SlideShare uma empresa Scribd logo

Architectural considerations when building an API

R
Rod Hemphill

An properly designed API for either mobile apps or 3rd party access needs to be built with maintainability, security, version control, data volume optimisation and speed performance in mind. Rod Hemphill from Melbourne App Development explains the options and his experience.

Tecnologia
1 de 17
Baixar para ler offline
API ARCHITECTURE FOR MOBILE APPS ROD HEMPHILL MELBOURNE APP DEVELOPMENT
PROBLEM STATEMENT • Management Advantage Pty Ltd provides administration and other solutions for aged care facilities in Australia. • There core system is an Entity Framework desktop Aged Care administration system. • They had an existing API built for their staff mobile app and needed to: • provide an API to a new mobile app to support family members of clients, and • an API to support third parties to provide other solutions such as catering and maintenance. • How do you do this?
THE CORE SYSTEM • An extensive solution providing: • client administration, • ACFI appraisals, • Medicare claims, • client care, • client assessments, • care planning, • progress management, • graphical charting, • client, management and healthcare professional communications, • facilities maintenance, • compliance audits, • employee management, • police checks, • courses and certificate management, • invoicing, • banking ….. It’s big and comprehensive. • Entity Framework .Net system using Forms, SQL Server with about 1500 tables.
STAFF APP • Intended for client support staff to provide the following services: • Record chart information (e.g. blood glucose level, heart rate etc) • Provide staff with client personal information (e.g. life story, family details) • Evacuation Aid • ACFI reporting • Activity events management (e.g. Bingo attendance) • Xamarin Forms, Android and iPhone, oAuth session based authentication. • Uses the camera. • 60 pages, 3 graphic charts using telerix. • Sqlite database with 117 tables. • Designed to work offline hence keeps a copy of large amounts of operational data. One medium sized client has 27,800 records stored locally and kept in sync.
FAMILY APP • For family members of clients to communciate with health care professions, see what their parents activities, provide feedback and maintenance request. • Xamarin Forms, 17 pages. • Social media and standard session based oAuth authetication. • Push notifications, camera support. • Sqlite with 20 tables, and a small volume of data. • Firebase Deep Linking onboarding.
API FOR THIRD PARTY ACCESS • Generic API for third party access to data. • Uses: Catering services, facilities maintenance. • Issued encrypted security key access. • Continually growing.
DIFFERING REQUIREMENTS Staff App Family App 3rd Party Access Speed of transfer ✔ ✔ Volume of data optimisation ✔ Data synchronisation (always in sync) ✔ ✔ Simplistic flat data formats ✔ Ever evolving functionality ✔ New interfaces ✔ Require stable interfaces ✔ Maintainability ✔ ✔ ✔
API DESIGN CONSIDERATIONS 1. Maintainability, extensibility, expandability. 2. Security 3. Version control. 4. Data volume optimisation. 5. Speed performance.
1. MAINTAINABILITY Single or many API’s? • Originally one for apps and one for 3rd party API. • Now a single API. • The architecture is complex, but the real maintenance is the functional changes. REST • Inherently flexible. • Supports flat and hierarchic data. • Internal systems can compromise flexibility for redundant data. • You will need to pass parameters to handle complexity. We use “App-Name”.
2. SECURITY Differing options: • Flat private key. • Hashed private / public key. (Used for high security currency transations). • Username/Password session based. • Username/Password initiated oAuth, with sessions. Management Advantage Chose: • Flat private key for 3rd party • Username/Password initiated oAuth with sessions. • Use Https.
3. VERSION CONTROL Servers architecture: 1. Central server per client. 2. Centralised, single version, multi- tenanted cloud based system. Problem: • You don’t have any control when the user downloads an app. • The app version could be behind or ahead of your API. • Your API could be ahead or behind your app. • i.e. your API needs to allow for App versions that haven’t been written yet.
3. VERSION CONTROL - IMPLEMENTATION • Learnings: • Don’t store app versions as strings. Use the inbuilt C# Version class. • Pass the version of each system in the Request and Response headers. (e.g. “X-API-VER” and “X-APP-VER”) • Remember that the App will not know the API version when it first starts a session. • Default to REST and Json wherever possible. Very forgiving. • You will need to hard code ‘if tests’ for version numbers in both the API and App. Ensure you use the [Obsolete] attribute with the version number where possible. • Where not possible make sure you throw out debug messages when the ‘if tests’ should be cleaned up. • Have auto-updating database version control in your apps. Naming our connection string as “/V1/xxxx” had little value. We use “/API/xxxx”.
4. DATA VOLUME OPTIMISATION • App needs to separate business logic from data transfer: • Models support full business logic. (e.g. Client, Address, HCP) • DTO’s optimised for data transfer. (e.g. ClientDto, AddressDto, HCPDto) • Optimise Json with “DefaultValueHandling” – don’t transmit nulls. • LastChangeDate. https://manad.com.au/api/client?lastChangeDate=20180715T13:10:31.102 • We use a generic process. Only use server side UTC dates. Never app device dates. • Server should always send the “RunDate” – don’t rely on record LastUpdatedTimestamp.
4. DATA VOLUME OPTIMISATION (CONT) • For complex data structures, don’t resend data if already sent. We created a “DtoSession” class. ClientDto (recursive structure) • AddressDto Address • AddressDto MailingAddress • List<HCPDto> HCPs • AddressDto Address • List<ClientDto> ClientContacts • AddressDto Address • (etc)
5. SPEED PERFORMANCE Considerations: • Http overhead: A call per record type? One call and fully cascade data? • Decision came down to what we could run on background threads: • Initial startup you need data before show a page. • Ongoing you can show last data and update with ObservableCollections. • Do you have the Apache “KeepAlive” option? • Reduced data has marginal effect on transmission performance: • (802.11b should get at least 100 Mbytes per second) • Real impact on speed is: • Optimising your server enquiries. • Optimising your app processing. • Minimising the data usually reduces the app processing time. • ... But may not reduce the server processing time.
5. SPEED PERFORMANCE (CONT) • We use NewtonSoft JSON which is fully functional: • Supports streaming for http content. • Allows us performance tuning options through scheme definitions and direct coding (if required in the future). • Compression or not? • Overhead to compress and decompress outweigh benefits? • Our research (not tested) said https you get better performance overall. • We had to do https anyway, but we did not turn on http compression.
QUESTIONS / DISCUSSION ROD HEMPHILL - MELBOURNE APP DEVELOPMENT

