SlideShare a Scribd company logo

Creating a World-Class RESTful Web Services API

David Keener
David Keener

Companies like Amazon, Google and Yahoo have published web services API's that empower developers to create mash-ups, add-ons and full-scale applications. The creation of such API's, however, is not exclusively the domain of large, multi-national corporations. Learn how to architect, build and field a well-designed and scalable RESTful web services API that will allow your business to leverage the capabilities of the developer community. This presentation includes real-life examples from the Grab Networks RESTful API, which provides access to information about the hundreds of thousands of news videos available through Grab Networks' distribution network.

1 of 38
1
Creating a World-Class By David Keener http://www.keenertech.com RESTful Web Services API [email_address]
2
But First, Who Am I? Blog: http://www.keenertech.com (New Rails-based version in late June) Email: [email_address] David Keener I’m a technical architect and writer with over 20 years of experience. Been doing web applications Since 1997, and Rails applications since version 1.1. I’m a Technical Architect for Grab Networks , the company known for streaming the Beijing Olympics over the web and for distributing more news videos in the US than any other company except MSNBC.
3
Overview One Minute RESTful Refresher Why would you want a RESTful API? Basic design steps for an API API Architecture Details Scalability Practical Tips I’m talking about the practical experiences gained from creating a real, RESTful Web Services API for use by external customers.
4
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end
5
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication
6
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization
7
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization - No Error Handling
8
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization - No Error Handling No fine control over data elements
9
What Does Grab Networks Do? Grab Tools Content Ingestion Transcoding Services Catalog Site Provide Video Store Video Distribute Video (with advertising) Short Answer: 60 Million Video Views Per Month 40,000+ Distributors Video Catalog Content Server Advertisers CDN Media Companies
10
Where Does the API Fit In? Will allow distributors to integrate video content into their sites more effectively Will provide a better platform on which to build our own tools Will facilitate a level of innovation that could not exist before
11
Washington Times Video content integrated in via RESTful API (Beta)
12
One-Minute RESTful Refresher HTTP methods are the “verbs” Acting on Resources (“nouns”) Providing a simple, constrained, easy-to-understand interface
13
Reasons for Doing an API Know WHY you’re doing an API before you embark on creating one. Most reasons fall into two basic categories: Customer-Centric: To better serve customers Company-Centric: To better serve yourself
14
Customer-Centric Reasons To give customers direct access to content To facilitate innovation by giving customers the capability to leverage your resources for their own purposes To allow customers to explore your content more effectively To allow authorized customers to directly manipulate resources
15
Company-Centric Reasons To organize functionality in a more manageable, maintainable way To centralize key logic components, e.g. –authorization logic To facilitate the creation of your own tools To leverage the creativity and innovativeness of your customers To promote tighter coupling of customer applications with API, resulting in an enhanced exit barrier
16
The First Step… All important projects must have a codename Like…. Tiger Leopard Longhorn
17
The First Step… All important projects must have a codename Like…. Tiger Leopard Longhorn (um, maybe not)
18
The First Step… All important projects must have a codename Like….
19
The First Step… All important projects must have a codename Like…. 9
20
Designing the API Identify the basic objects in your problem domain - These are your candidate resources Identify the relationships between your resources - These help you define nesting Look for “actions” that need to become “nouns” Ex. – subscription ( a standard example) Ex. – Publishing a video results in a “distribution” Stay in Beta a long time…you will make changes Designing a RESTful API is an interesting challenge. Forget your existing database, and start at the logical level…
21
Reality Sets In Your database wasn’t designed to have a RESTful API built on top of it Your database probably doesn’t support the authorization needs of your API So you’re going to need a massive re-factor (or a series of them) And management will still want you to develop new features during the massive re-factor(s) This is where you compare your nice, clean, elegant resource design with your ugly, grown-over-time database
22
Need a (Painful) Example? Distributors were people with accounts Users were distributors who had filled out detailed profile information about themselves Two tables… Some objects were owned by distributors Some objects were owned by users Distributors => Users User => Profiles Re-factor to change ownership to users
23
Anatomy of an API Request Next, we standardized how API requests should work…
24
Authentication Since there’s no money involved… Basic HTTP Authentication SSL for additional security Using a simple 20-character API key Easily supported in Rails Can add a more advanced scheme later if needed Authentication is the process of identifying who is accessing the API
25
Three Major Components Acts As Authorized: Handles privilege-checking to determine whether users can view, create, update or delete resources Externalizable: Domain-Specific Language (DSL) for exposing content. Also handles creates/updates in JSON and XML Restful Behaviors: Mini-framework for common controller logic related to manipulating resources
26
Acts As Authorized Handles most privilege checks for the API Relies on hooks in the model underlying each resource - auth_get_owner: Who “owns” the resource - auth_get_groups: Group sharing of resource - find_authorized: A method that honors privs
27
Acts As Authorized (2) Users can view any resource they created or that is shared with a group to which they belong Users can update a resource if they have the “update_<resource>” privilege for a group with which the resource is shared There are a few case-by-case restrictions
28
Acts As Authorized (3) Model Acts As Authorized “ Acts As” Resource Hooks
29
Restful Behaviors Mini-framework collecting common controller logic Functions as a mix-in for API controllers Developers just need to override key methods to tailor controllers for new resources Centralizes key features like externalizing content, error handling, single-asset privilege checking, etc.
30
Restful Behaviors (2) Model Controller Restful Behaviors Acts As Authorized “ Acts As” Resource Hooks
31
Externalizable Provides a Domain-Specific Language (DSL) for externalizing resources Included in models as a mix-in Centralizes functionality for producing output Centralizes processing of incoming XML/JSON Centralizes create/update logic and ensures that only exposed fields can be set Can externalize database columns under different names
32
Externalizable (2) include Externalizable externalize_model_as “video” externalize_attribute :asset_id, :label => "id", :methods => [:index, :show] externalize_attribute :headline, :label => "title” externalize_attribute :abstract, :label => "summary” externalize_attribute :keywords externalize_attribute :created_at, :methods => [:index, :show] externalize_attribute :updated_at, :methods => [:index, :show]
33
Overall Architecture Model Externalizable Controller Restful Behaviors Acts As Authorized “ Acts As” Resource Hooks Externalizable Specification
34
Error Handling HTTP Status Codes HTTP “Warn” Header Ex. - 199 WAS-002: An unauthorized network was specified (the “199” => “Miscellaneous Message”) Error Messages in JSON/XML response Last Resort: The “always_ok” option - Always return 200… (Flash) caller has to parse response to determine success or failure The diversity of technologies used to interact with the API makes it challenging to provide meaningful feedback to callers when errors occur.
35
Searches Set up searches as Index and Create, so it accepts both GET and POST actions Searches are networks-specific - Can search Grab Networks public content or FOX private content (if authorized) Using Sphinx open source search engine Returns videos, but with extra “confidence”
36
Scalability Load Balancer in front of multiple Web Servers for the API – Can add servers as needed Separate Web Server in Amazon Cloud for contracted partners…handles file uploads and video transcoding tasks – Can load balance and add servers as needed Searches run against replicate production database – Can add replicates as needed Apache magic as needed Scalability is a process, not a binary condition.
37
