Build APIs You Won't Hate
Minimum price
Suggested price

Build APIs You Won't Hate

Everyone and their dog wants an API, so you should probably learn how to build them.

About the Book

API development is becoming increasingly common for server-side developers thanks to the rise of front-end JavaScript frameworks, iPhone applications, and API-centric architectures. It might seem like grabbing stuff from a data source and shoving it out as JSON would be easy, but surviving changes in business logic, database schema updates, new features, or deprecated endpoints can be a nightmare.

After finding many of the existing resources for API development to be lacking, Phil learned a lot of things the hard way through years of trial and error. This book aims to condense that experience, taking examples and explanations further than the trivial apples and pears nonsense tutorials often provide.

Phil worked primarily as an API developer for the last three years. One horror was managing an API built in FuelPHP by a freelancer at the million dollar startup he joined. It was utilizing a then deprecated ORM which had been hacked to death by the previous developer, so took the time to delete that mess and build the next version in Laravel, leveraging it's simple routing, database migrations, schema, seeding, etc. When the following major version of the API was built no rewrite was required, and both managed to live side-by-side on the same "API" servers.

By passing on some best practices and general good advice you can hit the ground running with API development, combined with some horror stories and how they were overcome/avoided/averted. This book will discuss the theory of designing and building APIs in any language or framework, with this theory applied in PHP-based examples.

Some of the more advanced topics covered here are endpoint testing, embedding data objects in a consistent and scalable manner, paginating responses (including embedded objects) and hypermedia "HATEOAS" controls.

About the Author

Phil Sturgeon
Phil Sturgeon

Phil has seen a few trends come and go during a long and varied career of building stuff for money as an employee, freelancer, consultant and now CTO. One trend over recent years is the rise of APIs as an everyday part of the average server-side developers job.

Back in 2009 Phil released a CodeIgniter Rest Server, wrote a few articles about how to use it and built handfuls of APIs for his freelance clients. This tool was fairly basic, but covered HTTP-based routing, HTTP Basic/Digest/API Key authentication, added logging and throttling and did not force CRUD-based conventions. The internet seemed to like it, and this code is still used by Apple, the UN and

Later on as a core-contributor to FuelPHP he added this functionality to the core, and again built out a bunch of APIs for people. Then he got a job in NYC, to take over as Lead Engineer for a company that - you guessed it - had a FuelPHP API and wanted to improve it.

After two years of working on their API, Phil has moved to, building their API with an amazing team of developers.

Phil has been building APIs for so long, he has come up with a very long list of ways to make them not suck, and he'd like to share the information with you all.

Bundles that include this book

Minimum price
Suggested price
Bought separately
Bundle Price
Bought separately
Bundle Price
Minimum price
Suggested price
Bought separately
Bundle Price
Bought separately
Bundle Price
Bought separately
Bundle Price

About the Contributors

Alex Biblie
Alex Biblie

Technical Review

Alex knows his stuff about APIs. Previously working at the University of Lincoln he used to build out OAuth-based APIs for them. Then he moved to @VideoGamerCom and is doing the same for them, at a very high level. Alex also created the OAuth 2 PHP Server used in the later chapters, so is the perfect person to help out with technical review.
Ashley Hockney
Ashley Hockney


Ashley is an absolute champion of an editor. She has gone through my book a bunch of times, pointing out all my grammatical flaws with a big red marker, getting the book up to scratch enough for it to go to print!
Ben Corlett
Ben Corlett

Cameo Coder

Ben helps out at Kapture now and then as a freelancer and took care of our original Behat testing. I gave him the vague plan for how I would like our Behat tests to run and he coded it up. He is responsible for the majority of the FeatureContext.php bundled in the Sample Code.

