SlideShare a Scribd company logo

Designing your API Server for mobile apps

Mugunth Kumar
Mugunth Kumar
Technology
1 of 32
Designing Your API Server Mugunth Kumar iOS Developer, Author and Trainer
About me ROB NAPIER MUGUNTH KUMAR • Author of the iOS 5 programming: Pushing the limits book - Reached the top 100 books in Amazon’s Computer and Technology books list • Trainer - Conducts training on iOS iOS 5 programming at iOSTraining.sg. PROGRAMMING • Developer PUSHING THE LIMITS • MKNetworkKit (1100+ watchers) Advanced Application Development • MKStoreKit (700+ watchers) for Apple iPhone , iPad and iPod Touch ® ® ® • Several other “minor” projects with 200+ watchers • Clients include startups in Singapore like Squiryl, Found and MNC’s including Microsoft Redmond, Oracle and such.
Agenda • HTTP Verbs • API Documentation • De-normalization • Versioning and deprecation • Caching
VERBS - In REST Parlance • Any API that alters or changes the content of the database should use the POST verb • Any API that adds new entries to the database should use the POST or PUT (preferably a PUT) verb • Any API that deletes entries should use the “DELETE” verb • Everything else should use the “GET” verb
VERBS - In developer parlance • If your query is “INSERT into TABLE VALUES…” • Your verb should be PUT • If your query is “UPDATE table set…” • Your verb should be a POST • If your query is “DELETE from table WHERE…” • Your verb should be DELETE • If your query is “SELECT * from WHERE…” • Your verb should be GET
What happens instead? • Isn’t that common sense? • Apparently, most .NET developers write API servers the old way. • SOAP way • RPC way • One endpoint and every operation is sent as a “POST” parameter • POST api.mycompany.com/api.svc op=“get_profile”
Importance of using the right VERB • “POST” / “PUT” methods are non-idempotent and should not be cached. That means, any intermediate proxy server (could be your ISP) will not cache your responses. • In most API servers, >80% of API calls will read data off your database that can be cached. • Just by making a wrong verb choice, you inadvertently add scaling complexity • By using “GET” verb, you can easily introduce a caching proxy and also piggy back on ISP’s proxy servers.
Pure RESTful Server? • Pure RESTful server following a HATEOAS has just one endpoint, serves hypermedia resources and expects clients to be RESTful. • JSON is not a hypermedia resource • Adds client complexity - You ought to complete your iOS app in 3 months lest you die • Was nice to have in “olden” days where browsers were “RESTful” clients • Today, developers race to make a “curated” app with a customized experience than a generic, generated user interface.
Documentation • Write and document your top level models • Top level models != DAO • Every top level model might have one or more associated DAO • “Tweet” is a top level model and so is “User” or “Profile”
Documentation • Document your API’s parameters and mark optional and mandatory parameters. • List out public API, protected API and hybrid APIs • Document your API responses using top-level models • APIs should not have undocumented behavior. • Any non essential parameters like x-client-version or Authorization in HTTP header should be passed in header
Documentation • Example: api.foursquare.com • /venue • accepts a venue id • returns a detailed venue object • App.NET (That “upcoming” $50 social network) • Twitter - Extensive and difficult to understand though
DAO vs Top Level Models • A tweet model contains the following • The tweet text • The geo location of the tweet • The user who tweeted it • Number of retweets and favorites • The top 10 users who retweeted and favorited the tweet
DAO vs Top Level Models • In a traditional relational database, • Tweets would be stored in a “tweets” table • Retweets would be stored in a “retweets” table which might include the time of retweet as well. • So are favorites • The user profile information would be stored in a “users” table
De-Normalization • Your API server should de-normalize information stored in different tables into one top level model in your application. • You normalize data as a part of your database design and implementation • You should de-normalize them as a part of your API design and implementation
Ill Effects • If you don’t de-normalize your responses, the client device has to make multiple calls • A twitter client will probably make four calls per tweet to show information on a tweet details page • If your Keep-Alive is set to a low number, (default in Apache 2.2) every API call will require a new connection.