Practical Tips Start small, with a few resources - Work out the kinks, then expand the scope Start with an extended Beta - So you can change the API as needed without annoying users Recognize that a re-factor will be required - Just deal with it Eat your own dog food - It will never be solid unless you use your own API Challenge assumptions - Don’t be afraid to re-evaluate and adjust the API as you go Documentation, documentation, documentation
38
Resources RESTful Web Services by Leonard Richardson and Sam Ruby, Published by O’Reilly http://wasabi.grabnetworks.com - API is not publically available yet, but the documentation is
Creating a World-Class By David Keener http://www.keenertech.com RESTful Web Services API [email_address]
But First, Who Am I? Blog: http://www.keenertech.com (New Rails-based version in late June) Email: [email_address] David Keener I’m a technical architect and writer with over 20 years of experience. Been doing web applications Since 1997, and Rails applications since version 1.1. I’m a Technical Architect for Grab Networks , the company known for streaming the Beijing Olympics over the web and for distributing more news videos in the US than any other company except MSNBC.
Overview One Minute RESTful Refresher Why would you want a RESTful API? Basic design steps for an API API Architecture Details Scalability Practical Tips I’m talking about the practical experiences gained from creating a real, RESTful Web Services API for use by external customers.
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization - No Error Handling
What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization - No Error Handling No fine control over data elements
What Does Grab Networks Do? Grab Tools Content Ingestion Transcoding Services Catalog Site Provide Video Store Video Distribute Video (with advertising) Short Answer: 60 Million Video Views Per Month 40,000+ Distributors Video Catalog Content Server Advertisers CDN Media Companies
Where Does the API Fit In? Will allow distributors to integrate video content into their sites more effectively Will provide a better platform on which to build our own tools Will facilitate a level of innovation that could not exist before
Washington Times Video content integrated in via RESTful API (Beta)
One-Minute RESTful Refresher HTTP methods are the “verbs” Acting on Resources (“nouns”) Providing a simple, constrained, easy-to-understand interface
Reasons for Doing an API Know WHY you’re doing an API before you embark on creating one. Most reasons fall into two basic categories: Customer-Centric: To better serve customers Company-Centric: To better serve yourself
Customer-Centric Reasons To give customers direct access to content To facilitate innovation by giving customers the capability to leverage your resources for their own purposes To allow customers to explore your content more effectively To allow authorized customers to directly manipulate resources
Company-Centric Reasons To organize functionality in a more manageable, maintainable way To centralize key logic components, e.g. –authorization logic To facilitate the creation of your own tools To leverage the creativity and innovativeness of your customers To promote tighter coupling of customer applications with API, resulting in an enhanced exit barrier
The First Step… All important projects must have a codename Like…. Tiger Leopard Longhorn
The First Step… All important projects must have a codename Like…. Tiger Leopard Longhorn (um, maybe not)
The First Step… All important projects must have a codename Like….
The First Step… All important projects must have a codename Like…. 9
Designing the API Identify the basic objects in your problem domain - These are your candidate resources Identify the relationships between your resources - These help you define nesting Look for “actions” that need to become “nouns” Ex. – subscription ( a standard example) Ex. – Publishing a video results in a “distribution” Stay in Beta a long time…you will make changes Designing a RESTful API is an interesting challenge. Forget your existing database, and start at the logical level…
Reality Sets In Your database wasn’t designed to have a RESTful API built on top of it Your database probably doesn’t support the authorization needs of your API So you’re going to need a massive re-factor (or a series of them) And management will still want you to develop new features during the massive re-factor(s) This is where you compare your nice, clean, elegant resource design with your ugly, grown-over-time database
Need a (Painful) Example? Distributors were people with accounts Users were distributors who had filled out detailed profile information about themselves Two tables… Some objects were owned by distributors Some objects were owned by users Distributors => Users User => Profiles Re-factor to change ownership to users
Anatomy of an API Request Next, we standardized how API requests should work…
Authentication Since there’s no money involved… Basic HTTP Authentication SSL for additional security Using a simple 20-character API key Easily supported in Rails Can add a more advanced scheme later if needed Authentication is the process of identifying who is accessing the API
Three Major Components Acts As Authorized: Handles privilege-checking to determine whether users can view, create, update or delete resources Externalizable: Domain-Specific Language (DSL) for exposing content. Also handles creates/updates in JSON and XML Restful Behaviors: Mini-framework for common controller logic related to manipulating resources
Acts As Authorized Handles most privilege checks for the API Relies on hooks in the model underlying each resource - auth_get_owner: Who “owns” the resource - auth_get_groups: Group sharing of resource - find_authorized: A method that honors privs
Acts As Authorized (2) Users can view any resource they created or that is shared with a group to which they belong Users can update a resource if they have the “update_<resource>” privilege for a group with which the resource is shared There are a few case-by-case restrictions
Acts As Authorized (3) Model Acts As Authorized “ Acts As” Resource Hooks
Restful Behaviors Mini-framework collecting common controller logic Functions as a mix-in for API controllers Developers just need to override key methods to tailor controllers for new resources Centralizes key features like externalizing content, error handling, single-asset privilege checking, etc.
Restful Behaviors (2) Model Controller Restful Behaviors Acts As Authorized “ Acts As” Resource Hooks
Externalizable Provides a Domain-Specific Language (DSL) for externalizing resources Included in models as a mix-in Centralizes functionality for producing output Centralizes processing of incoming XML/JSON Centralizes create/update logic and ensures that only exposed fields can be set Can externalize database columns under different names
Externalizable (2) include Externalizable externalize_model_as “video” externalize_attribute :asset_id, :label => "id", :methods => [:index, :show] externalize_attribute :headline, :label => "title” externalize_attribute :abstract, :label => "summary” externalize_attribute :keywords externalize_attribute :created_at, :methods => [:index, :show] externalize_attribute :updated_at, :methods => [:index, :show]
Overall Architecture Model Externalizable Controller Restful Behaviors Acts As Authorized “ Acts As” Resource Hooks Externalizable Specification
Error Handling HTTP Status Codes HTTP “Warn” Header Ex. - 199 WAS-002: An unauthorized network was specified (the “199” => “Miscellaneous Message”) Error Messages in JSON/XML response Last Resort: The “always_ok” option - Always return 200… (Flash) caller has to parse response to determine success or failure The diversity of technologies used to interact with the API makes it challenging to provide meaningful feedback to callers when errors occur.
Searches Set up searches as Index and Create, so it accepts both GET and POST actions Searches are networks-specific - Can search Grab Networks public content or FOX private content (if authorized) Using Sphinx open source search engine Returns videos, but with extra “confidence”
Scalability Load Balancer in front of multiple Web Servers for the API – Can add servers as needed Separate Web Server in Amazon Cloud for contracted partners…handles file uploads and video transcoding tasks – Can load balance and add servers as needed Searches run against replicate production database – Can add replicates as needed Apache magic as needed Scalability is a process, not a binary condition.
Practical Tips Start small, with a few resources - Work out the kinks, then expand the scope Start with an extended Beta - So you can change the API as needed without annoying users Recognize that a re-factor will be required - Just deal with it Eat your own dog food - It will never be solid unless you use your own API Challenge assumptions - Don’t be afraid to re-evaluate and adjust the API as you go Documentation, documentation, documentation
Resources RESTful Web Services by Leonard Richardson and Sam Ruby, Published by O’Reilly http://wasabi.grabnetworks.com - API is not publically available yet, but the documentation is
Ad