Recomendados

What is Serverless Computing?
What is Serverless Computing?What is Serverless Computing?
What is Serverless Computing?AIMDek Technologies
 
Whats New in SBM 10.1.5
Whats New in SBM 10.1.5Whats New in SBM 10.1.5
Whats New in SBM 10.1.5Serena Software
 
SAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSO
SAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSOSAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSO
SAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSOSAP Analytics
 
Fundamentals of software 2 | Test Case | Test Suite | Test Plan | Test Scenario
Fundamentals of software 2 | Test Case | Test Suite | Test Plan | Test ScenarioFundamentals of software 2 | Test Case | Test Suite | Test Plan | Test Scenario
Fundamentals of software 2 | Test Case | Test Suite | Test Plan | Test ScenarioSiddharth Sharma
 
RPI Lawson 10x Tech
RPI Lawson 10x TechRPI Lawson 10x Tech
RPI Lawson 10x TechRichard Leigh Stout
 
I3 - for Web & J2EE
I3 - for Web & J2EEI3 - for Web & J2EE
I3 - for Web & J2EEsebastian.guerrero
 
IIS 6.0 and asp.net
IIS 6.0 and asp.netIIS 6.0 and asp.net
IIS 6.0 and asp.netRishi Kothari
 
309675745
309675745309675745
309675745Navin Somal
 

Recomendados

What is Serverless Computing?
What is Serverless Computing?What is Serverless Computing?
What is Serverless Computing?AIMDek Technologies
 
Whats New in SBM 10.1.5
Whats New in SBM 10.1.5Whats New in SBM 10.1.5
Whats New in SBM 10.1.5Serena Software
 
SAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSO
SAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSOSAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSO
SAP #BOBJ #BI 4.1 Upgrade Webcast Series 6: User Authentication and SSOSAP Analytics
 
Fundamentals of software 2 | Test Case | Test Suite | Test Plan | Test Scenario
Fundamentals of software 2 | Test Case | Test Suite | Test Plan | Test ScenarioFundamentals of software 2 | Test Case | Test Suite | Test Plan | Test Scenario
Fundamentals of software 2 | Test Case | Test Suite | Test Plan | Test ScenarioSiddharth Sharma
 
RPI Lawson 10x Tech
RPI Lawson 10x TechRPI Lawson 10x Tech
RPI Lawson 10x TechRichard Leigh Stout
 
I3 - for Web & J2EE
I3 - for Web & J2EEI3 - for Web & J2EE
I3 - for Web & J2EEsebastian.guerrero
 
IIS 6.0 and asp.net
IIS 6.0 and asp.netIIS 6.0 and asp.net
IIS 6.0 and asp.netRishi Kothari
 
309675745
309675745309675745
309675745Navin Somal
 
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013Shereen Qumsieh
 
Middleware monitoring with Applications Manager
Middleware monitoring with Applications ManagerMiddleware monitoring with Applications Manager
Middleware monitoring with Applications ManagerManageEngine, Zoho Corporation
 
Hanover Wireless Update Manager
Hanover Wireless Update ManagerHanover Wireless Update Manager
Hanover Wireless Update ManagerGordonMcKendry2
 
Winter16 release overview of Salesforce
Winter16 release overview of SalesforceWinter16 release overview of Salesforce
Winter16 release overview of SalesforceSantosh Kumar - Patna
 
JohnMcAnespieResume2015
JohnMcAnespieResume2015JohnMcAnespieResume2015
JohnMcAnespieResume2015John McAnespie
 
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System ConfigurationSolution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System ConfigurationLinh Nguyen
 
Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Serena Software
 
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & RestoreLadies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restoregemziebeth
 
(ATS4-PLAT03) Balancing Security with access for Development
(ATS4-PLAT03) Balancing Security with access for Development(ATS4-PLAT03) Balancing Security with access for Development
(ATS4-PLAT03) Balancing Security with access for DevelopmentBIOVIA
 
[UC4] Version and Automate Everything
[UC4] Version and Automate Everything[UC4] Version and Automate Everything
[UC4] Version and Automate EverythingPerforce
 
S/4HANA Installation Quickstart Guide and Monitoring S/4HANA
S/4HANA Installation Quickstart Guide and Monitoring S/4HANAS/4HANA Installation Quickstart Guide and Monitoring S/4HANA
S/4HANA Installation Quickstart Guide and Monitoring S/4HANALinh Nguyen
 
Pune meetup 16 feb 2019
Pune meetup 16 feb 2019Pune meetup 16 feb 2019
Pune meetup 16 feb 2019Santosh Ojha
 
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...DMC, Inc.
 
SAP License Audit Process
SAP License Audit ProcessSAP License Audit Process
SAP License Audit ProcessAuditBot SAP Security Audit
 
Performance testing for integrated healthcare suite
Performance testing for integrated healthcare suitePerformance testing for integrated healthcare suite
Performance testing for integrated healthcare suiteRelevantz
 
External identity
External identityExternal identity
External identitySon Nguyen
 
Showcase_Intern
Showcase_InternShowcase_Intern
Showcase_InternVishwanarayan Sriganesh
 
Sahi
SahiSahi
SahiSohail Ahmed
 
E business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsE business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsSrinivasa Pavan Marti
 
ott_calfee_resume
ott_calfee_resumeott_calfee_resume
ott_calfee_resumeOtt Calfee
 
Tuli eServices_Ecommerce portfolio
Tuli eServices_Ecommerce portfolioTuli eServices_Ecommerce portfolio
Tuli eServices_Ecommerce portfolioTULI eServices Inc.
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service FabricDavide Benvegnù
 