Ill Effects • Your sys-admin, as a stop-gap measure, reduces the Keep- Alive time. This might work well and improve the server’s ability to handle more requests in parallel • But think again, your server is handling more requests than actually necessary if it were de-normalized • An API that is NOT de-normalized will kill your startup in no time, much like de-normalized database • Cellular networks in 2012 are not as capable as broadband • 6 concurrent connections on broadband vs 2 in 3G
Versioning • Versioning wasn’t a major issue with web based applications • Serious issue with disconnected native clients • Version 1 => Profile = { “name”:”Mugunth Kumar”} • Version 2 => Profile = { “first_name”:”Mugunth”, “last_name”:”Kumar”} • Send both in Version 2 => Profile = { “first_name”:”Mugunth”, “last_name”:”Kumar”, “name”:”Mugunth Kumar”} ?
Versioning - Right way • When you deploy API 2.0, your server should still be capable of serving 1.x clients because, unlike a traditional web app, you cannot deploy a native client to all your customers at the same time. • Version your models. Maintain multiple versions of top level models mapping to the same DAO • Respect the “Accept” HTTP Header • URL versioning is clumsy
Versioning - Right way • Accept: application/MyApp.MyModel.1.0+json • Your API server should check the “Accept” header and instantiate that version of response top level model. 1.0 in this case. • Fill in your model with information from various tables (de- normalization) • Serialize version 1.0 of your top level model as your response
Why version your models? • Ensures that changes to database doesn’t affect the response • The server developer will have complete control over when to deprecate a certain top level model’s version. • That is, if some change made to the database can no longer be meaningfully accommodated into the top-level model, you can deprecate it. • Changes to DB can be done with less impact. This means your server, and hence you startup will be more nimble (and even pivotable) to changes.
Don’t do this! $var = mysql_query(“select * from User”); json_encode($var);
Caching
Caching • Most of you think caching is something that clients should implement • Client has no way to know when to expire or revalidate • Example • User Profile avatar update • A client remembers a profile image for 7 days • Any changes to avatar will not be visible on client for the next 7 days
Caching • HTTP 1.1 spec standardizes the following cache control headers • Expiration Model • Expires • Cache-Control • Validation Model • ETag • Last-Modified
Caching - Expiration Model location ~ .(jpg|gif|png|ico|jpeg|css|swf)$ { expires 7d; } Expires: <date>
Caching - Validation Model • Checksum of the resource • Sent as ETag • Last-Modified (if you database has this info) • Sent as Last-Modified Or Cache-Control
Caching - Client validation Important HTTP Headers • IF-MODIFIED-SINCE • IF-NONE-MATCH
Caching - Server side implementation • ETag based caching is easy • Hash the top-level-object using any object hashing algorithm • Last-Modified • Server should send data that was new after IF-MODIFIED-SINCE select * from friends becomes, select * from friends where friendedDate > IF-MODIFIED-SINCE
Choosing a caching model • All static resources - Expiration model • All dynamic data - Validation model • If dynamic data is a list - Use Last-Modified based validation model • Example - /friends • If dynamic data is a model - use ETag based validation model • Example - /user/<uid>/avatar
Resources • Books • REST API Design Rulebook, By Mark Masse http:// shop.oreilly.com/product/0636920021575.do • Web Resources • http://blog.mugunthkumar.com/articles/restful-api-server- doing-it-the-right-way-part-1/ • http://blog.mugunthkumar.com/articles/restful-api-server- doing-it-the-right-way-part-2/
Thanks @mugunthkumar ROB NAPIER MUGUNTH KUMAR mugunth@steinlogic.com iostraining.sg iOS 5 PROGRAMMING Available for consulting PUSHING THE LIMITS services Advanced Application Development for Apple iPhone , iPad and iPod Touch ® ® ® iOS App Development API/Server Design Mobile UX
iOS Conf SG - 2013 • 31st Jan - Workshop and Hands On • 1st Feb and 2nd Feb - Conference • 15 Awesome Talks by renowned iOS Developers around the World • Join us at @iosdevscout or @iosconfsg • http://facebook.com/groups/iosdevscout/