Recommended

Creating web services
Creating web servicesCreating web services
Creating web services
Adam Nemeth
 
Creating a custom connector in mule
Creating a custom connector in muleCreating a custom connector in mule
Creating a custom connector in mule
Achyuta Lakshmi
 
Fed London - January 2015
Fed London - January 2015Fed London - January 2015
Fed London - January 2015
Phil Leggetter
 
Mule api gateway overview
Mule api gateway overviewMule api gateway overview
Mule api gateway overview
Sanjeet Pandey
 
The anypoint platform for API's
The anypoint platform for API'sThe anypoint platform for API's
The anypoint platform for API's
Achyuta Lakshmi
 
Onion Architecture
Onion ArchitectureOnion Architecture
Onion Architecture
matthidinger
 
How to Build Front-End Web Apps that Scale - FutureJS
How to Build Front-End Web Apps that Scale - FutureJSHow to Build Front-End Web Apps that Scale - FutureJS
How to Build Front-End Web Apps that Scale - FutureJS
Phil Leggetter
 
Api testing
Api testingApi testing
Api testing
vcubesoftsolutions
 
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
Michael Kuehne-Schlinkert
 
API Façade Pattern
API Façade PatternAPI Façade Pattern
API Façade Pattern
Nabeel Yoosuf
 
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays
 
Api Testing
Api TestingApi Testing
Api Testing
Vishwanath KC
 
What Postman Did for a CEO Who Can’t Code by Craig Balkin
What Postman Did for a CEO Who Can’t Code by Craig BalkinWhat Postman Did for a CEO Who Can’t Code by Craig Balkin
What Postman Did for a CEO Who Can’t Code by Craig Balkin
Postman
 
Rest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookRest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbook
Katy Slemon
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
Mark Bate
 
Crafting ColdFusion Applications like an Architect
Crafting ColdFusion Applications like an ArchitectCrafting ColdFusion Applications like an Architect
Crafting ColdFusion Applications like an Architect
ColdFusionConference
 
Integration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBIntegration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESB
Sanjeet Pandey
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripe
D.Rajesh Kumar
 
Automatic documentation with mule
Automatic documentation with muleAutomatic documentation with mule
Automatic documentation with mule
F K
 
Get Data from Microsoft CRM using Mule ESB
Get Data from Microsoft CRM using Mule ESBGet Data from Microsoft CRM using Mule ESB
Get Data from Microsoft CRM using Mule ESB
Sanjeet Pandey
 
The Most Common Errors That Aren’t Caught
The Most Common Errors That Aren’t CaughtThe Most Common Errors That Aren’t Caught
The Most Common Errors That Aren’t Caught
Nordic APIs
 
Creating a Symfony Ecommerce App
Creating a Symfony Ecommerce AppCreating a Symfony Ecommerce App
Creating a Symfony Ecommerce App
Muhammad Azaz Qadir
 
Query in share point by mule
Query in share point by muleQuery in share point by mule
Query in share point by mule
Son Nguyen
 
The API-Application Semantic Gap
The API-Application Semantic GapThe API-Application Semantic Gap
The API-Application Semantic Gap
3scale
 
Introduction angular js
Introduction angular jsIntroduction angular js
Introduction angular js
Mizan Riqzia
 
Releasing the dopamine
Releasing the dopamineReleasing the dopamine
Releasing the dopamine
Paul Boocock
 
Wso2 con byod-shan-ppt
Wso2 con byod-shan-pptWso2 con byod-shan-ppt
Wso2 con byod-shan-ppt
WSO2
 
Cross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San Francisco
CA API Management
 
Restful design principles
Restful design principlesRestful design principles
Restful design principles
Geison Goes
 
Restful api design
Restful api designRestful api design
Restful api design
Mizan Riqzia
 

More Related Content

What's hot (16)

TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
Michael Kuehne-Schlinkert
 
API Façade Pattern
API Façade PatternAPI Façade Pattern
API Façade Pattern
Nabeel Yoosuf
 
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays
 
Api Testing
Api TestingApi Testing
Api Testing
Vishwanath KC
 
What Postman Did for a CEO Who Can’t Code by Craig Balkin
What Postman Did for a CEO Who Can’t Code by Craig BalkinWhat Postman Did for a CEO Who Can’t Code by Craig Balkin
What Postman Did for a CEO Who Can’t Code by Craig Balkin
Postman
 
Rest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookRest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbook
Katy Slemon
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
Mark Bate
 
Crafting ColdFusion Applications like an Architect
Crafting ColdFusion Applications like an ArchitectCrafting ColdFusion Applications like an Architect
Crafting ColdFusion Applications like an Architect
ColdFusionConference
 
