SlideShare ist ein Scribd-Unternehmen logo

Your API is not a Website!

Als PPTX, PDF herunterladen
Apigee | Google Cloud
Apigee | Google Cloud
TechnologieDesign
1 von 27
Your API is not a Website! 9.15.11 @ 11:05 PST VOIP or Dial-in (see chat) Greg Brail @gbrail Brian Pagano@brianpagano
@brianpagano @gbrail
API Workshop Webinar Series (videos & slides at http://blog.apigee.com/taglist/webinar) Mapping out your API Strategy Pragmatic REST: API Design Fu 10 Patterns in Successful API Programs What to Measure: API Analytics Is your API Naked? API Tech & Operations Does your API need PCI? (Compliance) Developers Hate Marketing: Driving API Adoption OAuth: The Big Picture “Boss, we need an API” Your API is not a Website!
Setup APIs seem at first like web sites without images. On deeper inspection that’s not the case! Examining the differences is a great discussion on API technology.
But first, how are APIs and Websites the same?
Image by caseymultimedia
How are APIs and Websites the same? 24x7 operations
How are APIs and Websites the same? 24x7 operations Frequent deployment
How are APIs and Websites the same? 24x7 operations Frequent deployment Fast expectations On the Internet this is not news. But inside corporate IT, it is a new way of life! This is the case for public and private APIs.
So how are they different?
Image by lindzstrom
How are APIs and Websites different? Audience Longevity Analytics Security Integration Testability
Audience Websites are used by humans APIs are used by programmers. Programmers, in turn, make apps for humans. image by maanow
Why does this matter? Developers don’t care about images, fonts, colors, and other design elements. Developers do care about the “look and feel” of the API itself. Is it easy to develop to? Does it use REST appropriately? (according to their own definition of “REST”) Does it make me do anything weird? Does it work? Is it down a lot?
Longevity Web sites change all the time. APIs must remain compatible over time. image by wilhelmja
Why Does this Matter? Humans are fairly resilient to change We may complain… …but when a site design changes, we (usually) adapt Programs are not resilient to change Developers don’t want to re-write Old apps might not have developers any more Users don’t install updates right away
Analytics Most web analytics depend on the browser. API clients might not be browsers at all!
Why Does this Matter? API analytics can’t rely on: JavaScript that runs on the client “Beacon” URLs that get downloaded all the time Cookies the client must return API clients just don’t do these things - especially when built by 3rd parties You need to embed analytics on the server. Use what is sent in the request and only that
Security Web sites can be scraped carefully. APIs are extremely easy to “scrape” and automate. APIs and web sites need different types of security. OAuth for APIs, passwords for web sites, SSL for both!
Why Does this Matter? Since APIs are so easy to program, they are easy to ‘do damage.’ Try to crack passwords using an API Download a company’s whole product catalog Book a whole bunch of flights to mess with pricing Rate limits and quotas are essential.
Why Else Does this Matter? Passwords are lousy for public APIs. They propagate to lots of sites that use the APIs They propagate to devices that use the APIs Consider OAuth for these cases
Integration Web sites can pull content from all over. APIs sit in one place.
Why Does this Matter? The architecture is just different. Websites can include scripts, gadgets, and images from all over the web APIs can’t – developers expect a few API calls to do it all But you can pull things together on the server side…
Testability Automated web site testing is hard. Automated API testing is easier.
Why Does this Matter? Any API needs to: Change quickly Remain compatible Perform consistently How do you ensure this? Test early and test often Automated regression testing is the key A good API should make this EASY
Conclusion A great API is not the same as a great web site. A great API is: Fast-moving, yet it never breaks the apps Reliable, stable, and fast Easy to understand and program to Secure and resilient to failure You need both.
THANK YOU Questions and ideas to: @apigee @gbrail @brianpagano

Empfohlen

Are you ready to adopt GraphQL?
Are you ready to adopt GraphQL?Are you ready to adopt GraphQL?
Are you ready to adopt GraphQL?
Siva Prasad Rao Janapati
 
Building REST APIs that don't suck for modern day SPAs
Building REST APIs that don't suck for modern day SPAsBuilding REST APIs that don't suck for modern day SPAs
Building REST APIs that don't suck for modern day SPAs
Abati Adewale
 
Reark : a Reference Architecture for Android using RxJava
Reark : a Reference Architecture for Android using RxJavaReark : a Reference Architecture for Android using RxJava
Reark : a Reference Architecture for Android using RxJava
Futurice
 
Clickslide Datadipity Beta V1
Clickslide Datadipity Beta V1Clickslide Datadipity Beta V1
Clickslide Datadipity Beta V1
Gabriel Ortiz
 
Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"
Postman
 
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
John Musser
 
Postman Visualizer Webinar Slides
Postman Visualizer Webinar SlidesPostman Visualizer Webinar Slides
Postman Visualizer Webinar Slides
Postman
 
Drive API Adoption: Reach Over 13 Million Developers
Drive API Adoption: Reach Over 13 Million DevelopersDrive API Adoption: Reach Over 13 Million Developers
Drive API Adoption: Reach Over 13 Million Developers
Postman
 

Empfohlen

Are you ready to adopt GraphQL?
Are you ready to adopt GraphQL?Are you ready to adopt GraphQL?
Are you ready to adopt GraphQL?
Siva Prasad Rao Janapati
 
Building REST APIs that don't suck for modern day SPAs
Building REST APIs that don't suck for modern day SPAsBuilding REST APIs that don't suck for modern day SPAs
Building REST APIs that don't suck for modern day SPAs
Abati Adewale
 
Reark : a Reference Architecture for Android using RxJava
Reark : a Reference Architecture for Android using RxJavaReark : a Reference Architecture for Android using RxJava
Reark : a Reference Architecture for Android using RxJava
Futurice
 
Clickslide Datadipity Beta V1
Clickslide Datadipity Beta V1Clickslide Datadipity Beta V1
Clickslide Datadipity Beta V1
Gabriel Ortiz
 
Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"
Postman
 
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
John Musser
 
Postman Visualizer Webinar Slides
Postman Visualizer Webinar SlidesPostman Visualizer Webinar Slides
Postman Visualizer Webinar Slides
Postman
 
Drive API Adoption: Reach Over 13 Million Developers
Drive API Adoption: Reach Over 13 Million DevelopersDrive API Adoption: Reach Over 13 Million Developers
Drive API Adoption: Reach Over 13 Million Developers
Postman
 
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
Sauce Labs
 
Why APIs Call for 2xs the DevOps
Why APIs Call for 2xs the DevOpsWhy APIs Call for 2xs the DevOps
Why APIs Call for 2xs the DevOps
Postman
 
Infinum - Building API based apps without an API
Infinum - Building API based apps without an APIInfinum - Building API based apps without an API
Infinum - Building API based apps without an API
Infinum
 
How to pass a coding interview as an automation developer talk - Oct 17 2016
How to pass a coding interview as an automation developer talk - Oct 17 2016How to pass a coding interview as an automation developer talk - Oct 17 2016
How to pass a coding interview as an automation developer talk - Oct 17 2016
Thomas F. "T.J." Maher Jr.
 
Webinar: “Introduction to the Postman API Network”
Webinar: “Introduction to the Postman API Network”Webinar: “Introduction to the Postman API Network”
Webinar: “Introduction to the Postman API Network”
Postman
 
Pepperoni 2.0 - How to spice up your mobile apps
Pepperoni 2.0 - How to spice up your mobile apps Pepperoni 2.0 - How to spice up your mobile apps
Pepperoni 2.0 - How to spice up your mobile apps
Futurice
 
Welcome Note by Abhinav Asthana, CEO at Postman
Welcome Note by Abhinav Asthana, CEO at PostmanWelcome Note by Abhinav Asthana, CEO at Postman
Welcome Note by Abhinav Asthana, CEO at Postman
Postman
 
Why You Need a Developer Relations Team for Your API
Why You Need a Developer Relations Team for Your APIWhy You Need a Developer Relations Team for Your API
Why You Need a Developer Relations Team for Your API
Postman
 