Recommended

Deck officer performance appraisal
Deck officer performance appraisalDeck officer performance appraisal
Deck officer performance appraisalhernandezjoshua395
 
Treinamento em trabalho em altura e prevenção de quedas
Treinamento em trabalho em altura e prevenção de quedas Treinamento em trabalho em altura e prevenção de quedas
Treinamento em trabalho em altura e prevenção de quedas Alexandre Roque
 
Receiving inspector performance appraisal
Receiving inspector performance appraisalReceiving inspector performance appraisal
Receiving inspector performance appraisalkenzphillip12
 
Fire handbook
Fire handbookFire handbook
Fire handbookMuhammad Ahmad
 
Weld Repair
Weld RepairWeld Repair
Weld RepairAntonius Pompi Bramono
 
Shipping and receiving clerk performance appraisal
Shipping and receiving clerk performance appraisalShipping and receiving clerk performance appraisal
Shipping and receiving clerk performance appraisalkimacraw
 
Safety at workplace
Safety at workplaceSafety at workplace
Safety at workplacedfarouq
 
Financial administrator performance appraisal
Financial administrator performance appraisalFinancial administrator performance appraisal
Financial administrator performance appraisalpetermiken89
 

Recommended

Deck officer performance appraisal
Deck officer performance appraisalDeck officer performance appraisal
Deck officer performance appraisalhernandezjoshua395
 
Treinamento em trabalho em altura e prevenção de quedas
Treinamento em trabalho em altura e prevenção de quedas Treinamento em trabalho em altura e prevenção de quedas
Treinamento em trabalho em altura e prevenção de quedas Alexandre Roque
 
Receiving inspector performance appraisal
Receiving inspector performance appraisalReceiving inspector performance appraisal
Receiving inspector performance appraisalkenzphillip12
 
Fire handbook
Fire handbookFire handbook
Fire handbookMuhammad Ahmad
 
Weld Repair
Weld RepairWeld Repair
Weld RepairAntonius Pompi Bramono
 
Shipping and receiving clerk performance appraisal
Shipping and receiving clerk performance appraisalShipping and receiving clerk performance appraisal
Shipping and receiving clerk performance appraisalkimacraw
 
Safety at workplace
Safety at workplaceSafety at workplace
Safety at workplacedfarouq
 
Financial administrator performance appraisal
Financial administrator performance appraisalFinancial administrator performance appraisal
Financial administrator performance appraisalpetermiken89
 
Fabrication engineer performance appraisal
Fabrication engineer performance appraisalFabrication engineer performance appraisal
Fabrication engineer performance appraisallopedhapper
 
Investment manager performance appraisal
Investment manager performance appraisalInvestment manager performance appraisal
Investment manager performance appraisallindacami643
 
Office administrative assistant perfomance appraisal 2
Office administrative assistant perfomance appraisal 2Office administrative assistant perfomance appraisal 2
Office administrative assistant perfomance appraisal 2tonychoper2104
 
Financial administrative assistant performance appraisal
Financial administrative assistant performance appraisalFinancial administrative assistant performance appraisal
Financial administrative assistant performance appraisalKateBeckinsale345
 
Acidente esmerilhadeira
Acidente esmerilhadeiraAcidente esmerilhadeira
Acidente esmerilhadeiraSaulo Silva
 
Nursing supervisor perfomance appraisal 2
Nursing supervisor perfomance appraisal 2Nursing supervisor perfomance appraisal 2
Nursing supervisor perfomance appraisal 2tonychoper0304
 
Segurança nos Trabalhos em Espaços Confinados
Segurança nos Trabalhos em Espaços Confinados Segurança nos Trabalhos em Espaços Confinados
Segurança nos Trabalhos em Espaços Confinados eugeniorocha
 
Tendering engineer performance appraisal
Tendering engineer performance appraisalTendering engineer performance appraisal
Tendering engineer performance appraisalMonmaKouki345
 
