18. Example: Mobile
Conference AppSign In To
The
Conference
/token
See What
Colleagues
Are Here
/users/me/friends
What sessions
should I
attend?
/sessions
19. Example: Mobile
Conference AppRSVP to
sessions
Ask
Questions
/users/me/sessions
Check-in at
a Session
/users/me/activities /sessions/23/questions
We’ve seen a lot of different API projects, but trend is to power apps
We power the APIs of a bunch of large enterprises, such as Walgreens, Best Buy, Dell, Pearson, etc. These companies use internal and external developers to create awesome products. Ed, out of all of our customers, why did you pick these?
We’ve seen a lot of different API projects, but trend is to power apps
Main Points: Business has moved from the web browser to the growing number of devices that we interact with daily and your business needs to be there Business Points: Same as above Tech Points: Its important to streamline how you support this explosion of devices where business is growing Sequential Story : Establish the need and urgency for business to be in the App Economy Script: So what is the implication of this technology to business? In the late 90’s the web browser was the edge of business interaction, where customers would interact with business in a new online channel. Today that channel has become ubiquitous in our lives moving to the many devices that we interact with daily. You can look at this as the convergence of 3 transformations: Cultural – customers to mobile devices with the expectations that it delivers Business – the differentiator is data, and enterprise data needs to follow to where customers are Technology – new devices and places to interact require moving the data and business support to these devices Apigee technology manages the flow of that data. It secures it, transforms it and enables you to determine who you provide what to and how. We will talk more about this later.
So, is APIs all about Mobile Seems that way The A in API stands for Application, or Apps. And the story of mobile is the story of Apps.
- Server to Server 500M - Server to Device 10B (8.7B) - 2 orders of magnitude difference - Internet of Everything, etc. is the Internet of APIs
My math is probably way bad - 1.5 million apps - 150 times a day - 2 Billion active smartphones in use globally (1.82B) - 300B API calls a day? 3500 requests per second
Major types of functionality is driven by API-powered features
We talk about a bunch of features to provide those, and these are APIs
Mobile is about delivering rich interaction from client apps running on the device with services and data on-demand from the cloud Tim Macauley, sr director of mobile at walgreens "“Engaged customers have a higher satisfaction and spend more,” customers who spend online, in-store and via mobile spend at a level six times higher.
So how is building apps against API’s different for app development and API development?
We can look at apple provided services, or apigee provided services to quickly build great data driven apps that users love. You can reach out to them with push notifications, give them contextually aware information using geolocation, have them setup profiles with user management, keep their data secure, work with files and pictures, or even build your own social graph! Apigee enables you to do all of this!
Architecture is quite a bit different
2 tier architecture – the return of client/server Web is now just another client – HTML5/JS is the new web Sometimes a lot of the logic sits in the app New ways to build these things
By using a lightweight library you can use API calls to Create, Read, Update, and Delete data with ease. The backend manages access and security through it ’ s API, and the server infrastructure make ’ s sure your data is backed up and safe.
Building clients that use APIs is different than the server to server stuff
- most mobile devs think in terms of SDKs Last mile problem? Code not calls. - most device languages are static (class based) - except Javascript/HTML5 (PhoneGap, Appcelerator, etc.) - asynchronous (and now background)
Security issues
- Security - Identity (OAuth, sign in with FB, etc.) - Untrusted Device (extract keys out of app packages) - Untrusted Network (mitmproxy - Game Center, Path, etc.)
Making API calls is different than usual request response
- batching and MQs - failures (transactions - idempotent, buy two tickets?)
Lots of things go wrong
Not always clear where to start Timeouts – things that work on your laptop on a stable connection will timeout when you’re going from 3G to LTE on the Caltrain Headers – some devices might change them, frameworks might not send them Auth issues are very thorny Need to log everything that goes into the API call or use a gateway