Mais conteúdo relacionado

Mais procurados

SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013Shereen Qumsieh
 
Hanover Wireless Update Manager
Hanover Wireless Update ManagerHanover Wireless Update Manager
Hanover Wireless Update ManagerGordonMcKendry2
 
Winter16 release overview of Salesforce
Winter16 release overview of SalesforceWinter16 release overview of Salesforce
Winter16 release overview of SalesforceSantosh Kumar - Patna
 
JohnMcAnespieResume2015
JohnMcAnespieResume2015JohnMcAnespieResume2015
JohnMcAnespieResume2015John McAnespie
 
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System ConfigurationSolution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System ConfigurationLinh Nguyen
 
Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Serena Software
 
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & RestoreLadies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restoregemziebeth
 
(ATS4-PLAT03) Balancing Security with access for Development
(ATS4-PLAT03) Balancing Security with access for Development(ATS4-PLAT03) Balancing Security with access for Development
(ATS4-PLAT03) Balancing Security with access for DevelopmentBIOVIA
 
[UC4] Version and Automate Everything
[UC4] Version and Automate Everything[UC4] Version and Automate Everything
[UC4] Version and Automate EverythingPerforce
 
S/4HANA Installation Quickstart Guide and Monitoring S/4HANA
S/4HANA Installation Quickstart Guide and Monitoring S/4HANAS/4HANA Installation Quickstart Guide and Monitoring S/4HANA
S/4HANA Installation Quickstart Guide and Monitoring S/4HANALinh Nguyen
 
Pune meetup 16 feb 2019
Pune meetup 16 feb 2019Pune meetup 16 feb 2019
Pune meetup 16 feb 2019Santosh Ojha
 
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...DMC, Inc.
 
Performance testing for integrated healthcare suite
Performance testing for integrated healthcare suitePerformance testing for integrated healthcare suite
Performance testing for integrated healthcare suiteRelevantz
 
External identity
External identityExternal identity
External identitySon Nguyen
 
E business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsE business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsSrinivasa Pavan Marti
 

Mais procurados (19)

SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
SharePoint Saturday Silicon Valley - Upgrading from SharePoint 2010 to 2013
 
Middleware monitoring with Applications Manager
Middleware monitoring with Applications ManagerMiddleware monitoring with Applications Manager
Middleware monitoring with Applications Manager
 
Hanover Wireless Update Manager
Hanover Wireless Update ManagerHanover Wireless Update Manager
Hanover Wireless Update Manager
 
Winter16 release overview of Salesforce
Winter16 release overview of SalesforceWinter16 release overview of Salesforce
Winter16 release overview of Salesforce
 
JohnMcAnespieResume2015
JohnMcAnespieResume2015JohnMcAnespieResume2015
JohnMcAnespieResume2015
 
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System ConfigurationSolution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
Solution Manager 7.2 SAP Monitoring - Part 3 - Managed System Configuration
 
Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016Mainframe VUG Presentation April 2016
Mainframe VUG Presentation April 2016
 
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & RestoreLadies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
Ladies Be Architects - Integration - Multi-Org, Security, JSON, Backup & Restore
 
(ATS4-PLAT03) Balancing Security with access for Development
(ATS4-PLAT03) Balancing Security with access for Development(ATS4-PLAT03) Balancing Security with access for Development
(ATS4-PLAT03) Balancing Security with access for Development
 
[UC4] Version and Automate Everything
[UC4] Version and Automate Everything[UC4] Version and Automate Everything
[UC4] Version and Automate Everything
 
S/4HANA Installation Quickstart Guide and Monitoring S/4HANA
S/4HANA Installation Quickstart Guide and Monitoring S/4HANAS/4HANA Installation Quickstart Guide and Monitoring S/4HANA
S/4HANA Installation Quickstart Guide and Monitoring S/4HANA
 
Pune meetup 16 feb 2019
Pune meetup 16 feb 2019Pune meetup 16 feb 2019
Pune meetup 16 feb 2019
 
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
Advanced Motion Control: Using the New 1500TF Processor and Siemens LAxis Lib...
 