Table of Contents

  • Introduction
  • Sample Code
  • 1. Useful Database Seeding
    • 1.1 Introduction
    • 1.2 Introduction to Database Seeding
    • 1.3 Building Seeders
    • 1.4 That is about it
    • 1.5 Secondary Data
    • 1.6 When to run this?
  • 2. Planning and Creating Endpoints
    • 2.1 Functional Requirements
    • 2.2 Endpoint Theory
    • 2.3 Planning Endpoints
  • 3. Input and Output Theory
    • 3.1 Introduction
    • 3.2 Requests
    • 3.3 Responses
    • 3.4 Supporting Formats
    • 3.5 Content Structure
  • 4. Status Codes, Errors and Messages
    • 4.1 Introduction
    • 4.2 HTTP Status Codes
    • 4.3 Error Codes and Error Messages
    • 4.4 Error or Errors
    • 4.5 Standards for Error Responses
    • 4.6 Common Pitfalls
  • 5. Endpoint Testing
    • 5.1 Introduction
    • 5.2 Concepts & Tools
    • 5.3 Setup
    • 5.4 Initialise
    • 5.5 Features
    • 5.6 Scenarios
    • 5.7 Prepping Behat
    • 5.8 Running Behat
  • 6. Outputting Data
    • 6.1 Introduction
    • 6.2 The Direct Approach
    • 6.3 Transformations with Fractal
    • 6.4 Hiding Schema Updates
    • 6.5 Outputting Errors
    • 6.6 Testing this Output
    • 6.7 Homework
  • 7. Data Relationships
    • 7.1 Introduction
    • 7.2 Subresources
    • 7.3 Foreign Key Arrays
    • 7.4 Compound Documents (aka Sideloading)
    • 7.5 Embedded Documents (aka Nesting)
    • 7.6 Summary
  • 8. Debugging
    • 8.1 Introduction
    • 8.2 Command-line Debugging
    • 8.3 Browser Debugging
    • 8.4 Network Debugging
  • 9. Authentication
    • 9.1 Introduction
    • 9.2 When is Authentication Useful?
    • 9.3 Different Approaches to Authentication
    • 9.4 Implementing an OAuth 2.0 Server
    • 9.5 Where the OAuth 2.0 Server Lives
    • 9.6 Understanding OAuth 2.0 Grant Types
  • 10. Pagination
    • 10.1 Introduction
    • 10.2 Paginators
    • 10.3 Offsets and Cursors
  • 11. Documentation
    • 11.1 Introduction
    • 11.2 Types of Documentation
    • 11.3 Picking a Tool
    • 11.4 Setting up API Blueprint and Aglio
    • 11.5 Learning API Blueprint Syntax
    • 11.6 Further Reading
  • 12. HATEOAS
    • 12.1 Introduction
    • 12.2 Content Negotiation
    • 12.3 Hypermedia Controls
  • 13. API Versioning
    • 13.1 Introduction
    • 13.2 Different Approaches to API Versioning
    • 13.3 Ask Your Users
  • 14. Bonus Chapter: File Uploads & Downloads
    • 14.1 Introduction
    • 14.3 Uploads
    • 14.4 Why Multipart is Fairly Awful
    • 14.5 Method A: Direct File Upload
    • 14.6 Method B: Upload from URL
    • 14.7 What about Meta Data?
    • 14.8 Summary
  • Conclusion
  • Further Reading
    • API Web Resources
    • Non-API Books

Causes Supported

Protect Earth

We plant trees, wildflowers, and remove invasives to tackle the climate/biodiversity crises, and literally everyone can get involved! Registered charity 1192453

Protect Earth create, restores, and protects woodlands all over the UK. We plant tens of thousands of trees every year on low quality farmland, schools, wedding venues, council land, road verges, golf courses, or anywhere else that makes sense. Increasingly Protect Earth is securing its own land, restoring an ancient temporate rainforest in Cornwall, and creating a brand new temperate rainforest in Wales.

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

80% Royalties. Earn $16 on a $20 book.

We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earnedover $13 millionwriting, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub