rest api integration considerations
TRANSCRIPT
![Page 1: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/1.jpg)
PayM8 Tech EdAPI Integration Considerations
![Page 2: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/2.jpg)
Why this session?
• Go through Web API as a integration technology
• Get face to face feedback and initiate dialog on integration• What would you as integrators like to see in our API’s• Discuss best practices and integration strategies
• Get our hands dirty with integration with lab session were we will try out REST Services and play Rock Paper Scissors against each other.
![Page 3: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/3.jpg)
Integration Strategy
Integration TechnologiesSecurity
Versioning
Automatic Documentation
Structure
Error Handling
Tools
![Page 4: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/4.jpg)
Integration Technologies
Web Services
Web API
Sockets / SFTP / Message Queues
Google Trends
![Page 5: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/5.jpg)
SOAP vs. REST
Advantages
Disadvantages
• More out of the box protocol support (TCP, HTTP, etc.)
• Security and Authorization is part of the protocol
• Fully contractible using WSDL
• Open Web / OCP Friendly• Simple in design• Easily return multiple formats (XML,
JSON, etc.)
• Need to build in Security• Out of the box support for HTTP
only
• Uses more bandwidth for meta data than REST over JSON
• More complex from scripting languages
![Page 6: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/6.jpg)
REST Resources
Resource
POST GET PUT DELETE PATCH
Single api/dogs/{dog} api/dogs/{id} api/dogs/{id}Body {dog}
api/dogs/{id} api/dogs/{id}Body {dog}
List api/dogsBody [{dog},{dog}]
api/dogs api/dogsBody [{dog},{dog}]
api/dogs api/dogsBody [{dog},{dog}]
Hide complexity behind ? with optional parameters:
GET api/v01/dogs?name={name}&breed={breed}
• Expose Resources not Services (E.g. Noun not verb)• Pluralized names in Lower Camel Case• Resources exposed in CRUD for single and list
![Page 7: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/7.jpg)
Integration ToolsPostman
SOAPUI
![Page 8: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/8.jpg)
Automatic Documentation
Web API Help Page
Swagger
![Page 9: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/9.jpg)
Versioning
HeaderURL
ParameterCustom Header / Accept Header Not suggested
http://domain/api/sample/dogs
http://domain/api/v01/dogs
http://domain/api/v02/dogsBackwards compatible last 2x versions
![Page 10: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/10.jpg)
Error Handling
• Standard Response Object• Using specific applicable HTTP result codes• Tokenized Error Handling
Code Description
200 OK / Success
400 Bad Request
401 Un Authorized
404 Not Found
405 *(REST) Method Not Allowed
500 Internal Server Error
![Page 11: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/11.jpg)
Security
OAuthBasic Auth
Digest AuthOpen standard for authorization
Commonly used against Google/Facebook Username Password (Base64 encoded)Username Password (Nonce Hashed)
2048 TLS thawte encryption
*For non public integration Services/API’s IP whitelisting will be considered
![Page 12: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/12.jpg)
Q & A
![Page 13: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/13.jpg)
Pre Lab BriefingPayM8 Developer Team (Ask us question, flag us if you have any problems or feel free to just talk about tech)
• Get connected against Wireless (AlwaysOn – And register) *Limited to 100mb• Group into teams (4-6 people) and choose a Team Name• Get development environment right (.NET, PHP, Java) or ask for VM
• Get the Rock Paper Source Code (https://github.com/lost441/RockPapaer)• Get the right consumer running (.NET, PHP or JAVA)
Kempen Marius David Mpho Lindile Ewald
![Page 14: REST API Integration Considerations](https://reader036.vdocuments.us/reader036/viewer/2022062401/58f00f551a28ab81588b456d/html5/thumbnails/14.jpg)
Rock Paper Scissors Briefing
1. Every team should have a working API consumer (.NET, PHP or JAVA)
2. By default the consumer will play random hand, this need to be changed to do the following• Call game history (rounds) – Use this to seed you play hand logic• Remove random hand play and implement a custom algorithm to
choose a hand to play
3. Play against each other in elimination rounds to find the best team