State of the API: Insights Into the Future of APIs
State of the API: Insights Into the Future of APIsState of the API: Insights Into the Future of APIs
State of the API: Insights Into the Future of APIs
Postman
 
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Kin Lane
 
API Security with Postman and Qualys
API Security with Postman and QualysAPI Security with Postman and Qualys
API Security with Postman and Qualys
Postman
 
Emulators as an Emerging Best Practice for API providers
Emulators as an Emerging Best Practice for API providersEmulators as an Emerging Best Practice for API providers
Emulators as an Emerging Best Practice for API providers
Postman
 
Enterprise ecommerce-webinar 1
Enterprise ecommerce-webinar 1Enterprise ecommerce-webinar 1
Enterprise ecommerce-webinar 1
Postman
 
Scaling API Design - Nordic APIs 2014
Scaling API Design - Nordic APIs 2014Scaling API Design - Nordic APIs 2014
Scaling API Design - Nordic APIs 2014
Jason Harmon
 
Scaling API Design
Scaling API DesignScaling API Design
Scaling API Design
Jason Harmon
 
Native iphone app test automation with appium
Native iphone app test automation with appiumNative iphone app test automation with appium
Native iphone app test automation with appium
James Eisenhauer
 
Response Visualizations in Postman
Response Visualizations in PostmanResponse Visualizations in Postman
Response Visualizations in Postman
Postman
 
POST/CON Keynote 2019
POST/CON Keynote 2019POST/CON Keynote 2019
POST/CON Keynote 2019
Postman
 
Postman for Enterprises
Postman for EnterprisesPostman for Enterprises
Postman for Enterprises
Postman
 
Common Security API Issues and How to Mitigate Them Using Postman
Common Security API Issues and How to Mitigate Them Using PostmanCommon Security API Issues and How to Mitigate Them Using Postman
Common Security API Issues and How to Mitigate Them Using Postman
Postman
 
SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services
Apigee | Google Cloud
 
On the shoulders of giants Learning About API Design by Looking Backwards
On the shoulders of giants Learning About API Design by Looking Backwards On the shoulders of giants Learning About API Design by Looking Backwards
On the shoulders of giants Learning About API Design by Looking Backwards
CA API Management
 

Weitere ähnliche Inhalte

Was ist angesagt?

10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
Sauce Labs
 
Infinum - Building API based apps without an API
Infinum - Building API based apps without an APIInfinum - Building API based apps without an API
Infinum - Building API based apps without an API
Infinum
 
Pepperoni 2.0 - How to spice up your mobile apps
Pepperoni 2.0 - How to spice up your mobile apps Pepperoni 2.0 - How to spice up your mobile apps
Pepperoni 2.0 - How to spice up your mobile apps
Futurice
 
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Kin Lane
 
Emulators as an Emerging Best Practice for API providers
Emulators as an Emerging Best Practice for API providersEmulators as an Emerging Best Practice for API providers
Emulators as an Emerging Best Practice for API providers
Postman
 
Native iphone app test automation with appium
Native iphone app test automation with appiumNative iphone app test automation with appium
Native iphone app test automation with appium
James Eisenhauer
 

Was ist angesagt? (20)

10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
10x Test Coverage, Less Drama: Shift Left Functional & Performance Testing
 
Why APIs Call for 2xs the DevOps
Why APIs Call for 2xs the DevOpsWhy APIs Call for 2xs the DevOps
Why APIs Call for 2xs the DevOps
 
Infinum - Building API based apps without an API
Infinum - Building API based apps without an APIInfinum - Building API based apps without an API
Infinum - Building API based apps without an API
 
How to pass a coding interview as an automation developer talk - Oct 17 2016
How to pass a coding interview as an automation developer talk - Oct 17 2016How to pass a coding interview as an automation developer talk - Oct 17 2016
How to pass a coding interview as an automation developer talk - Oct 17 2016
 
Webinar: “Introduction to the Postman API Network”
Webinar: “Introduction to the Postman API Network”Webinar: “Introduction to the Postman API Network”
Webinar: “Introduction to the Postman API Network”
 