Integration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBIntegration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESB
Sanjeet Pandey
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripe
D.Rajesh Kumar
 
Automatic documentation with mule
Automatic documentation with muleAutomatic documentation with mule
Automatic documentation with mule
F K
 
Get Data from Microsoft CRM using Mule ESB
Get Data from Microsoft CRM using Mule ESBGet Data from Microsoft CRM using Mule ESB
Get Data from Microsoft CRM using Mule ESB
Sanjeet Pandey
 
The Most Common Errors That Aren’t Caught
The Most Common Errors That Aren’t CaughtThe Most Common Errors That Aren’t Caught
The Most Common Errors That Aren’t Caught
Nordic APIs
 
Creating a Symfony Ecommerce App
Creating a Symfony Ecommerce AppCreating a Symfony Ecommerce App
Creating a Symfony Ecommerce App
Muhammad Azaz Qadir
 
Query in share point by mule
Query in share point by muleQuery in share point by mule
Query in share point by mule
Son Nguyen
 
The API-Application Semantic Gap
The API-Application Semantic GapThe API-Application Semantic Gap
The API-Application Semantic Gap
3scale
 
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
TDD for APIs in a Microservice World (Short Version) by Michael Kuehne-Schlin...
Michael Kuehne-Schlinkert
 
API Façade Pattern
API Façade PatternAPI Façade Pattern
API Façade Pattern
Nabeel Yoosuf
 
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays
 
Api Testing
Api TestingApi Testing
Api Testing
Vishwanath KC
 
What Postman Did for a CEO Who Can’t Code by Craig Balkin
What Postman Did for a CEO Who Can’t Code by Craig BalkinWhat Postman Did for a CEO Who Can’t Code by Craig Balkin
What Postman Did for a CEO Who Can’t Code by Craig Balkin
Postman
 
Rest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookRest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbook
Katy Slemon
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
Mark Bate
 
Crafting ColdFusion Applications like an Architect
Crafting ColdFusion Applications like an ArchitectCrafting ColdFusion Applications like an Architect
Crafting ColdFusion Applications like an Architect
ColdFusionConference
 
Integration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESBIntegration with Microsoft SharePoint using Mule ESB
Integration with Microsoft SharePoint using Mule ESB
Sanjeet Pandey
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripe
D.Rajesh Kumar
 
Automatic documentation with mule
Automatic documentation with muleAutomatic documentation with mule
Automatic documentation with mule
F K
 
Get Data from Microsoft CRM using Mule ESB
Get Data from Microsoft CRM using Mule ESBGet Data from Microsoft CRM using Mule ESB
Get Data from Microsoft CRM using Mule ESB
Sanjeet Pandey
 
The Most Common Errors That Aren’t Caught
The Most Common Errors That Aren’t CaughtThe Most Common Errors That Aren’t Caught
The Most Common Errors That Aren’t Caught
Nordic APIs
 
Creating a Symfony Ecommerce App
Creating a Symfony Ecommerce AppCreating a Symfony Ecommerce App
Creating a Symfony Ecommerce App
Muhammad Azaz Qadir
 
Query in share point by mule
Query in share point by muleQuery in share point by mule
Query in share point by mule
Son Nguyen
 
The API-Application Semantic Gap
The API-Application Semantic GapThe API-Application Semantic Gap
The API-Application Semantic Gap
3scale
 

Viewers also liked (20)

Introduction angular js
Introduction angular jsIntroduction angular js
Introduction angular js
Mizan Riqzia
 
Releasing the dopamine
Releasing the dopamineReleasing the dopamine
Releasing the dopamine
Paul Boocock
 
Wso2 con byod-shan-ppt
Wso2 con byod-shan-pptWso2 con byod-shan-ppt
Wso2 con byod-shan-ppt
WSO2
 
Cross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San Francisco
CA API Management
 
Restful design principles
Restful design principlesRestful design principles
Restful design principles
Geison Goes
 
Restful api design
Restful api designRestful api design
Restful api design
Mizan Riqzia
 
RESTful API development with Symfony2
RESTful API development with Symfony2RESTful API development with Symfony2
RESTful API development with Symfony2
Taras Omelianenko
 
Nge-GIT (Belajar Git Bareng)
Nge-GIT (Belajar Git Bareng)Nge-GIT (Belajar Git Bareng)
Nge-GIT (Belajar Git Bareng)
Mizan Riqzia
 
REST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in CodeigniterREST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in Codeigniter
Sachin G Kulkarni
 
RESTful API Design & Implementation with CodeIgniter PHP Framework
RESTful API Design & Implementation with CodeIgniter PHP FrameworkRESTful API Design & Implementation with CodeIgniter PHP Framework
RESTful API Design & Implementation with CodeIgniter PHP Framework
Bo-Yi Wu
 
Microservice Architecture JavaCro 2015
Microservice Architecture JavaCro 2015Microservice Architecture JavaCro 2015
Microservice Architecture JavaCro 2015
Nenad Pecanac
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Toni Jara
 
Building REST APIs with Spring Boot and Spring Cloud
Building REST APIs with Spring Boot and Spring CloudBuilding REST APIs with Spring Boot and Spring Cloud
Building REST APIs with Spring Boot and Spring Cloud
Kenny Bastani
 
Building a Reactive RESTful API with Akka Http & Slick
Building a Reactive RESTful API with Akka Http & SlickBuilding a Reactive RESTful API with Akka Http & Slick
Building a Reactive RESTful API with Akka Http & Slick
Zalando Technology
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID Connect
Jonathan LeBlanc
 
RESTful API and ASP.NET
RESTful API and ASP.NETRESTful API and ASP.NET
RESTful API and ASP.NET
DelphiCon
 
REST, RESTful API
REST, RESTful APIREST, RESTful API
REST, RESTful API
Hossein Baghayi
 
REST and Microservices
REST and MicroservicesREST and Microservices
REST and Microservices
Shaun Abram
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
Stormpath
 
Introduction angular js
Introduction angular jsIntroduction angular js
Introduction angular js
Mizan Riqzia
 
Releasing the dopamine
Releasing the dopamineReleasing the dopamine
Releasing the dopamine
Paul Boocock
 
Wso2 con byod-shan-ppt
Wso2 con byod-shan-pptWso2 con byod-shan-ppt
Wso2 con byod-shan-ppt
WSO2
 