SAP License Audit Process
SAP License Audit ProcessSAP License Audit Process
SAP License Audit Process
 
Performance testing for integrated healthcare suite
Performance testing for integrated healthcare suitePerformance testing for integrated healthcare suite
Performance testing for integrated healthcare suite
 
External identity
External identityExternal identity
External identity
 
Showcase_Intern
Showcase_InternShowcase_Intern
Showcase_Intern
 
Sahi
SahiSahi
Sahi
 
E business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administratorsE business suite r12.2 changes for database administrators
E business suite r12.2 changes for database administrators
 

Semelhante a Architectural considerations when building an API

ott_calfee_resume
ott_calfee_resumeott_calfee_resume
ott_calfee_resumeOtt Calfee
 
Tuli eServices_Ecommerce portfolio
Tuli eServices_Ecommerce portfolioTuli eServices_Ecommerce portfolio
Tuli eServices_Ecommerce portfolioTULI eServices Inc.
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service FabricDavide Benvegnù
 
Rohit_Kumar_Resume
Rohit_Kumar_ResumeRohit_Kumar_Resume
Rohit_Kumar_ResumeRohit Kumar
 
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech Calidad Infotech
 
code talks Commerce: The API Economy as an E-Commerce Operating System
code talks Commerce: The API Economy as an E-Commerce Operating Systemcode talks Commerce: The API Economy as an E-Commerce Operating System
code talks Commerce: The API Economy as an E-Commerce Operating SystemAdelina Todeva
 
Testing in the Cloud using Panda
Testing in the Cloud using PandaTesting in the Cloud using Panda
Testing in the Cloud using PandaTao Jiang
 
Disruptive Trends in Application Development
Disruptive Trends in Application DevelopmentDisruptive Trends in Application Development
Disruptive Trends in Application DevelopmentWaveMaker, Inc.
 
Online talent sourcing - a future essentia
Online talent sourcing - a future essentiaOnline talent sourcing - a future essentia
Online talent sourcing - a future essentiaHSE Guru
 
Migrating from a monolith to microservices – is it worth it?
Migrating from a monolith to microservices – is it worth it?Migrating from a monolith to microservices – is it worth it?
Migrating from a monolith to microservices – is it worth it?Katherine Golovinova
 
Apinizer - Full API Lifecycle and Integration Platform
Apinizer - Full API Lifecycle and Integration Platform Apinizer - Full API Lifecycle and Integration Platform
Apinizer - Full API Lifecycle and Integration Platform Mustafa Yildiz
 
Google Cloud Platform as a Backend Solution for your Product
Google Cloud Platform as a Backend Solution for your ProductGoogle Cloud Platform as a Backend Solution for your Product
Google Cloud Platform as a Backend Solution for your ProductSergey Smetanin
 

Semelhante a Architectural considerations when building an API (20)

ott_calfee_resume
ott_calfee_resumeott_calfee_resume
ott_calfee_resume
 
Tuli eServices_Ecommerce portfolio
Tuli eServices_Ecommerce portfolioTuli eServices_Ecommerce portfolio
Tuli eServices_Ecommerce portfolio
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric
 
Tuli eServices Dotnet portfolio
Tuli eServices Dotnet portfolioTuli eServices Dotnet portfolio
Tuli eServices Dotnet portfolio
 
Inventory managment system
Inventory managment systemInventory managment system
Inventory managment system
 
Rohit_Kumar_Resume
Rohit_Kumar_ResumeRohit_Kumar_Resume
Rohit_Kumar_Resume
 
Mobile APIs in Practice
Mobile APIs in PracticeMobile APIs in Practice
Mobile APIs in Practice
 
Neev Load Testing Services
Neev Load Testing ServicesNeev Load Testing Services
Neev Load Testing Services
 
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
Asynchronous API Testing: Trends, Tools & More | Calidad Infotech
 
Azure Mobile Services
Azure Mobile ServicesAzure Mobile Services
Azure Mobile Services
 
