Basics of API Design and development. After the presentation, we developed a python flask-based app that you use to remind yourself anything via an api https://github.com/oquidave/reminderme

1. API Design & Devp with AT

2. What is an API
Similarly, an API lists a bunch of
operations that developers can use,
along with a description of what they
do.

3. How an API works

4. API protocols and Architecture

5. SOAP
XML used as data format,
- Too verbose on client and
server side
- Still used by banks and
Telcos

6. REST

7. GraphQL

8. HTTP Basics

9. Anatomy of an HTTP Request
- The version of the HTTP protocol.
- Optional headers that convey additional information
for the servers.
- Body, for some methods like POST, similar to those in
responses, which contain the resource sent.

10. Anatomy of an HTTP Response
- HTTP version protocol they follow.
- Status code indicating if the
request has been successful, or
not, and why.
- Status message a
non-authoritative short description
of the status code.
- HTTP headers like those for
requests.
- Optionally a body containing the
fetched resource.

11. Representing Data: REST Data formats
curl -i -u application_name:application_password
--data '{"password": "my_password"}'
http://localhost/myapi/1/auth?username=my_usernam
e --header 'Content-Type: application/json'
--header 'Accept: application/json'

12. API Authentication
- There are three common API
authentication schemes;
- Basic Auth
- API keys
- OAuth

13. Authentication: Basic Authentication
- Basic Auth only requires a
username and password.
- Passed on via Authorization
HTTP header
- Server returns http code 401 to let
client know authorization failed

14. API Key Authentication
- key is usually a long series of letters
and numbers that is distinct from the
account owner's login password
- keys are used simply so the user
does not have to give out their
password
- You can put the key in the
Authorization header or add the key
onto the URL
(http://example.com?api_key=my_se
cret_key)

15. Open Authorization (OAuth)
- Automates key exchange by providing a
standard way for the client to get a key from
server through walking user via simple steps.
- OAuth 2 involves;
- User: Person who wants to connect two
websites they use
- Client: Website that will be granted
access to the user's data
- Server: website that has the user's
data

16. API design basics
- Resources are the nouns of APIs
- Key pointers;
- Decide what resource(s) need to be
available.
- Assign URLs to those resources.
- Decide what actions the client should
be allowed to perform on those
resources.
- Figure out what pieces of data are
required for each action and what
format they should be in.

17. Example Rest API actions & url endpoints

18. API Development & testing tools

19. Try out Africa’s Talking APIs

20. Thank You
David Okwii,
Developer relations, Africa’s talking
dokwi@africastalking.com
@oquidave on Twitter
More cool Resources:
● Api security checklist
https://github.com/shieldfy/API-Security-Checklist
● API best practices:
https://www.vinaysahni.com/best-practices-for-a-prag
matic-restful-api
● Mozilla:
https://developer.mozilla.org/en-US/docs/Web/HTTP/
Overview
● Zapier: https://zapier.com/learn/apis/