Cross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San FranciscoCross Platform Mobile Apps with APIs from Qcon San Francisco
Cross Platform Mobile Apps with APIs from Qcon San Francisco
CA API Management
 
Restful design principles
Restful design principlesRestful design principles
Restful design principles
Geison Goes
 
Restful api design
Restful api designRestful api design
Restful api design
Mizan Riqzia
 
RESTful API development with Symfony2
RESTful API development with Symfony2RESTful API development with Symfony2
RESTful API development with Symfony2
Taras Omelianenko
 
Nge-GIT (Belajar Git Bareng)
Nge-GIT (Belajar Git Bareng)Nge-GIT (Belajar Git Bareng)
Nge-GIT (Belajar Git Bareng)
Mizan Riqzia
 
REST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in CodeigniterREST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in Codeigniter
Sachin G Kulkarni
 
RESTful API Design & Implementation with CodeIgniter PHP Framework
RESTful API Design & Implementation with CodeIgniter PHP FrameworkRESTful API Design & Implementation with CodeIgniter PHP Framework
RESTful API Design & Implementation with CodeIgniter PHP Framework
Bo-Yi Wu
 
Microservice Architecture JavaCro 2015
Microservice Architecture JavaCro 2015Microservice Architecture JavaCro 2015
Microservice Architecture JavaCro 2015
Nenad Pecanac
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Toni Jara
 
Building REST APIs with Spring Boot and Spring Cloud
Building REST APIs with Spring Boot and Spring CloudBuilding REST APIs with Spring Boot and Spring Cloud
Building REST APIs with Spring Boot and Spring Cloud
Kenny Bastani
 
Building a Reactive RESTful API with Akka Http & Slick
Building a Reactive RESTful API with Akka Http & SlickBuilding a Reactive RESTful API with Akka Http & Slick
Building a Reactive RESTful API with Akka Http & Slick
Zalando Technology
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID Connect
Jonathan LeBlanc
 
RESTful API and ASP.NET
RESTful API and ASP.NETRESTful API and ASP.NET
RESTful API and ASP.NET
DelphiCon
 
REST, RESTful API
REST, RESTful APIREST, RESTful API
REST, RESTful API
Hossein Baghayi
 
REST and Microservices
REST and MicroservicesREST and Microservices
REST and Microservices
Shaun Abram
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
Stormpath
 
Ad

Similar to Creating a World-Class RESTful Web Services API (20)

Practical guide to building public APIs
Practical guide to building public APIsPractical guide to building public APIs
Practical guide to building public APIs
Reda Hmeid MBCS
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
Patrick Savalle
 
Building a REST API for Longevity
Building a REST API for LongevityBuilding a REST API for Longevity
Building a REST API for Longevity
MuleSoft
 
O reilly sacon2018nyc - restful api design - master - v1.0
O reilly sacon2018nyc - restful api design - master - v1.0O reilly sacon2018nyc - restful api design - master - v1.0
O reilly sacon2018nyc - restful api design - master - v1.0
Tom Hofte
 
Intro to API Design Principles
Intro to API Design PrinciplesIntro to API Design Principles
Intro to API Design Principles
Victor Osimitz
 
Api Design
Api DesignApi Design
Api Design
Jason Harmon
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
Aparna Sharma
 
Super simple introduction to REST-APIs (2nd version)
Super simple introduction to REST-APIs (2nd version)Super simple introduction to REST-APIs (2nd version)
Super simple introduction to REST-APIs (2nd version)
Patrick Savalle
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API Recommendations
Jeelani Shaik
 
The ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.ioThe ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.io
Blendr.io
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
Aparna Sharma
 
zendframework2 restful
zendframework2 restfulzendframework2 restful
zendframework2 restful
tom_li
 
JOSA TechTalks - RESTful API Concepts and Best Practices
JOSA TechTalks - RESTful API Concepts and Best PracticesJOSA TechTalks - RESTful API Concepts and Best Practices
JOSA TechTalks - RESTful API Concepts and Best Practices
Jordan Open Source Association
 
Api crash
Api crashApi crash
Api crash
Hoang Nguyen
 
Api crash
Api crashApi crash
Api crash
Luis Goldster
 
Api crash
Api crashApi crash
Api crash
Harry Potter
 
Api crash
Api crashApi crash
Api crash
Fraboni Ec
 
Api crash
Api crashApi crash
Api crash
Tony Nguyen
 
Api crash
Api crashApi crash
Api crash
Young Alista
 
Api crash
Api crashApi crash
Api crash
James Wong
 
Practical guide to building public APIs
Practical guide to building public APIsPractical guide to building public APIs
Practical guide to building public APIs
Reda Hmeid MBCS
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
Patrick Savalle
 
Building a REST API for Longevity
Building a REST API for LongevityBuilding a REST API for Longevity
Building a REST API for Longevity
MuleSoft
 
O reilly sacon2018nyc - restful api design - master - v1.0
O reilly sacon2018nyc - restful api design - master - v1.0O reilly sacon2018nyc - restful api design - master - v1.0
O reilly sacon2018nyc - restful api design - master - v1.0
Tom Hofte
 
Intro to API Design Principles
Intro to API Design PrinciplesIntro to API Design Principles
Intro to API Design Principles
Victor Osimitz
 
Api Design
Api DesignApi Design
Api Design
Jason Harmon
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
Aparna Sharma
 
Super simple introduction to REST-APIs (2nd version)
Super simple introduction to REST-APIs (2nd version)Super simple introduction to REST-APIs (2nd version)
Super simple introduction to REST-APIs (2nd version)
Patrick Savalle
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API Recommendations
Jeelani Shaik
 
The ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.ioThe ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.io
Blendr.io
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
Aparna Sharma
 
zendframework2 restful
zendframework2 restfulzendframework2 restful
zendframework2 restful
tom_li
 
JOSA TechTalks - RESTful API Concepts and Best Practices
JOSA TechTalks - RESTful API Concepts and Best PracticesJOSA TechTalks - RESTful API Concepts and Best Practices
JOSA TechTalks - RESTful API Concepts and Best Practices
Jordan Open Source Association
 
Api crash
Api crashApi crash
Api crash
Hoang Nguyen
 
Api crash
Api crashApi crash
Api crash
Luis Goldster
 
Api crash
Api crashApi crash
Api crash
Harry Potter
 
Api crash
Api crashApi crash
Api crash
Fraboni Ec
 
Api crash
Api crashApi crash
Api crash
Tony Nguyen
 
Api crash
Api crashApi crash
Api crash
Young Alista
 
Api crash
Api crashApi crash
Api crash
James Wong
 
Ad

More from David Keener (20)