Resume 10-24-16
Resume 10-24-16Resume 10-24-16
Resume 10-24-16
 
chandrakanth
chandrakanthchandrakanth
chandrakanth
 
code talks Commerce: The API Economy as an E-Commerce Operating System
code talks Commerce: The API Economy as an E-Commerce Operating Systemcode talks Commerce: The API Economy as an E-Commerce Operating System
code talks Commerce: The API Economy as an E-Commerce Operating System
 
Testing in the Cloud using Panda
Testing in the Cloud using PandaTesting in the Cloud using Panda
Testing in the Cloud using Panda
 
Disruptive Trends in Application Development
Disruptive Trends in Application DevelopmentDisruptive Trends in Application Development
Disruptive Trends in Application Development
 
Online talent sourcing - a future essentia
Online talent sourcing - a future essentiaOnline talent sourcing - a future essentia
Online talent sourcing - a future essentia
 
Migrating from a monolith to microservices – is it worth it?
Migrating from a monolith to microservices – is it worth it?Migrating from a monolith to microservices – is it worth it?
Migrating from a monolith to microservices – is it worth it?
 
Apinizer - Full API Lifecycle and Integration Platform
Apinizer - Full API Lifecycle and Integration Platform Apinizer - Full API Lifecycle and Integration Platform
Apinizer - Full API Lifecycle and Integration Platform
 
Raghu resume[1]
Raghu resume[1]Raghu resume[1]
Raghu resume[1]
 
Google Cloud Platform as a Backend Solution for your Product
Google Cloud Platform as a Backend Solution for your ProductGoogle Cloud Platform as a Backend Solution for your Product
Google Cloud Platform as a Backend Solution for your Product
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Último (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Architectural considerations when building an API