Best Practices for Building WordPress Applications
Best Practices for Building WordPress ApplicationsBest Practices for Building WordPress Applications
Best Practices for Building WordPress ApplicationsTaylor Lovett
 
Recipes for API Ninjas
Recipes for API NinjasRecipes for API Ninjas
Recipes for API NinjasNordic APIs
 
Mobile APIs in Practice
Mobile APIs in PracticeMobile APIs in Practice
Mobile APIs in PracticeTyler Singletary
 
How to design effective APIs
How to design effective APIsHow to design effective APIs
How to design effective APIsBansilal Haudakari
 
Web Clients for Ruby and What they should be in the future
Web Clients for Ruby and What they should be in the futureWeb Clients for Ruby and What they should be in the future
Web Clients for Ruby and What they should be in the futureToru Kawamura
 
Picnic Software - Developing a flexible and scalable application
Picnic Software - Developing a flexible and scalable applicationPicnic Software - Developing a flexible and scalable application
Picnic Software - Developing a flexible and scalable applicationNick Josevski
 
Profiling and Tuning a Web Application - The Dirty Details
Profiling and Tuning a Web Application - The Dirty DetailsProfiling and Tuning a Web Application - The Dirty Details
Profiling and Tuning a Web Application - The Dirty DetailsAchievers Tech
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxapidays
 
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays
 
Chef for openstack
Chef for openstackChef for openstack
Chef for openstackopenstackindia
 
When small problems become big problems
When small problems become big problemsWhen small problems become big problems
When small problems become big problemsAdrian Cole
 
Service-Oriented Design and Implement with Rails3
Service-Oriented Design and Implement with Rails3Service-Oriented Design and Implement with Rails3
Service-Oriented Design and Implement with Rails3Wen-Tien Chang
 
12-Step Program for Scaling Web Applications on PostgreSQL
12-Step Program for Scaling Web Applications on PostgreSQL12-Step Program for Scaling Web Applications on PostgreSQL
12-Step Program for Scaling Web Applications on PostgreSQLKonstantin Gredeskoul
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayAmazon Web Services
 

More Related Content

What's hot

Fabrication engineer performance appraisal
Fabrication engineer performance appraisalFabrication engineer performance appraisal
Fabrication engineer performance appraisallopedhapper
 
Investment manager performance appraisal
Investment manager performance appraisalInvestment manager performance appraisal
Investment manager performance appraisallindacami643
 
Office administrative assistant perfomance appraisal 2
Office administrative assistant perfomance appraisal 2Office administrative assistant perfomance appraisal 2
Office administrative assistant perfomance appraisal 2tonychoper2104
 
Financial administrative assistant performance appraisal
Financial administrative assistant performance appraisalFinancial administrative assistant performance appraisal
Financial administrative assistant performance appraisalKateBeckinsale345
 
Acidente esmerilhadeira
Acidente esmerilhadeiraAcidente esmerilhadeira
Acidente esmerilhadeiraSaulo Silva
 
Nursing supervisor perfomance appraisal 2
Nursing supervisor perfomance appraisal 2Nursing supervisor perfomance appraisal 2
Nursing supervisor perfomance appraisal 2tonychoper0304
 
Segurança nos Trabalhos em Espaços Confinados
Segurança nos Trabalhos em Espaços Confinados Segurança nos Trabalhos em Espaços Confinados
Segurança nos Trabalhos em Espaços Confinados eugeniorocha
 
Tendering engineer performance appraisal
Tendering engineer performance appraisalTendering engineer performance appraisal
Tendering engineer performance appraisalMonmaKouki345
 

What's hot (8)

Fabrication engineer performance appraisal
Fabrication engineer performance appraisalFabrication engineer performance appraisal
Fabrication engineer performance appraisal
 
Investment manager performance appraisal
Investment manager performance appraisalInvestment manager performance appraisal
Investment manager performance appraisal
 
Office administrative assistant perfomance appraisal 2
Office administrative assistant perfomance appraisal 2Office administrative assistant perfomance appraisal 2
Office administrative assistant perfomance appraisal 2
 