Writing Killer Fight Scenes
Writing Killer Fight ScenesWriting Killer Fight Scenes
Writing Killer Fight Scenes
David Keener
 
Build a Space Battle
Build a Space BattleBuild a Space Battle
Build a Space Battle
David Keener
 
Creating an Adaptive Setting
Creating an Adaptive SettingCreating an Adaptive Setting
Creating an Adaptive Setting
David Keener
 
Public Speaking for Writers
Public Speaking for WritersPublic Speaking for Writers
Public Speaking for Writers
David Keener
 
21st Century Writer
21st Century Writer21st Century Writer
21st Century Writer
David Keener
 
Titanic: The Forgotten Passengers
Titanic: The Forgotten PassengersTitanic: The Forgotten Passengers
Titanic: The Forgotten Passengers
David Keener
 
Rails Tips and Best Practices
Rails Tips and Best PracticesRails Tips and Best Practices
Rails Tips and Best Practices
David Keener
 
Elevator Up, Please!
Elevator Up, Please!Elevator Up, Please!
Elevator Up, Please!
David Keener
 
Rails and the Apache SOLR Search Engine
Rails and the Apache SOLR Search EngineRails and the Apache SOLR Search Engine
Rails and the Apache SOLR Search Engine
David Keener
 
Killer Business Models
Killer Business ModelsKiller Business Models
Killer Business Models
David Keener
 
Rails Security
Rails SecurityRails Security
Rails Security
David Keener
 
Building Facebook Apps
Building Facebook AppsBuilding Facebook Apps
Building Facebook Apps
David Keener
 
Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
David Keener
 
Quick Start: ActiveScaffold
Quick Start: ActiveScaffoldQuick Start: ActiveScaffold
Quick Start: ActiveScaffold
David Keener
 
Creating Custom Charts With Ruby Vector Graphics
Creating Custom Charts With Ruby Vector GraphicsCreating Custom Charts With Ruby Vector Graphics
Creating Custom Charts With Ruby Vector Graphics
David Keener
 
A Tour of Ruby On Rails
A Tour of Ruby On RailsA Tour of Ruby On Rails
A Tour of Ruby On Rails
David Keener
 
Using Rails to Create an Enterprise App: A Real-Life Case Study
Using Rails to Create an Enterprise App: A Real-Life Case StudyUsing Rails to Create an Enterprise App: A Real-Life Case Study
Using Rails to Create an Enterprise App: A Real-Life Case Study
David Keener
 
Practical JRuby
Practical JRubyPractical JRuby
Practical JRuby
David Keener
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
David Keener
 
Creating Dynamic Charts With JFreeChart
Creating Dynamic Charts With JFreeChartCreating Dynamic Charts With JFreeChart
Creating Dynamic Charts With JFreeChart
David Keener
 
Writing Killer Fight Scenes
Writing Killer Fight ScenesWriting Killer Fight Scenes
Writing Killer Fight Scenes
David Keener
 
Build a Space Battle
Build a Space BattleBuild a Space Battle
Build a Space Battle
David Keener
 
Creating an Adaptive Setting
Creating an Adaptive SettingCreating an Adaptive Setting
Creating an Adaptive Setting
David Keener
 
Public Speaking for Writers
Public Speaking for WritersPublic Speaking for Writers
Public Speaking for Writers
David Keener
 
21st Century Writer
21st Century Writer21st Century Writer
21st Century Writer
David Keener
 
Titanic: The Forgotten Passengers
Titanic: The Forgotten PassengersTitanic: The Forgotten Passengers
Titanic: The Forgotten Passengers
David Keener
 
Rails Tips and Best Practices
Rails Tips and Best PracticesRails Tips and Best Practices
Rails Tips and Best Practices
David Keener
 
Elevator Up, Please!
Elevator Up, Please!Elevator Up, Please!
Elevator Up, Please!
David Keener
 
Rails and the Apache SOLR Search Engine
Rails and the Apache SOLR Search EngineRails and the Apache SOLR Search Engine
Rails and the Apache SOLR Search Engine
David Keener
 
Killer Business Models
Killer Business ModelsKiller Business Models
Killer Business Models
David Keener
 
Rails Security
Rails SecurityRails Security
Rails Security
David Keener
 
Building Facebook Apps
Building Facebook AppsBuilding Facebook Apps
Building Facebook Apps
David Keener
 
Leveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook AppsLeveraging Rails to Build Facebook Apps
Leveraging Rails to Build Facebook Apps
David Keener
 
Quick Start: ActiveScaffold
Quick Start: ActiveScaffoldQuick Start: ActiveScaffold
Quick Start: ActiveScaffold
David Keener
 
Creating Custom Charts With Ruby Vector Graphics
Creating Custom Charts With Ruby Vector GraphicsCreating Custom Charts With Ruby Vector Graphics
Creating Custom Charts With Ruby Vector Graphics
David Keener
 
A Tour of Ruby On Rails
A Tour of Ruby On RailsA Tour of Ruby On Rails
A Tour of Ruby On Rails
David Keener
 
Using Rails to Create an Enterprise App: A Real-Life Case Study
Using Rails to Create an Enterprise App: A Real-Life Case StudyUsing Rails to Create an Enterprise App: A Real-Life Case Study
Using Rails to Create an Enterprise App: A Real-Life Case Study
David Keener
 
Practical JRuby
Practical JRubyPractical JRuby
Practical JRuby
David Keener
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
David Keener
 
Creating Dynamic Charts With JFreeChart
Creating Dynamic Charts With JFreeChartCreating Dynamic Charts With JFreeChart
Creating Dynamic Charts With JFreeChart
David Keener
 

Recently uploaded (20)

The case for on-premises AI
The case for on-premises AIThe case for on-premises AI
The case for on-premises AI
Principled Technologies
 
Dancing with AI - A Developer's Journey.pptx
Dancing with AI - A Developer's Journey.pptxDancing with AI - A Developer's Journey.pptx
Dancing with AI - A Developer's Journey.pptx
Elliott Richmond
 
Introduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUEIntroduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUE
Google Developer Group On Campus European Universities in Egypt
 
Evaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical ContentEvaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical Content
Paul Groth
 