  • 1. API ARCHITECTURE FOR MOBILE APPS ROD HEMPHILL MELBOURNE APP DEVELOPMENT
  • 2. PROBLEM STATEMENT • Management Advantage Pty Ltd provides administration and other solutions for aged care facilities in Australia. • There core system is an Entity Framework desktop Aged Care administration system. • They had an existing API built for their staff mobile app and needed to: • provide an API to a new mobile app to support family members of clients, and • an API to support third parties to provide other solutions such as catering and maintenance. • How do you do this?
  • 3. THE CORE SYSTEM • An extensive solution providing: • client administration, • ACFI appraisals, • Medicare claims, • client care, • client assessments, • care planning, • progress management, • graphical charting, • client, management and healthcare professional communications, • facilities maintenance, • compliance audits, • employee management, • police checks, • courses and certificate management, • invoicing, • banking ….. It’s big and comprehensive. • Entity Framework .Net system using Forms, SQL Server with about 1500 tables.
  • 4. STAFF APP • Intended for client support staff to provide the following services: • Record chart information (e.g. blood glucose level, heart rate etc) • Provide staff with client personal information (e.g. life story, family details) • Evacuation Aid • ACFI reporting • Activity events management (e.g. Bingo attendance) • Xamarin Forms, Android and iPhone, oAuth session based authentication. • Uses the camera. • 60 pages, 3 graphic charts using telerix. • Sqlite database with 117 tables. • Designed to work offline hence keeps a copy of large amounts of operational data. One medium sized client has 27,800 records stored locally and kept in sync.
  • 5. FAMILY APP • For family members of clients to communciate with health care professions, see what their parents activities, provide feedback and maintenance request. • Xamarin Forms, 17 pages. • Social media and standard session based oAuth authetication. • Push notifications, camera support. • Sqlite with 20 tables, and a small volume of data. • Firebase Deep Linking onboarding.
  • 6. API FOR THIRD PARTY ACCESS • Generic API for third party access to data. • Uses: Catering services, facilities maintenance. • Issued encrypted security key access. • Continually growing.
  • 7. DIFFERING REQUIREMENTS Staff App Family App 3rd Party Access Speed of transfer ✔ ✔ Volume of data optimisation ✔ Data synchronisation (always in sync) ✔ ✔ Simplistic flat data formats ✔ Ever evolving functionality ✔ New interfaces ✔ Require stable interfaces ✔ Maintainability ✔ ✔ ✔
  • 8. API DESIGN CONSIDERATIONS 1. Maintainability, extensibility, expandability. 2. Security 3. Version control. 4. Data volume optimisation. 5. Speed performance.
  • 9. 1. MAINTAINABILITY Single or many API’s? • Originally one for apps and one for 3rd party API. • Now a single API. • The architecture is complex, but the real maintenance is the functional changes. REST • Inherently flexible. • Supports flat and hierarchic data. • Internal systems can compromise flexibility for redundant data. • You will need to pass parameters to handle complexity. We use “App-Name”.
  • 10. 2. SECURITY Differing options: • Flat private key. • Hashed private / public key. (Used for high security currency transations). • Username/Password session based. • Username/Password initiated oAuth, with sessions. Management Advantage Chose: • Flat private key for 3rd party • Username/Password initiated oAuth with sessions. • Use Https.
  • 11. 3. VERSION CONTROL Servers architecture: 1. Central server per client. 2. Centralised, single version, multi- tenanted cloud based system. Problem: • You don’t have any control when the user downloads an app. • The app version could be behind or ahead of your API. • Your API could be ahead or behind your app. • i.e. your API needs to allow for App versions that haven’t been written yet.
  • 12. 3. VERSION CONTROL - IMPLEMENTATION • Learnings: • Don’t store app versions as strings. Use the inbuilt C# Version class. • Pass the version of each system in the Request and Response headers. (e.g. “X-API-VER” and “X-APP-VER”) • Remember that the App will not know the API version when it first starts a session. • Default to REST and Json wherever possible. Very forgiving. • You will need to hard code ‘if tests’ for version numbers in both the API and App. Ensure you use the [Obsolete] attribute with the version number where possible. • Where not possible make sure you throw out debug messages when the ‘if tests’ should be cleaned up. • Have auto-updating database version control in your apps. Naming our connection string as “/V1/xxxx” had little value. We use “/API/xxxx”.
  • 13. 4. DATA VOLUME OPTIMISATION • App needs to separate business logic from data transfer: • Models support full business logic. (e.g. Client, Address, HCP) • DTO’s optimised for data transfer. (e.g. ClientDto, AddressDto, HCPDto) • Optimise Json with “DefaultValueHandling” – don’t transmit nulls. • LastChangeDate. https://manad.com.au/api/client?lastChangeDate=20180715T13:10:31.102 • We use a generic process. Only use server side UTC dates. Never app device dates. • Server should always send the “RunDate” – don’t rely on record LastUpdatedTimestamp.
  • 14. 4. DATA VOLUME OPTIMISATION (CONT) • For complex data structures, don’t resend data if already sent. We created a “DtoSession” class. ClientDto (recursive structure) • AddressDto Address • AddressDto MailingAddress • List<HCPDto> HCPs • AddressDto Address • List<ClientDto> ClientContacts • AddressDto Address • (etc)
  • 15. 5. SPEED PERFORMANCE Considerations: • Http overhead: A call per record type? One call and fully cascade data? • Decision came down to what we could run on background threads: • Initial startup you need data before show a page. • Ongoing you can show last data and update with ObservableCollections. • Do you have the Apache “KeepAlive” option? • Reduced data has marginal effect on transmission performance: • (802.11b should get at least 100 Mbytes per second) • Real impact on speed is: • Optimising your server enquiries. • Optimising your app processing. • Minimising the data usually reduces the app processing time. • ... But may not reduce the server processing time.
  • 16. 5. SPEED PERFORMANCE (CONT) • We use NewtonSoft JSON which is fully functional: • Supports streaming for http content. • Allows us performance tuning options through scheme definitions and direct coding (if required in the future). • Compression or not? • Overhead to compress and decompress outweigh benefits? • Our research (not tested) said https you get better performance overall. • We had to do https anyway, but we did not turn on http compression.
  • 17. QUESTIONS / DISCUSSION ROD HEMPHILL - MELBOURNE APP DEVELOPMENT