Home > Community > Forums > Projects > Open Source > Thread 90123

Discussion: Initializing the new API client

Started by: john_doe Created: 2023-10-26 10:30 AM Replies: 42 Views: 1256
JD
john_doe
Posted on Oct 26, 2023, 10:30 AM

Hi everyone,

I've just created this thread to discuss the initial implementation and design decisions for the new API client for our project. The goal is to have a more robust, user-friendly, and performant client that can handle future growth and features.

I've put together a preliminary document outlining some of the core functionalities and potential approaches. You can find it here.

Key areas we need to focus on:

  • Authentication methods (API keys, OAuth 2.0)
  • Request/Response serialization (JSON, Protocol Buffers)
  • Error handling and retry mechanisms
  • Rate limiting integration
  • Asynchronous operations support

I'm open to all suggestions and constructive criticism. Let's make this client excellent!

Thanks!

Reply Quote Like (5)
AS
alice_smith
Posted on Oct 26, 2023, 11:05 AM

Great initiative, John!

Regarding authentication, I think OAuth 2.0 should be the primary focus, as it's the industry standard for secure delegated access. We can consider API keys as a simpler alternative for internal services, but OAuth provides better security for external consumers.

For serialization, JSON is widely adopted and easy to work with. Protocol Buffers could offer performance benefits, but it adds complexity and requires tooling for different languages. Let's stick with JSON for now unless performance benchmarks indicate a strong need for protobufs.

I've added a few comments to your proposal document.

Reply Quote Like (12)
MB
mike_brown
Posted on Oct 26, 2023, 11:45 AM

I agree with Alice on OAuth 2.0. It's crucial for our ecosystem.

On error handling, I'd suggest implementing a consistent error response structure. Something like:

{
  "error": {
    "code": "INVALID_ARGUMENT",
    "message": "The provided 'user_id' is not valid.",
    "details": {
      "field": "user_id",
      "expected_format": "UUID"
    }
  }
}

This makes it much easier for developers to parse and handle errors programmatically.

Reply Quote Like (8)
JD
john_doe
Posted on Oct 26, 2023, 1:15 PM

Thanks for the feedback, Alice and Mike!

Alice, good point about OAuth 2.0. We'll prioritize that. For serialization, JSON it is for now. I'll update the proposal to reflect this.

Mike, I love the error structure suggestion! It's very clean and provides useful details. I'll incorporate that into the design as well. It will definitely simplify debugging for users of the API.

I'm also thinking about how to best handle rate limiting. Should we return standard HTTP headers like X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset? Or something more specific within the JSON response?

Reply Quote Like (7)

Reply to this thread