This document discusses best practices for building durable web APIs. It recommends (1) planning for failure by implementing versioning, failover, and caching, (2) designing APIs that are pragmatic and consistent, and (3) focusing on security, performance, and scalability through techniques like caching, avoiding sessions, and centralized logic. The document emphasizes that while standards are debated, the focus should be on making APIs easy for clients to consume.
9. Full stack is dead
Microservice Architecture, [...] a
particular way of designing software
applications as suites of
independently deployable services
http://martinfowler.com/articles/microservices.html
“
”
10. Full stack is dead
Microservice Architecture, [...] a
particular way of designing software
applications as suites of
independently deployable services
http://martinfowler.com/articles/microservices.html
“
”
SERVICE-ORIENTED
ARCHITECTURES
31. WAKA
“A new protocol designed to
match the efficiency of
well-designed Web
Applications”
http://tools.ietf.org/agenda/83/slides/slides-83-httpbis-5.pdf
77. cURL is your best friend
curl -X GET https://api.namshi.com/products
curl -X POST https://api.namshi.com/order -data=”{...}”
curl -X DELETE ...
curl -X PATCH ...
100. USER TAGS
deleting a non-existent tag
200 or 204 or 404?
http://stackoverflow.
com/questions/2342579/http-status-code-
for-update-and-delete
101. USER TAGS
deleting a non-existent tag
200 or 204 or 404?
http://stackoverflow.
com/questions/2342579/http-status-code-
for-update-and-delete
ON STACKOVERFLOW
THEY’RE
STILL FIGHTING
http://stackoverflow.com/questions/2342579/http-status-code-for-update-and-delete
119. “Most APIs are designed by the API
provider with the goal of maintaining
data model purity. When building an OL,
be prepared to sometimes abandon
purity in favor of optimizations and/or
performance.”
Daniel Jacobson,
director of engineering
for the Netflix API
http://www.infoq.com/presentations/API-Revolution
170. Don’t play with fire
POST https://api.example.com/login
200 OK
date: Thu, 01 May 2014 21:52:33 GMT
content-type: application/json
transfer-encoding: chunked
connection: close
set-cookie: login=...;
cache-control: no-cache
{
"email"=>"alessandro.nadalin@gmail.com",
"firstName"=>"Alex",
"lastName"=>"Nadalin",
"birthday"=>"21/10/1988",
}