Financial administrative assistant performance appraisal
Financial administrative assistant performance appraisalFinancial administrative assistant performance appraisal
Financial administrative assistant performance appraisal
 
Acidente esmerilhadeira
Acidente esmerilhadeiraAcidente esmerilhadeira
Acidente esmerilhadeira
 
Nursing supervisor perfomance appraisal 2
Nursing supervisor perfomance appraisal 2Nursing supervisor perfomance appraisal 2
Nursing supervisor perfomance appraisal 2
 
Segurança nos Trabalhos em Espaços Confinados
Segurança nos Trabalhos em Espaços Confinados Segurança nos Trabalhos em Espaços Confinados
Segurança nos Trabalhos em Espaços Confinados
 
Tendering engineer performance appraisal
Tendering engineer performance appraisalTendering engineer performance appraisal
Tendering engineer performance appraisal
 

Similar to Designing your API Server for mobile apps

Best Practices for Building WordPress Applications
Best Practices for Building WordPress ApplicationsBest Practices for Building WordPress Applications
Best Practices for Building WordPress ApplicationsTaylor Lovett
 
Recipes for API Ninjas
Recipes for API NinjasRecipes for API Ninjas
Recipes for API NinjasNordic APIs
 
Web Clients for Ruby and What they should be in the future
Web Clients for Ruby and What they should be in the futureWeb Clients for Ruby and What they should be in the future
Web Clients for Ruby and What they should be in the futureToru Kawamura
 
Picnic Software - Developing a flexible and scalable application
Picnic Software - Developing a flexible and scalable applicationPicnic Software - Developing a flexible and scalable application
Picnic Software - Developing a flexible and scalable applicationNick Josevski
 
Profiling and Tuning a Web Application - The Dirty Details
Profiling and Tuning a Web Application - The Dirty DetailsProfiling and Tuning a Web Application - The Dirty Details
Profiling and Tuning a Web Application - The Dirty DetailsAchievers Tech
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxapidays
 
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays
 
When small problems become big problems
When small problems become big problemsWhen small problems become big problems
When small problems become big problemsAdrian Cole
 
Service-Oriented Design and Implement with Rails3
Service-Oriented Design and Implement with Rails3Service-Oriented Design and Implement with Rails3
Service-Oriented Design and Implement with Rails3Wen-Tien Chang
 
12-Step Program for Scaling Web Applications on PostgreSQL
12-Step Program for Scaling Web Applications on PostgreSQL12-Step Program for Scaling Web Applications on PostgreSQL
12-Step Program for Scaling Web Applications on PostgreSQLKonstantin Gredeskoul
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayAmazon Web Services
 
Cloud-native Data: Every Microservice Needs a Cache
Cloud-native Data: Every Microservice Needs a CacheCloud-native Data: Every Microservice Needs a Cache
Cloud-native Data: Every Microservice Needs a Cachecornelia davis
 
Advanced Web Technology.pptx
Advanced Web Technology.pptxAdvanced Web Technology.pptx
Advanced Web Technology.pptxssuser35fdf2
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service FabricDavide Benvegnù
 
Building a REST API for Longevity
Building a REST API for LongevityBuilding a REST API for Longevity
Building a REST API for LongevityMuleSoft
 
Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBJohn Bennett
 
Azure Functions Real World Examples
Azure Functions Real World Examples Azure Functions Real World Examples
Azure Functions Real World Examples Yochay Kiriaty
 

Similar to Designing your API Server for mobile apps (20)

Best Practices for Building WordPress Applications
Best Practices for Building WordPress ApplicationsBest Practices for Building WordPress Applications
Best Practices for Building WordPress Applications
 
Recipes for API Ninjas
Recipes for API NinjasRecipes for API Ninjas
Recipes for API Ninjas
 
Mobile APIs in Practice
Mobile APIs in PracticeMobile APIs in Practice
Mobile APIs in Practice
 
How to design effective APIs
How to design effective APIsHow to design effective APIs
How to design effective APIs
 
