api/v1/team • http://buscentral.herokuapp.com/suggestions POST (Feedback, message) or GET • https://www.youtube.com/watch?v=suHY8dLKzCU
- 7. HOW DO DESIGNAN API • Gather requirements from stakeholders • Create use cases, and decide the functionality needed • Think skeptically, make sure you explore your options • Think ahead, make a flexible system • Easy To learn and use, even without documentation • Hard to misuse • Easy to read and maintain code that uses it • Sufficiently powerful to satisfy requirements and Appropriate to audience • Easy to evolve (Use arrays for example) Rules for a good API
- 8. CREATING A SIMPLEAPI • You can use any hostable language with a HTTP library (Almost all of them) • Decide your resources, then decide the verbs. • Useful to wireframe the UI at this stage • Connect to persistent data store • Remember the principles of REST • Example in Node.JS: https://github.com/PatrickMurphy/VoteSmart
- 9. ADVANCED TOPICS • UseAPI Keys • pass as a parameter • Rate Limiting • Headers • X-Rate-Limit-Limit - The number of allowed requests in the current period • X-Rate-Limit-Remaining - The number of remaining requests in the current period • X-Rate-Limit-Reset - The number of seconds left in the current period • Authentication • A REST API should be stateless, send auth with every request • Use ssl, send auth username and base64 password over authentication header • Caching • HTTP Provides this! • Last-Modified header • Etag header, hash or checksum, If-None-Match: “etag” • Errors • { "code" : 1234, "message" : "Something bad happened :(", "description" : "More details about the error here" } • Send HTTP Status 400 level • 401 unauthorized • 403 forbidden • 404 not found • 405 method not allowed • 410 gone (depreciated) • 422 Unprocessable entity (validation) • 429 Too many requests (Rate limit)