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Anish Kumar
 
Domino IQ – What to Expect, First Steps and Use Cases
Domino IQ – What to Expect, First Steps and Use CasesDomino IQ – What to Expect, First Steps and Use Cases
Domino IQ – What to Expect, First Steps and Use Cases
panagenda
 
Cybersecurity Fundamentals: Apprentice - Palo Alto Certificate
Cybersecurity Fundamentals: Apprentice - Palo Alto CertificateCybersecurity Fundamentals: Apprentice - Palo Alto Certificate
Cybersecurity Fundamentals: Apprentice - Palo Alto Certificate
VICTOR MAESTRE RAMIREZ
 
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Scott M. Graffius
 
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | BluebashMCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
Bluebash
 
AI Agents in Logistics and Supply Chain Applications Benefits and Implementation
AI Agents in Logistics and Supply Chain Applications Benefits and ImplementationAI Agents in Logistics and Supply Chain Applications Benefits and Implementation
AI Agents in Logistics and Supply Chain Applications Benefits and Implementation
Christine Shepherd
 
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Infrassist Technologies Pvt. Ltd.
 
6th Power Grid Model Meetup - 21 May 2025
6th Power Grid Model Meetup - 21 May 20256th Power Grid Model Meetup - 21 May 2025
6th Power Grid Model Meetup - 21 May 2025
DanBrown980551
 
Compliance-as-a-Service document pdf text
Compliance-as-a-Service document pdf textCompliance-as-a-Service document pdf text
Compliance-as-a-Service document pdf text
Earthling security
 
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Safe Software
 
Your startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean accountYour startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean account
angelo60207
 
Jira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : IntroductionJira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : Introduction
Ravi Teja
 
Trends Report: Artificial Intelligence (AI)
Trends Report: Artificial Intelligence (AI)Trends Report: Artificial Intelligence (AI)
Trends Report: Artificial Intelligence (AI)
Brian Ahier
 
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdfBoosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Alkin Tezuysal
 
Soulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate reviewSoulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate review
Soulmaite
 
LSNIF: Locally-Subdivided Neural Intersection Function
LSNIF: Locally-Subdivided Neural Intersection FunctionLSNIF: Locally-Subdivided Neural Intersection Function
LSNIF: Locally-Subdivided Neural Intersection Function
Takahiro Harada
 
The case for on-premises AI
The case for on-premises AIThe case for on-premises AI
The case for on-premises AI
Principled Technologies
 
Dancing with AI - A Developer's Journey.pptx
Dancing with AI - A Developer's Journey.pptxDancing with AI - A Developer's Journey.pptx
Dancing with AI - A Developer's Journey.pptx
Elliott Richmond
 
Introduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUEIntroduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUE
Google Developer Group On Campus European Universities in Egypt
 
Evaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical ContentEvaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical Content
Paul Groth
 
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Scaling GenAI Inference From Prototype to Production: Real-World Lessons in S...
Anish Kumar
 
Domino IQ – What to Expect, First Steps and Use Cases
Domino IQ – What to Expect, First Steps and Use CasesDomino IQ – What to Expect, First Steps and Use Cases
Domino IQ – What to Expect, First Steps and Use Cases
panagenda
 
Cybersecurity Fundamentals: Apprentice - Palo Alto Certificate
Cybersecurity Fundamentals: Apprentice - Palo Alto CertificateCybersecurity Fundamentals: Apprentice - Palo Alto Certificate
Cybersecurity Fundamentals: Apprentice - Palo Alto Certificate
VICTOR MAESTRE RAMIREZ
 
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Scott M. Graffius
 
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | BluebashMCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
Bluebash
 
AI Agents in Logistics and Supply Chain Applications Benefits and Implementation
AI Agents in Logistics and Supply Chain Applications Benefits and ImplementationAI Agents in Logistics and Supply Chain Applications Benefits and Implementation
AI Agents in Logistics and Supply Chain Applications Benefits and Implementation
Christine Shepherd
 
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Infrassist Technologies Pvt. Ltd.
 
6th Power Grid Model Meetup - 21 May 2025
6th Power Grid Model Meetup - 21 May 20256th Power Grid Model Meetup - 21 May 2025
6th Power Grid Model Meetup - 21 May 2025
DanBrown980551
 
Compliance-as-a-Service document pdf text
Compliance-as-a-Service document pdf textCompliance-as-a-Service document pdf text
Compliance-as-a-Service document pdf text
Earthling security
 
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Safe Software
 
Your startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean accountYour startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean account
angelo60207
 
Jira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : IntroductionJira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : Introduction
Ravi Teja
 
Trends Report: Artificial Intelligence (AI)
Trends Report: Artificial Intelligence (AI)Trends Report: Artificial Intelligence (AI)
Trends Report: Artificial Intelligence (AI)
Brian Ahier
 
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdfBoosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Alkin Tezuysal
 
Soulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate reviewSoulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate review
Soulmaite
 
LSNIF: Locally-Subdivided Neural Intersection Function
LSNIF: Locally-Subdivided Neural Intersection FunctionLSNIF: Locally-Subdivided Neural Intersection Function
LSNIF: Locally-Subdivided Neural Intersection Function
Takahiro Harada
 

