We all love API-based applications. By letting the server focus on data handling and leaving presentation to the clients, you can create remarkably flexible applications across a variety of platforms. Best of all, you can even open your app to your fellow developers. The more clients you add, though, the more varied the requests and needs of your users become, and the more important -- and difficult -- it is to keep everything consistent.
In this talk, I'll review approaches you can take to easily and maintainably standardize... * What data you fetch: letting clients manage limits, filters, sorting, etc. for all their queries -- very useful when different clients have different needs, for instance mobile v. desktop. * How you present that data: allowing control over the level of response detail and other options, as well as handling response formats, exceptions, etc. in a standard way. * How you secure your data: making sure that you don't accidentally send clients data they're not allowed to view -- an additional centralized layer on top of your other security.
We'll review plenty of code samples, along with advantages and disadvantages of each approach. There'll also be plenty of time for questions and ideas from the audience -- I'm eager to hear how others approach.