Pepperoni 2.0 - How to spice up your mobile apps
Pepperoni 2.0 - How to spice up your mobile apps Pepperoni 2.0 - How to spice up your mobile apps
Pepperoni 2.0 - How to spice up your mobile apps
 
Welcome Note by Abhinav Asthana, CEO at Postman
Welcome Note by Abhinav Asthana, CEO at PostmanWelcome Note by Abhinav Asthana, CEO at Postman
Welcome Note by Abhinav Asthana, CEO at Postman
 
Why You Need a Developer Relations Team for Your API
Why You Need a Developer Relations Team for Your APIWhy You Need a Developer Relations Team for Your API
Why You Need a Developer Relations Team for Your API
 
State of the API: Insights Into the Future of APIs
State of the API: Insights Into the Future of APIsState of the API: Insights Into the Future of APIs
State of the API: Insights Into the Future of APIs
 
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
Enterprise E-commerce Webinar Series, Episode 2: Deploying and Monitoring You...
 
API Security with Postman and Qualys
API Security with Postman and QualysAPI Security with Postman and Qualys
API Security with Postman and Qualys
 
Emulators as an Emerging Best Practice for API providers
Emulators as an Emerging Best Practice for API providersEmulators as an Emerging Best Practice for API providers
Emulators as an Emerging Best Practice for API providers
 
Enterprise ecommerce-webinar 1
Enterprise ecommerce-webinar 1Enterprise ecommerce-webinar 1
Enterprise ecommerce-webinar 1
 
Scaling API Design - Nordic APIs 2014
Scaling API Design - Nordic APIs 2014Scaling API Design - Nordic APIs 2014
Scaling API Design - Nordic APIs 2014
 
Scaling API Design
Scaling API DesignScaling API Design
Scaling API Design
 
Native iphone app test automation with appium
Native iphone app test automation with appiumNative iphone app test automation with appium
Native iphone app test automation with appium
 
Response Visualizations in Postman
Response Visualizations in PostmanResponse Visualizations in Postman
Response Visualizations in Postman
 
POST/CON Keynote 2019
POST/CON Keynote 2019POST/CON Keynote 2019
POST/CON Keynote 2019
 
Postman for Enterprises
Postman for EnterprisesPostman for Enterprises
Postman for Enterprises
 
Common Security API Issues and How to Mitigate Them Using Postman
Common Security API Issues and How to Mitigate Them Using PostmanCommon Security API Issues and How to Mitigate Them Using Postman
Common Security API Issues and How to Mitigate Them Using Postman
 

Ähnlich wie Your API is not a Website!

SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services
Apigee | Google Cloud
 
I Love APIs 2015: Create Design-driven APIs with Node.js and Swagger
I Love APIs 2015: Create Design-driven APIs with Node.js and SwaggerI Love APIs 2015: Create Design-driven APIs with Node.js and Swagger
I Love APIs 2015: Create Design-driven APIs with Node.js and Swagger
Apigee | Google Cloud
 
Pain Points In API Development? They’re Everywhere
Pain Points In API Development? They’re EverywherePain Points In API Development? They’re Everywhere
Pain Points In API Development? They’re Everywhere
Nordic APIs
 

Ähnlich wie Your API is not a Website! (20)

SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services SOA in the API World - Facades, Transactions, Stateless Services
SOA in the API World - Facades, Transactions, Stateless Services
 
On the shoulders of giants Learning About API Design by Looking Backwards
On the shoulders of giants Learning About API Design by Looking Backwards On the shoulders of giants Learning About API Design by Looking Backwards
On the shoulders of giants Learning About API Design by Looking Backwards
 
Huge: Running an API at Scale
Huge: Running an API at ScaleHuge: Running an API at Scale
Huge: Running an API at Scale
 
Creating Datadipity
Creating DatadipityCreating Datadipity
Creating Datadipity
 
Practical guide to building public APIs
Practical guide to building public APIsPractical guide to building public APIs
Practical guide to building public APIs
 
The API and APP-ification of the Web
The API and APP-ification of the WebThe API and APP-ification of the Web
The API and APP-ification of the Web
 
Your API is your Product - Arun Ravindran, Unisys
Your API is your Product - Arun Ravindran, UnisysYour API is your Product - Arun Ravindran, Unisys
Your API is your Product - Arun Ravindran, Unisys
 
Understanding API Architectures: Web API vs. Minimal API – An In-Depth Compar...
Understanding API Architectures: Web API vs. Minimal API – An In-Depth Compar...Understanding API Architectures: Web API vs. Minimal API – An In-Depth Compar...
Understanding API Architectures: Web API vs. Minimal API – An In-Depth Compar...
 