Creating a World-Class RESTful Web Services API

  • 1. Creating a World-Class By David Keener http://www.keenertech.com RESTful Web Services API [email_address]
  • 2. But First, Who Am I? Blog: http://www.keenertech.com (New Rails-based version in late June) Email: [email_address] David Keener I’m a technical architect and writer with over 20 years of experience. Been doing web applications Since 1997, and Rails applications since version 1.1. I’m a Technical Architect for Grab Networks , the company known for streaming the Beijing Olympics over the web and for distributing more news videos in the US than any other company except MSNBC.
  • 3. Overview One Minute RESTful Refresher Why would you want a RESTful API? Basic design steps for an API API Architecture Details Scalability Practical Tips I’m talking about the practical experiences gained from creating a real, RESTful Web Services API for use by external customers.
  • 4. What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end
  • 5. What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication
  • 6. What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization
  • 7. What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization - No Error Handling
  • 8. What’s the Big Deal? Rails has been RESTful since 1.2…what’s so hard about doing an API? def index @videos = Video.find(:all) respond_to do |wants| wants.xml { render :layout => false, :xml => @videos.to_xml } wants.json { render :layout => false, :json => @videos.to_json } end end - No Authentication - No Authorization - No Error Handling No fine control over data elements
  • 9. What Does Grab Networks Do? Grab Tools Content Ingestion Transcoding Services Catalog Site Provide Video Store Video Distribute Video (with advertising) Short Answer: 60 Million Video Views Per Month 40,000+ Distributors Video Catalog Content Server Advertisers CDN Media Companies
  • 10. Where Does the API Fit In? Will allow distributors to integrate video content into their sites more effectively Will provide a better platform on which to build our own tools Will facilitate a level of innovation that could not exist before
  • 11. Washington Times Video content integrated in via RESTful API (Beta)
  • 12. One-Minute RESTful Refresher HTTP methods are the “verbs” Acting on Resources (“nouns”) Providing a simple, constrained, easy-to-understand interface
  • 13. Reasons for Doing an API Know WHY you’re doing an API before you embark on creating one. Most reasons fall into two basic categories: Customer-Centric: To better serve customers Company-Centric: To better serve yourself
  • 14. Customer-Centric Reasons To give customers direct access to content To facilitate innovation by giving customers the capability to leverage your resources for their own purposes To allow customers to explore your content more effectively To allow authorized customers to directly manipulate resources
  • 15. Company-Centric Reasons To organize functionality in a more manageable, maintainable way To centralize key logic components, e.g. –authorization logic To facilitate the creation of your own tools To leverage the creativity and innovativeness of your customers To promote tighter coupling of customer applications with API, resulting in an enhanced exit barrier
  • 16. The First Step… All important projects must have a codename Like…. Tiger Leopard Longhorn
  • 17. The First Step… All important projects must have a codename Like…. Tiger Leopard Longhorn (um, maybe not)
  • 18. The First Step… All important projects must have a codename Like….
  • 19. The First Step… All important projects must have a codename Like…. 9
  • 20. Designing the API Identify the basic objects in your problem domain - These are your candidate resources Identify the relationships between your resources - These help you define nesting Look for “actions” that need to become “nouns” Ex. – subscription ( a standard example) Ex. – Publishing a video results in a “distribution” Stay in Beta a long time…you will make changes Designing a RESTful API is an interesting challenge. Forget your existing database, and start at the logical level…
  • 21. Reality Sets In Your database wasn’t designed to have a RESTful API built on top of it Your database probably doesn’t support the authorization needs of your API So you’re going to need a massive re-factor (or a series of them) And management will still want you to develop new features during the massive re-factor(s) This is where you compare your nice, clean, elegant resource design with your ugly, grown-over-time database
  • 22. Need a (Painful) Example? Distributors were people with accounts Users were distributors who had filled out detailed profile information about themselves Two tables… Some objects were owned by distributors Some objects were owned by users Distributors => Users User => Profiles Re-factor to change ownership to users
  • 23. Anatomy of an API Request Next, we standardized how API requests should work…
  • 24. Authentication Since there’s no money involved… Basic HTTP Authentication SSL for additional security Using a simple 20-character API key Easily supported in Rails Can add a more advanced scheme later if needed Authentication is the process of identifying who is accessing the API
  • 25. Three Major Components Acts As Authorized: Handles privilege-checking to determine whether users can view, create, update or delete resources Externalizable: Domain-Specific Language (DSL) for exposing content. Also handles creates/updates in JSON and XML Restful Behaviors: Mini-framework for common controller logic related to manipulating resources
  • 26. Acts As Authorized Handles most privilege checks for the API Relies on hooks in the model underlying each resource - auth_get_owner: Who “owns” the resource - auth_get_groups: Group sharing of resource - find_authorized: A method that honors privs
  • 27. Acts As Authorized (2) Users can view any resource they created or that is shared with a group to which they belong Users can update a resource if they have the “update_” privilege for a group with which the resource is shared There are a few case-by-case restrictions
  • 28. Acts As Authorized (3) Model Acts As Authorized “ Acts As” Resource Hooks
  • 29. Restful Behaviors Mini-framework collecting common controller logic Functions as a mix-in for API controllers Developers just need to override key methods to tailor controllers for new resources Centralizes key features like externalizing content, error handling, single-asset privilege checking, etc.
  • 30. Restful Behaviors (2) Model Controller Restful Behaviors Acts As Authorized “ Acts As” Resource Hooks
  • 31. Externalizable Provides a Domain-Specific Language (DSL) for externalizing resources Included in models as a mix-in Centralizes functionality for producing output Centralizes processing of incoming XML/JSON Centralizes create/update logic and ensures that only exposed fields can be set Can externalize database columns under different names
  • 32. Externalizable (2) include Externalizable externalize_model_as “video” externalize_attribute :asset_id, :label => "id", :methods => [:index, :show] externalize_attribute :headline, :label => "title” externalize_attribute :abstract, :label => "summary” externalize_attribute :keywords externalize_attribute :created_at, :methods => [:index, :show] externalize_attribute :updated_at, :methods => [:index, :show]
  • 33. Overall Architecture Model Externalizable Controller Restful Behaviors Acts As Authorized “ Acts As” Resource Hooks Externalizable Specification
  • 34. Error Handling HTTP Status Codes HTTP “Warn” Header Ex. - 199 WAS-002: An unauthorized network was specified (the “199” => “Miscellaneous Message”) Error Messages in JSON/XML response Last Resort: The “always_ok” option - Always return 200… (Flash) caller has to parse response to determine success or failure The diversity of technologies used to interact with the API makes it challenging to provide meaningful feedback to callers when errors occur.
  • 35. Searches Set up searches as Index and Create, so it accepts both GET and POST actions Searches are networks-specific - Can search Grab Networks public content or FOX private content (if authorized) Using Sphinx open source search engine Returns videos, but with extra “confidence”
  • 36. Scalability Load Balancer in front of multiple Web Servers for the API – Can add servers as needed Separate Web Server in Amazon Cloud for contracted partners…handles file uploads and video transcoding tasks – Can load balance and add servers as needed Searches run against replicate production database – Can add replicates as needed Apache magic as needed Scalability is a process, not a binary condition.
  • 37. Practical Tips Start small, with a few resources - Work out the kinks, then expand the scope Start with an extended Beta - So you can change the API as needed without annoying users Recognize that a re-factor will be required - Just deal with it Eat your own dog food - It will never be solid unless you use your own API Challenge assumptions - Don’t be afraid to re-evaluate and adjust the API as you go Documentation, documentation, documentation
  • 38. Resources RESTful Web Services by Leonard Richardson and Sam Ruby, Published by O’Reilly http://wasabi.grabnetworks.com - API is not publically available yet, but the documentation is