Web Clients for Ruby and What they should be in the future
Web Clients for Ruby and What they should be in the futureWeb Clients for Ruby and What they should be in the future
Web Clients for Ruby and What they should be in the future
 
Picnic Software - Developing a flexible and scalable application
Picnic Software - Developing a flexible and scalable applicationPicnic Software - Developing a flexible and scalable application
Picnic Software - Developing a flexible and scalable application
 
Profiling and Tuning a Web Application - The Dirty Details
Profiling and Tuning a Web Application - The Dirty DetailsProfiling and Tuning a Web Application - The Dirty Details
Profiling and Tuning a Web Application - The Dirty Details
 
Lessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptxLessons learned on the Azure API Stewardship Journey.pptx
Lessons learned on the Azure API Stewardship Journey.pptx
 
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...
 
Chef for openstack
Chef for openstackChef for openstack
Chef for openstack
 
When small problems become big problems
When small problems become big problemsWhen small problems become big problems
When small problems become big problems
 
Service-Oriented Design and Implement with Rails3
Service-Oriented Design and Implement with Rails3Service-Oriented Design and Implement with Rails3
Service-Oriented Design and Implement with Rails3
 
12-Step Program for Scaling Web Applications on PostgreSQL
12-Step Program for Scaling Web Applications on PostgreSQL12-Step Program for Scaling Web Applications on PostgreSQL
12-Step Program for Scaling Web Applications on PostgreSQL
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API Gateway
 
Cloud-native Data: Every Microservice Needs a Cache
Cloud-native Data: Every Microservice Needs a CacheCloud-native Data: Every Microservice Needs a Cache
Cloud-native Data: Every Microservice Needs a Cache
 
Advanced Web Technology.pptx
Advanced Web Technology.pptxAdvanced Web Technology.pptx
Advanced Web Technology.pptx
 
.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric
 
Building a REST API for Longevity
Building a REST API for LongevityBuilding a REST API for Longevity
Building a REST API for Longevity
 
Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDB
 
Azure Functions Real World Examples
Azure Functions Real World Examples Azure Functions Real World Examples
Azure Functions Real World Examples
 

More from Mugunth Kumar

Using CoreML to Push the Limits of your App
Using CoreML to Push the Limits of your AppUsing CoreML to Push the Limits of your App
Using CoreML to Push the Limits of your AppMugunth Kumar
 
The new Apple TV and the tvOS
The new Apple TV and the tvOSThe new Apple TV and the tvOS
The new Apple TV and the tvOSMugunth Kumar
 
Hi performance table views with QuartzCore and CoreText
Hi performance table views with QuartzCore and CoreTextHi performance table views with QuartzCore and CoreText
Hi performance table views with QuartzCore and CoreTextMugunth Kumar
 
My experience as a indie consultant
My experience as a indie consultant My experience as a indie consultant
My experience as a indie consultant Mugunth Kumar
 

More from Mugunth Kumar (6)

Using CoreML to Push the Limits of your App
Using CoreML to Push the Limits of your AppUsing CoreML to Push the Limits of your App
Using CoreML to Push the Limits of your App
 
The new Apple TV and the tvOS
The new Apple TV and the tvOSThe new Apple TV and the tvOS
The new Apple TV and the tvOS
 
App store economics
App store economicsApp store economics
App store economics
 
Hi performance table views with QuartzCore and CoreText
Hi performance table views with QuartzCore and CoreTextHi performance table views with QuartzCore and CoreText
Hi performance table views with QuartzCore and CoreText
 
My experience as a indie consultant
My experience as a indie consultant My experience as a indie consultant
My experience as a indie consultant
 
In App Purchases
In App PurchasesIn App Purchases
In App Purchases
 

Recently uploaded

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 

Recently uploaded (20)