API Product Opportunity Responsibility Nicolas Sierro 2015.pptx
API Product Opportunity Responsibility Nicolas Sierro 2015.pptxAPI Product Opportunity Responsibility Nicolas Sierro 2015.pptx
API Product Opportunity Responsibility Nicolas Sierro 2015.pptx
 
Best practices for API Integration - Bearer.sh
Best practices for API Integration - Bearer.shBest practices for API Integration - Bearer.sh
Best practices for API Integration - Bearer.sh
 
Pitney Bowes Uses Development and Testing Tools to Drive Early API Developmen...
Pitney Bowes Uses Development and Testing Tools to Drive Early API Developmen...Pitney Bowes Uses Development and Testing Tools to Drive Early API Developmen...
Pitney Bowes Uses Development and Testing Tools to Drive Early API Developmen...
 
I Love APIs 2015: Create Design-driven APIs with Node.js and Swagger
I Love APIs 2015: Create Design-driven APIs with Node.js and SwaggerI Love APIs 2015: Create Design-driven APIs with Node.js and Swagger
I Love APIs 2015: Create Design-driven APIs with Node.js and Swagger
 
Pain Points In API Development? They’re Everywhere
Pain Points In API Development? They’re EverywherePain Points In API Development? They’re Everywhere
Pain Points In API Development? They’re Everywhere
 
apidays LIVE Jakarta - What will the next generation of API Portals look like...
apidays LIVE Jakarta - What will the next generation of API Portals look like...apidays LIVE Jakarta - What will the next generation of API Portals look like...
apidays LIVE Jakarta - What will the next generation of API Portals look like...
 
Things you must know on ruby on rails single page application
Things you must know on ruby on rails single page applicationThings you must know on ruby on rails single page application
Things you must know on ruby on rails single page application
 
The Next Step to Build Better APIs — Consistent Data Structure
The Next Step to Build Better APIs — Consistent Data StructureThe Next Step to Build Better APIs — Consistent Data Structure
The Next Step to Build Better APIs — Consistent Data Structure
 
API-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & IntegrationAPI-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & Integration
 
Web API Design
Web API DesignWeb API Design
Web API Design
 
Web API Design: Crafting Interfaces that Developers Love
Web API Design: Crafting Interfaces that Developers LoveWeb API Design: Crafting Interfaces that Developers Love
Web API Design: Crafting Interfaces that Developers Love
 
Auckland API & Microservices Meetup 1: API led design
Auckland API & Microservices Meetup 1: API led designAuckland API & Microservices Meetup 1: API led design
Auckland API & Microservices Meetup 1: API led design
 

Mehr von Apigee | Google Cloud

Mehr von Apigee | Google Cloud (20)

How Secure Are Your APIs?
How Secure Are Your APIs?How Secure Are Your APIs?
How Secure Are Your APIs?
 
Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)
 
Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
 
Ticketmaster at a glance
Ticketmaster at a glanceTicketmaster at a glance
Ticketmaster at a glance
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First World
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management Market
 
Walgreens at a glance
Walgreens at a glanceWalgreens at a glance
Walgreens at a glance
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices Deployments
 
Pitney Bowes at a glance
Pitney Bowes at a glancePitney Bowes at a glance
Pitney Bowes at a glance
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices Success
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet Kapoor
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg Brail
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant Jhingran
 
London Adapt or Die: Opening Keynot
London Adapt or Die: Opening KeynotLondon Adapt or Die: Opening Keynot
London Adapt or Die: Opening Keynot
 
London Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynoteLondon Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynote
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!
 

