Build APIs You Won't Hate cover page

Build APIs You Won't Hate

Build APIs You Won't Hate

Everyone and their dog wants an API, so you should probably learn how to build them.

Tasked with building an API for your company but don't have a clue where to start? Taken over an existing API and hate it? Built your own API and still hate it? This book is for you.
Build APIs You Won't Hate Edit
This book is 100% complete


About the Book

API development is becoming increasingly common for server-side developers thanks to the rise of front-end JavaScript frameworks, iPhone applications, and API-centric architectures. It might seem like grabbing stuff from a data source and shoving it out as JSON would be easy, but surviving changes in business logic, database schema updates, new features, or deprecated endpoints can be a nightmare.

After finding many of the existing resources for API development to be lacking, Phil learned a lot of things the hard way through years of trial and error. This book aims to condense that experience, taking examples and explanations further than the trivial apples and pears nonsense tutorials often provide.

Phil worked primarily as an API developer for the last three years. One horror was managing an API built in FuelPHP by a freelancer at the million dollar startup he joined. It was utilizing a then deprecated ORM which had been hacked to death by the previous developer, so took the time to delete that mess and build the next version in Laravel, leveraging it's simple routing, database migrations, schema, seeding, etc. When the following major version of the API was built no rewrite was required, and both managed to live side-by-side on the same "API" servers.

By passing on some best practices and general good advice you can hit the ground running with API development, combined with some horror stories and how they were overcome/avoided/averted. This book will discuss the theory of designing and building APIs in any language or framework, with this theory applied in PHP-based examples.

Some of the more advanced topics covered here are endpoint testing, embedding data objects in a consistent and scalable manner, paginating responses (including embedded objects) and hypermedia "HATEOAS" controls.

Read more

Table of Contents

  • Introduction
  • Sample Code
  • 1. Useful Database Seeding
    • 1.1 Introduction
    • 1.2 Introduction to Database Seeding
    • 1.3 Building Seeders
    • 1.4 That is about it
    • 1.5 Secondary Data
    • 1.6 When to run this?
  • 2. Planning and Creating Endpoints
    • 2.1 Functional Requirements
    • 2.2 Endpoint Theory
    • 2.3 Planning Endpoints
  • 3. Input and Output Theory
    • 3.1 Introduction
    • 3.2 Requests
    • 3.3 Responses
    • 3.4 Supporting Formats
    • 3.5 Content Structure
  • 4. Status Codes, Errors and Messages
    • 4.1 Introduction
    • 4.2 HTTP Status Codes
    • 4.3 Error Codes and Error Messages
    • 4.4 Error or Errors
    • 4.5 Standards for Error Responses
    • 4.6 Common Pitfalls
  • 5. Endpoint Testing
    • 5.1 Introduction
    • 5.2 Concepts & Tools
    • 5.3 Setup
    • 5.4 Initialise
    • 5.5 Features
    • 5.6 Scenarios
    • 5.7 Prepping Behat
    • 5.8 Running Behat
  • 6. Outputting Data
    • 6.1 Introduction
    • 6.2 The Direct Approach
    • 6.3 Transformations with Fractal
    • 6.4 Hiding Schema Updates
    • 6.5 Outputting Errors
    • 6.6 Testing this Output
    • 6.7 Homework
  • 7. Data Relationships
    • 7.1 Introduction
    • 7.2 Subresources
    • 7.3 Foreign Key Arrays
    • 7.4 Compound Documents (aka Sideloading)
    • 7.5 Embedded Documents (aka Nesting)
    • 7.6 Summary
  • 8. Debugging
    • 8.1 Introduction
    • 8.2 Command-line Debugging
    • 8.3 Browser Debugging
    • 8.4 Network Debugging
  • 9. Authentication
    • 9.1 Introduction
    • 9.2 When is Authentication Useful?
    • 9.3 Different Approaches to Authentication
    • 9.4 Implementing an OAuth 2.0 Server
    • 9.5 Where the OAuth 2.0 Server Lives
    • 9.6 Understanding OAuth 2.0 Grant Types
  • 10. Pagination
    • 10.1 Introduction
    • 10.2 Paginators
    • 10.3 Offsets and Cursors
  • 11. Documentation
    • 11.1 Introduction
    • 11.2 Types of Documentation
    • 11.3 Picking a Tool
    • 11.4 Setting up API Blueprint and Aglio
    • 11.5 Learning API Blueprint Syntax
    • 11.6 Further Reading
  • 12. HATEOAS
    • 12.1 Introduction
    • 12.2 Content Negotiation
    • 12.3 Hypermedia Controls
  • 13. API Versioning
    • 13.1 Introduction
    • 13.2 Different Approaches to API Versioning
    • 13.3 Ask Your Users
  • 14. Bonus Chapter: File Uploads & Downloads
    • 14.1 Introduction
    • 14.3 Uploads
    • 14.4 Why Multipart is Fairly Awful
    • 14.5 Method A: Direct File Upload
    • 14.6 Method B: Upload from URL
    • 14.7 What about Meta Data?
    • 14.8 Summary
  • Conclusion
  • Further Reading
    • API Web Resources
    • Non-API Books

Read More

About the Author

About the Contributors


Alex Biblie

Technical Review

Alex knows his stuff about APIs. Previously working at the University of Lincoln he used to build out OAuth-based APIs for them. Then he moved to @VideoGamerCom and is doing the same for them, at a very high level. Alex also created the OAuth 2 PHP Server used in the later chapters, so is the perfect person to help out with technical review.

Read more


Ashley Hockney


Ashley is an absolute champion of an editor. She has gone through my book a bunch of times, pointing out all my grammatical flaws with a big red marker, getting the book up to scratch enough for it to go to print!

Read more


Ben Corlett

Cameo Coder

Ben helps out at Kapture now and then as a freelancer and took care of our original Behat testing. I gave him the vague plan for how I would like our Behat tests to run and he coded it up. He is responsible for the majority of the FeatureContext.php bundled in the Sample Code.

Read more

Causes Supported

Electronic Frontier Foundation

Defending your civil liberties in a digital world.

Based in San Francisco, EFF is a donor-supported membership organization working to protect fundamental rights regardless of technology.

From the Internet to the iPod, technologies are transforming our society and empowering us as speakers, citizens, creators, and consumers. When our freedoms in the networked world come under attack, the Electronic Frontier Foundation (EFF) is the first line of defense. EFF broke new ground when it was founded in 1990—well before the Internet was on most people's radar—and continues to confront cutting-edge issues defending free speech, privacy, innovation, and consumer rights today. From the beginning, EFF has championed the public interest in every critical battle affecting digital rights.

The Leanpub Unconditional, No Risk, 100% Happiness Guarantee

Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks. We process the refunds manually, so they may take a few days to show up.
See full terms