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 

Designing your API Server for mobile apps

  • 1. Designing Your API Server Mugunth Kumar iOS Developer, Author and Trainer
  • 2. About me ROB NAPIER MUGUNTH KUMAR • Author of the iOS 5 programming: Pushing the limits book - Reached the top 100 books in Amazon’s Computer and Technology books list • Trainer - Conducts training on iOS iOS 5 programming at iOSTraining.sg. PROGRAMMING • Developer PUSHING THE LIMITS • MKNetworkKit (1100+ watchers) Advanced Application Development • MKStoreKit (700+ watchers) for Apple iPhone , iPad and iPod Touch ® ® ® • Several other “minor” projects with 200+ watchers • Clients include startups in Singapore like Squiryl, Found and MNC’s including Microsoft Redmond, Oracle and such.
  • 3. Agenda • HTTP Verbs • API Documentation • De-normalization • Versioning and deprecation • Caching
  • 4. VERBS - In REST Parlance • Any API that alters or changes the content of the database should use the POST verb • Any API that adds new entries to the database should use the POST or PUT (preferably a PUT) verb • Any API that deletes entries should use the “DELETE” verb • Everything else should use the “GET” verb
  • 5. VERBS - In developer parlance • If your query is “INSERT into TABLE VALUES…” • Your verb should be PUT • If your query is “UPDATE table set…” • Your verb should be a POST • If your query is “DELETE from table WHERE…” • Your verb should be DELETE • If your query is “SELECT * from WHERE…” • Your verb should be GET
  • 6. What happens instead? • Isn’t that common sense? • Apparently, most .NET developers write API servers the old way. • SOAP way • RPC way • One endpoint and every operation is sent as a “POST” parameter • POST api.mycompany.com/api.svc op=“get_profile”
  • 7. Importance of using the right VERB • “POST” / “PUT” methods are non-idempotent and should not be cached. That means, any intermediate proxy server (could be your ISP) will not cache your responses. • In most API servers, >80% of API calls will read data off your database that can be cached. • Just by making a wrong verb choice, you inadvertently add scaling complexity • By using “GET” verb, you can easily introduce a caching proxy and also piggy back on ISP’s proxy servers.
  • 8. Pure RESTful Server? • Pure RESTful server following a HATEOAS has just one endpoint, serves hypermedia resources and expects clients to be RESTful. • JSON is not a hypermedia resource • Adds client complexity - You ought to complete your iOS app in 3 months lest you die • Was nice to have in “olden” days where browsers were “RESTful” clients • Today, developers race to make a “curated” app with a customized experience than a generic, generated user interface.
  • 9. Documentation • Write and document your top level models • Top level models != DAO • Every top level model might have one or more associated DAO • “Tweet” is a top level model and so is “User” or “Profile”
  • 10. Documentation • Document your API’s parameters and mark optional and mandatory parameters. • List out public API, protected API and hybrid APIs • Document your API responses using top-level models • APIs should not have undocumented behavior. • Any non essential parameters like x-client-version or Authorization in HTTP header should be passed in header
  • 11. Documentation • Example: api.foursquare.com • /venue • accepts a venue id • returns a detailed venue object • App.NET (That “upcoming” $50 social network) • Twitter - Extensive and difficult to understand though
  • 12. DAO vs Top Level Models • A tweet model contains the following • The tweet text • The geo location of the tweet • The user who tweeted it • Number of retweets and favorites • The top 10 users who retweeted and favorited the tweet
  • 13. DAO vs Top Level Models • In a traditional relational database, • Tweets would be stored in a “tweets” table • Retweets would be stored in a “retweets” table which might include the time of retweet as well. • So are favorites • The user profile information would be stored in a “users” table
  • 14. De-Normalization • Your API server should de-normalize information stored in different tables into one top level model in your application. • You normalize data as a part of your database design and implementation • You should de-normalize them as a part of your API design and implementation
  • 15. Ill Effects • If you don’t de-normalize your responses, the client device has to make multiple calls • A twitter client will probably make four calls per tweet to show information on a tweet details page • If your Keep-Alive is set to a low number, (default in Apache 2.2) every API call will require a new connection.
