Web API's World
-
Upload
michele-zonca -
Category
Technology
-
view
5.473 -
download
1
description
Transcript of Web API's World
W e b A P I ' s W o r ld
Michele Zonca
Kings Of Code, Sept 19, 2011 Amsterdam
A p p l ic a t io n P r o g r a m m in g In t e r f a c e
A set of rules and specifications followed by s o f t w a r e programs
to c o m m u n ic a t e
Kings Of Code, Sept 19, 2011 Amsterdam
W h ic h k in d o f S o f t w a r e ?
Applications
Libraries
Programming Languages
Operating Systems
E v e r y !
Kings Of Code, Sept 19, 2011 Amsterdam
C o m m u n ic a t io n ?
Send/receive low-level signals
Ask access to resources
Define object and classes
Query remote data
Integrate functionalities
Kings Of Code, Sept 19, 2011 Amsterdam
L e t ' s t a lk a b o u t W e b !
A W3C working group to create W e b S e r v ic e s
Backed by big companies
Early 2000
A complete standard
How to discover (UDDI)
How to describe (WSDL)
How to serialize data (SOAP)
Kings Of Code, Sept 19, 2011 Amsterdam
To o c o m p le x !!
Let's try something different..
Kings Of Code, Sept 19, 2011 Amsterdam
W e lc o m e t o t h e J u n g le
Kings Of Code, Sept 19, 2011 Amsterdam
R e p r e s e n t a t io n a l S t a t e Tr a n s f e r
Term created by Roy Fielding in his Doctoral Dissertation, 2000
Deep use of HTTP
HTTP Verbs
Status codes
URLs
Not a standard but a s t y le , a set of constraints
Kings Of Code, Sept 19, 2011 Amsterdam
R E S T C o n s t r a in t s
Client-Server (not only HTTP)
Uniform interface
Stateless
Cacheable
Layered System
Kings Of Code, Sept 19, 2011 Amsterdam
R e s o u r c e O r ie n t e d A r c h it e c t u r e
Collection of resources
/resources
Resource
/resources/id
Kings Of Code, Sept 19, 2011 Amsterdam
M e t h o d s - A c t io n s
POST
GET
PUT
DELETE
C REATE
R EAD
U PDATE
D ELETE
( A r e y o u u s in g P U Ts ? )
Kings Of Code, Sept 19, 2011 Amsterdam
A d o p t io n
image from programmableweb
Kings Of Code, Sept 19, 2011 Amsterdam
R e p r e s e n t a t io n a l S t a t e Tr a n s f e r
O r d e r in t h e J u n g le ?
Kings Of Code, Sept 19, 2011 Amsterdam
N O !Bad/Partial implementations
Lack of constraints
Interpretation
BTW, is not so simple
Kings Of Code, Sept 19, 2011 Amsterdam
F o r m a t
http://website.com/resources/id.xml
http://website.com/resources/id.json
B A D ! I s n ' t i t t h e s a m e r e s o u r c e ?
Kings Of Code, Sept 19, 2011 Amsterdam
U s e t h e ' A c c e p t ' h e a d e r , L u k e !
Used to specify acceptable media types for the response
RFC 2616, HTTP 1.1
It's hard to test in a browser
Kings Of Code, Sept 19, 2011 Amsterdam
F o r m a t
Twitter: extension (.json, .xml)
Github: JSON
Facebook Graph API: JSON
Twilio: default XML, (extension .json, .csv, .html)
Foursquare: JSON
Stack Overflow: JSON
Kings Of Code, Sept 19, 2011 Amsterdam
S e a r c h in g
Global
/search?q=search+parameters
Scoped
/resources/search?q=search+parameters
Kings Of Code, Sept 19, 2011 Amsterdam
S e a r c h in g
global = tweets → /search?q=
scoped for users search → /users/search?q=
Facebook Graph API
global → /search?q=
scoped via “type” parameter → /search?q=..&type=user
Linkedin: by fields → ?keywords=..&last-name..
Kings Of Code, Sept 19, 2011 Amsterdam
R e s u lt s P a g in a t io n
Linkedin: start + count
Github: page + per_page
Twilio: Page + PageSize
Twitter: page + rpp
Facebook: offset + limit
StackOverflow: page + pagesize
Kings Of Code, Sept 19, 2011 Amsterdam
V e r s io n in g
U R L
/v1/resources/id
isn't the same resource available at
/v2/resources/id ?
A C C E P T H e a d e r
Best solution for custom formats:
Accept: application/vnd.myco
mpany.myapp-v2+xml
Kings Of Code, Sept 19, 2011 Amsterdam
E r r o r s
SOAP: HTTP code 200 and error message in envelop's body (FAULT element)
REST: HTTP codes + message
Warning: HTTP Codes could be intercepted and handled by your client
Kings Of Code, Sept 19, 2011 Amsterdam
A u t h e n t ic a t io n
S t a t e le s s : auth per call, not session-based
ApiKey over HTTPS
BasicHTTP Authentication
ApiKey to get token
OAuth (buzzword but not always the right solution)
Kings Of Code, Sept 19, 2011 Amsterdam
A u t h e n t ic a t io n
Github: OAuth 2 / Basic HTTP / Basic HTTP with token
Twitter: OAuth 1.0a
Facebook Graph API: OAuth 2
SimpleGeo: OAuth / JSONP Tokens
Kings Of Code, Sept 19, 2011 Amsterdam
S o , w h a t s h o u ld I u s e ?
SCENARIO SCENARIO SCENARIO
Kings Of Code, Sept 19, 2011 Amsterdam
S o y o u h a v e y o u r A P I . .
N o w ? ?
Kings Of Code, Sept 19, 2011 Amsterdam
M o n e y
It's hard to monetize API
API = Product? A growing market!
API as viral strategy
Is there a “one size fits all” monetization paradigm?
Kings Of Code, Sept 19, 2011 Amsterdam
M o n e t iz a t io n
Kings Of Code, Sept 19, 2011 Amsterdam
To d a y
At Mashape, we believe this is today's best paradigm
Kings Of Code, Sept 19, 2011 Amsterdam
To m o r r o w ?
We strongly believe revenue sharing will be huge
It's a win-win
API's distribution problem solved?
CEO of Indeed.com:“We tried charging for our A P I without much success. Then
we paid developers to use it and it took off.”
Kings Of Code, Sept 19, 2011 Amsterdam
Q u e s t io n s ?
Thanks for coming!
e: [email protected]: @shatsar