Post on 14-Jul-2015
Mobile Friendly APIsConsiderations for Connected Mobile Apps
Torey LomendaChief Technologist, Object Partners (OPI)
Mobile Friendly APIs
About OPI• Founded in 1996
• Java, Groovy, Mobile, Web, Open Source
• ~ 100 Employees
–Twin Cities, Omaha
–Chicago, Denver
–Average Tenure over 5 Years
Mobile Friendly APIs
Living in a Mobile World
Mobile Friendly APIs
What Users Expect
Responsive, connected apps
...All The Time
Reality
Mobile Constraints
•Network Latency
•Runs on Battery
•CPU
Mobile Friendly APIs
Mobile Apps Need
Access to Online Data & Services
Remembering Constraints
Mobile Friendly APIs
From Web Apps to Mobile AppsEvolution of Connected Apps
Mobile Friendly APIs
Focus on Web
Mobile Friendly APIs
Focus on Interoperability
Mobile Friendly APIs
Focus on Mobile (Web)
Mobile Friendly APIs
Another Challenge
The move to Micro-services
Mobile Friendly APIs
Martin Fowler Article (http://martinfowler.com/articles/microservices.html)
Mobile Friendly APIs
A Friendly API
User Perspective
Doesn't get in the way of a great UX
Developer Perspective
Is intuitive, a pleasure to integrate into codebase
Mobile Friendly APIs
The Rise of the “Friendly” Interface
Mobile Friendly APIs
Connecting Apps Shouldn't Be Painful
Mobile Friendly APIs
Mobile API Standards Simple & Fast Completeness Best Practices Extras
Mobile API Considerations
Mobile Friendly APIs: Standards
Whatever Happened to SOA?
HTTP Request (Headers/Body)
SOAP Envelope (WS-Basic)
WS-Security
WS-* Stack
XML Payload
Interoperability
XML for data exchange
HTTP for network protocol
What could be better?
Mobile Friendly APIs: Standards
DATA
From SOAP to REST<?xml version="1.0"?>
<soap:Envelope
xmlns:soap="http://www.w3.org/2001/12/soap-envelope"
soap:encodingStyle="http://www.w3.org/2001/12/soap-
encoding">
<soap:Body xmlns:m="http://www.example.org/stock">
<m:GetStockPrice>
<m:Ticker>GOOG</m:Ticker>
</m:GetStockPrice>
</soap:Body>
</soap:Envelope>
<?xml version="1.0"?>
<soap:Envelope
xmlns:soap="http://www.w3.org/2001/12/soap-envelope"
soap:encodingStyle="http://www.w3.org/2001/12/soap-
encoding">
<soap:Body xmlns:m="http://www.example.org/stock">
<m:GetStockPriceResponse>
<m:Price>534.5</m:Price>
</m:GetStockPriceResponse>
</soap:Body>
</soap:Envelope>
ticker=GOOG
{"price":534.5}
Mobile Friendly APIs: Standards
RESTlike NOT RESTful
The “Essential” Parts
JSON
POST/GET Requests
Action & Parameters
The “Other” Parts
PUT/DELETE
HATEOS & HAL
engine of application state
relational links
Mobile Friendly APIs: Simple & Fast
RESTlike is Just Fine
POST player/create
POST player/delete/$id
POST player/update/$id
Mobile Friendly APIs: Simple & Fast
JSON is your FriendStay Consistent
Completeness
Only What is Needed
Mobile Friendly APIs: Simple & Fast
"player": {
"name": "Torey Lomenda",
"number": "14",
"position": "center",
"funFacts": [...],
"seasonStats": [...]
}
"team": {
"name": "Lakeville Panthers"
"roster": [{
"player_name": "Torey Lomenda",
"player_number": "14",
"player_position": "center",
}]
}
NOT CONSISTENT
Mobile Friendly APIs: Completeness
API Granularity
Design APIs by Screen
Consider an API Gateway for Mobile
Mobile Friendly APIs: Completeness
API GranularityLazy APIs put the burden on the mobile app
Minimize use of Network
– Completeness (avoid roundtrips)
Minimizing Use of NetworkHTTP Latency ~1 second for each request over
3G
Battery drain as each network request requires power
Mobile Friendly APIs: Completeness
API: Pure REST Approach
2
1
3
API: “Friendlier” Approach
Mobile Friendly APIs: Completeness
12 3
Mobile Friendly APIs: Best Practice
Don't Forget
Slim It Down (gzip compression)
Heavy Lifting on the server
aggregation
server-side caching strategies
Mobile Friendly APIs: Best Practice
API Errors
Manage errors on server-side
Human-readable (ie: friendly) messages
Caching and Offline AccessHTTP Headers (Cache Control)
Cache-Control: specify how to cache the data
max-age: <seconds>
ETag: "15f0fff99ed5aae4edffdd6496d7131f" ← Entity Tag
If-None-Match: "15f0fff99ed5aae4edffdd6496d7131f"
Last-modified: <GMT Date>
If-Modified: <GMT Date>
Mobile Friendly APIs: Best Practice
Intermittent Connectivity: Maintain State
Picking up where you left off.
Keeping APIs stateless
Mobile-side: send “current state” from device through API
API-side: Merging & Conflict Resolution
Mobile Friendly APIs: Best Practice
Mobile Friendly APIs: Best Practice
Securing Your APIs Basic Auth/SSL
Token-based approaches like OATH
SSL Pinning (client checks server's certificate against a known copy of the certificate)
Batching Requests[{"method":"POST",
"relative_url":"me/feed",
"body":"message=Test status update&link="
},
{"method":"GET","relative_url":"me/feed?limit=
1"}]
[{ "code": 200,
"headers": [...],
"body":"{...}"
},
{ "code": 200,
"headers": [...],
"body": "{...}
}]
Mobile Friendly APIs: Best Practice
Return batch responses
Mobile Friendly APIs: Best Practice
Background/Async Processing
Making multiple requests for a screen → Don't hold up the UI
HAL JSON (http://stateless.co/hal_specification.html) → Fetch linked data asynchronously
Neutral Testing of API
Useful Tools to Test APIs:
RESTClient
Runscope
Mobile Friendly APIs: Best Practice
Mobile Friendly APIs: Best Practice
API Versioning
Indicate Version to Client
Version via URL
(major version only)
HTTP accepts-header
Version in JSON Document
JSON Format
blank-out fields no longer used
deprecated fields
backward compatible on minor version, breaking changes on major version
API Documentation
Swagger
https://helloreverb.com/developers/swagger
Mashery I/O Docs
http://www.mashery.com/product/io-docs
Mobile Friendly APIs: Best Practice
Mobile Friendly APIs: Extras
What's In a Protocol?
(TCP/IP is Fabric of Internet Not HTTP)
Mobile Friendly APIs: Extras
Custom Key/Value Pair (KVP)
Taking message-passing efficiency to the next level
Not as “friendly” but fast. Consumption of messages
Serializing/Deserializing
Mobile Friendly APIs: Extras
MQTT (Message Queue Telemetry Transport)
What is It
Low overhead protocol with bandwidth and CPU limitations in mind
publish/subscribe message passing
Can use JSON over MQTT
Use Cases
In-app push notification
Internet of Things (device to device)
Facebook Messenger App (Chat)
Mobile Friendly APIs
ReferencesFred Brunel- CTO WhereCloudhttps://speakerdeck.com/fbrunel/mobile-api-design-techniques
Article
http://natashatherobot.com/best-practices-mobile-friendly-apis/