Kürzlich hochgeladen

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Kürzlich hochgeladen (20)

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Your API is not a Website!

  • 1. Your API is not a Website! 9.15.11 @ 11:05 PST VOIP or Dial-in (see chat) Greg Brail @gbrail Brian Pagano@brianpagano
  • 3. API Workshop Webinar Series (videos & slides at http://blog.apigee.com/taglist/webinar) Mapping out your API Strategy Pragmatic REST: API Design Fu 10 Patterns in Successful API Programs What to Measure: API Analytics Is your API Naked? API Tech & Operations Does your API need PCI? (Compliance) Developers Hate Marketing: Driving API Adoption OAuth: The Big Picture “Boss, we need an API” Your API is not a Website!
  • 4. Setup APIs seem at first like web sites without images. On deeper inspection that’s not the case! Examining the differences is a great discussion on API technology.
  • 5. But first, how are APIs and Websites the same?
  • 7. How are APIs and Websites the same? 24x7 operations
  • 8. How are APIs and Websites the same? 24x7 operations Frequent deployment
  • 9. How are APIs and Websites the same? 24x7 operations Frequent deployment Fast expectations On the Internet this is not news. But inside corporate IT, it is a new way of life! This is the case for public and private APIs.
  • 10. So how are they different?
  • 12. How are APIs and Websites different? Audience Longevity Analytics Security Integration Testability
  • 13. Audience Websites are used by humans APIs are used by programmers. Programmers, in turn, make apps for humans. image by maanow
  • 14. Why does this matter? Developers don’t care about images, fonts, colors, and other design elements. Developers do care about the “look and feel” of the API itself. Is it easy to develop to? Does it use REST appropriately? (according to their own definition of “REST”) Does it make me do anything weird? Does it work? Is it down a lot?
  • 15. Longevity Web sites change all the time. APIs must remain compatible over time. image by wilhelmja
  • 16. Why Does this Matter? Humans are fairly resilient to change We may complain… …but when a site design changes, we (usually) adapt Programs are not resilient to change Developers don’t want to re-write Old apps might not have developers any more Users don’t install updates right away
  • 17. Analytics Most web analytics depend on the browser. API clients might not be browsers at all!
  • 18. Why Does this Matter? API analytics can’t rely on: JavaScript that runs on the client “Beacon” URLs that get downloaded all the time Cookies the client must return API clients just don’t do these things - especially when built by 3rd parties You need to embed analytics on the server. Use what is sent in the request and only that
  • 19. Security Web sites can be scraped carefully. APIs are extremely easy to “scrape” and automate. APIs and web sites need different types of security. OAuth for APIs, passwords for web sites, SSL for both!
  • 20. Why Does this Matter? Since APIs are so easy to program, they are easy to ‘do damage.’ Try to crack passwords using an API Download a company’s whole product catalog Book a whole bunch of flights to mess with pricing Rate limits and quotas are essential.
  • 21. Why Else Does this Matter? Passwords are lousy for public APIs. They propagate to lots of sites that use the APIs They propagate to devices that use the APIs Consider OAuth for these cases
  • 22. Integration Web sites can pull content from all over. APIs sit in one place.
  • 23. Why Does this Matter? The architecture is just different. Websites can include scripts, gadgets, and images from all over the web APIs can’t – developers expect a few API calls to do it all But you can pull things together on the server side…
  • 24. Testability Automated web site testing is hard. Automated API testing is easier.
  • 25. Why Does this Matter? Any API needs to: Change quickly Remain compatible Perform consistently How do you ensure this? Test early and test often Automated regression testing is the key A good API should make this EASY
  • 26. Conclusion A great API is not the same as a great web site. A great API is: Fast-moving, yet it never breaks the apps Reliable, stable, and fast Easy to understand and program to Secure and resilient to failure You need both.
  • 27. THANK YOU Questions and ideas to: @apigee @gbrail @brianpagano

Hinweis der Redaktion

  1. Creative Commons Attribution-Share Alike 3.0 United States License