W e b A P I ' s W o r ld

Michele Zonca

Kings Of Code, Sept 19, 2011 Amsterdam

A p p l ic a t io n P r o g r a m m in g In t e r f a c e

A set of rules and specifications followed by s o f t w a r e programs

to c o m m u n ic a t e

Kings Of Code, Sept 19, 2011 Amsterdam

W h ic h k in d o f S o f t w a r e ?

Applications

Libraries

Programming Languages

Operating Systems

E v e r y !

Kings Of Code, Sept 19, 2011 Amsterdam

C o m m u n ic a t io n ?

Send/receive low-level signals

Ask access to resources

Define object and classes

Query remote data

Integrate functionalities

Kings Of Code, Sept 19, 2011 Amsterdam

L e t ' s t a lk a b o u t W e b !

A W3C working group to create W e b S e r v ic e s

Backed by big companies

Early 2000

A complete standard

How to discover (UDDI)

How to describe (WSDL)

How to serialize data (SOAP)

Kings Of Code, Sept 19, 2011 Amsterdam

To o c o m p le x !!

Let's try something different..

Kings Of Code, Sept 19, 2011 Amsterdam

W e lc o m e t o t h e J u n g le

Kings Of Code, Sept 19, 2011 Amsterdam

R e p r e s e n t a t io n a l S t a t e Tr a n s f e r

Term created by Roy Fielding in his Doctoral Dissertation, 2000

Deep use of HTTP

HTTP Verbs

Status codes

URLs

Not a standard but a s t y le , a set of constraints

Kings Of Code, Sept 19, 2011 Amsterdam

R E S T C o n s t r a in t s

Client-Server (not only HTTP)

Uniform interface

Stateless

Cacheable

Layered System

Kings Of Code, Sept 19, 2011 Amsterdam

R e s o u r c e O r ie n t e d A r c h it e c t u r e

Collection of resources

/resources

Resource

/resources/id

Kings Of Code, Sept 19, 2011 Amsterdam

M e t h o d s - A c t io n s

POST

GET

PUT

DELETE

C REATE

R EAD

U PDATE

D ELETE

( A r e y o u u s in g P U Ts ? )

Kings Of Code, Sept 19, 2011 Amsterdam

A d o p t io n

image from programmableweb

Kings Of Code, Sept 19, 2011 Amsterdam

R e p r e s e n t a t io n a l S t a t e Tr a n s f e r

O r d e r in t h e J u n g le ?

Kings Of Code, Sept 19, 2011 Amsterdam

N O !Bad/Partial implementations

Lack of constraints

Interpretation

BTW, is not so simple

Kings Of Code, Sept 19, 2011 Amsterdam

F o r m a t

http://website.com/resources/id.xml

http://website.com/resources/id.json

B A D ! I s n ' t i t t h e s a m e r e s o u r c e ?

Kings Of Code, Sept 19, 2011 Amsterdam

U s e t h e ' A c c e p t ' h e a d e r , L u k e !

Used to specify acceptable media types for the response

RFC 2616, HTTP 1.1

It's hard to test in a browser

Kings Of Code, Sept 19, 2011 Amsterdam

F o r m a t

Twitter: extension (.json, .xml)

Github: JSON

Facebook Graph API: JSON

Twilio: default XML, (extension .json, .csv, .html)

Foursquare: JSON

Stack Overflow: JSON

Kings Of Code, Sept 19, 2011 Amsterdam

S e a r c h in g

Global

/search?q=search+parameters

Scoped

/resources/search?q=search+parameters

Kings Of Code, Sept 19, 2011 Amsterdam

S e a r c h in g

Twitter

global = tweets → /search?q=

scoped for users search → /users/search?q=

Facebook Graph API

global → /search?q=

scoped via “type” parameter → /search?q=..&type=user

Linkedin: by fields → ?keywords=..&last-name..

Kings Of Code, Sept 19, 2011 Amsterdam

R e s u lt s P a g in a t io n

Linkedin: start + count

Github: page + per_page

Twilio: Page + PageSize

Twitter: page + rpp

Facebook: offset + limit

StackOverflow: page + pagesize

Kings Of Code, Sept 19, 2011 Amsterdam

V e r s io n in g

U R L

/v1/resources/id

isn't the same resource available at

/v2/resources/id ?

A C C E P T H e a d e r

Best solution for custom formats:

Accept: application/vnd.myco

mpany.myapp-v2+xml

Kings Of Code, Sept 19, 2011 Amsterdam

E r r o r s

SOAP: HTTP code 200 and error message in envelop's body (FAULT element)

REST: HTTP codes + message

Warning: HTTP Codes could be intercepted and handled by your client

Kings Of Code, Sept 19, 2011 Amsterdam

A u t h e n t ic a t io n

S t a t e le s s : auth per call, not session-based

ApiKey over HTTPS

BasicHTTP Authentication

ApiKey to get token

OAuth (buzzword but not always the right solution)

Kings Of Code, Sept 19, 2011 Amsterdam

A u t h e n t ic a t io n

Github: OAuth 2 / Basic HTTP / Basic HTTP with token

Twitter: OAuth 1.0a

Facebook Graph API: OAuth 2

SimpleGeo: OAuth / JSONP Tokens

Kings Of Code, Sept 19, 2011 Amsterdam

S o , w h a t s h o u ld I u s e ?

SCENARIO SCENARIO SCENARIO

Kings Of Code, Sept 19, 2011 Amsterdam

S o y o u h a v e y o u r A P I . .

N o w ? ?

Kings Of Code, Sept 19, 2011 Amsterdam

M o n e y

It's hard to monetize API

API = Product? A growing market!

API as viral strategy

Is there a “one size fits all” monetization paradigm?

Kings Of Code, Sept 19, 2011 Amsterdam

M o n e t iz a t io n

Kings Of Code, Sept 19, 2011 Amsterdam

To d a y

At Mashape, we believe this is today's best paradigm

Kings Of Code, Sept 19, 2011 Amsterdam

To m o r r o w ?

We strongly believe revenue sharing will be huge

It's a win-win

API's distribution problem solved?

CEO of Indeed.com:“We tried charging for our A P I without much success. Then

we paid developers to use it and it took off.”

Kings Of Code, Sept 19, 2011 Amsterdam

Q u e s t io n s ?

Thanks for coming!

e: mike@mashape.comt: @shatsar