  • 16. Ill Effects • Your sys-admin, as a stop-gap measure, reduces the Keep- Alive time. This might work well and improve the server’s ability to handle more requests in parallel • But think again, your server is handling more requests than actually necessary if it were de-normalized • An API that is NOT de-normalized will kill your startup in no time, much like de-normalized database • Cellular networks in 2012 are not as capable as broadband • 6 concurrent connections on broadband vs 2 in 3G
  • 17. Versioning • Versioning wasn’t a major issue with web based applications • Serious issue with disconnected native clients • Version 1 => Profile = { “name”:”Mugunth Kumar”} • Version 2 => Profile = { “first_name”:”Mugunth”, “last_name”:”Kumar”} • Send both in Version 2 => Profile = { “first_name”:”Mugunth”, “last_name”:”Kumar”, “name”:”Mugunth Kumar”} ?
  • 18. Versioning - Right way • When you deploy API 2.0, your server should still be capable of serving 1.x clients because, unlike a traditional web app, you cannot deploy a native client to all your customers at the same time. • Version your models. Maintain multiple versions of top level models mapping to the same DAO • Respect the “Accept” HTTP Header • URL versioning is clumsy
  • 19. Versioning - Right way • Accept: application/MyApp.MyModel.1.0+json • Your API server should check the “Accept” header and instantiate that version of response top level model. 1.0 in this case. • Fill in your model with information from various tables (de- normalization) • Serialize version 1.0 of your top level model as your response
  • 20. Why version your models? • Ensures that changes to database doesn’t affect the response • The server developer will have complete control over when to deprecate a certain top level model’s version. • That is, if some change made to the database can no longer be meaningfully accommodated into the top-level model, you can deprecate it. • Changes to DB can be done with less impact. This means your server, and hence you startup will be more nimble (and even pivotable) to changes.
  • 21. Don’t do this! $var = mysql_query(“select * from User”); json_encode($var);
  • 23. Caching • Most of you think caching is something that clients should implement • Client has no way to know when to expire or revalidate • Example • User Profile avatar update • A client remembers a profile image for 7 days • Any changes to avatar will not be visible on client for the next 7 days
  • 24. Caching • HTTP 1.1 spec standardizes the following cache control headers • Expiration Model • Expires • Cache-Control • Validation Model • ETag • Last-Modified
  • 25. Caching - Expiration Model location ~ .(jpg|gif|png|ico|jpeg|css|swf)$ { expires 7d; } Expires: <date>
  • 26. Caching - Validation Model • Checksum of the resource • Sent as ETag • Last-Modified (if you database has this info) • Sent as Last-Modified Or Cache-Control
  • 27. Caching - Client validation Important HTTP Headers • IF-MODIFIED-SINCE • IF-NONE-MATCH
  • 28. Caching - Server side implementation • ETag based caching is easy • Hash the top-level-object using any object hashing algorithm • Last-Modified • Server should send data that was new after IF-MODIFIED-SINCE select * from friends becomes, select * from friends where friendedDate > IF-MODIFIED-SINCE
  • 29. Choosing a caching model • All static resources - Expiration model • All dynamic data - Validation model • If dynamic data is a list - Use Last-Modified based validation model • Example - /friends • If dynamic data is a model - use ETag based validation model • Example - /user/<uid>/avatar
  • 30. Resources • Books • REST API Design Rulebook, By Mark Masse http:// shop.oreilly.com/product/0636920021575.do • Web Resources • http://blog.mugunthkumar.com/articles/restful-api-server- doing-it-the-right-way-part-1/ • http://blog.mugunthkumar.com/articles/restful-api-server- doing-it-the-right-way-part-2/
  • 31. Thanks @mugunthkumar ROB NAPIER MUGUNTH KUMAR mugunth@steinlogic.com iostraining.sg iOS 5 PROGRAMMING Available for consulting PUSHING THE LIMITS services Advanced Application Development for Apple iPhone , iPad and iPod Touch ® ® ® iOS App Development API/Server Design Mobile UX
  • 32. iOS Conf SG - 2013 • 31st Jan - Workshop and Hands On • 1st Feb and 2nd Feb - Conference • 15 Awesome Talks by renowned iOS Developers around the World • Join us at @iosdevscout or @iosconfsg • http://facebook.com/groups/iosdevscout/