I wanted to know is it common practice to use a REST API to create GUI?
Let's say we have Facebook or LinkedIn for an example:
When I download their mobile application, the application has a page for me to log into my facebook/LinkedIn account. When the application is loaded does facebook send something like a GET("/login") request to their API which returns something like this to the program. Which then the mobile application decides what to do with this information
{
[
{"username": "string", "opts": []},
{"password": "string", "opts": ["hidden"]}
]
}
I wanted to ask if it's common practice to do this and whether I should build my mobile applications like this or is the application UI programmed without using an API?
I wouldn't say this is common practice. They probably do have a central api which the mobile clients consume, but it's probably data related, with the client UI being just the application's responsability.
I would only envisage such a scenario under extraordinary requirements. For example, say you have some sort of payment api through which various clients can send payment (i.e. card details) regarding transactions. If you want to become PCI compliant, you'd probably need to host this api in a secure cloud location, with all resources and assets having to come from the same place (i.e. payment form, javascript, css etc). It's certainly not natural, to say the least.
Related
Is it possible to use the WhatsApp business API to communicate with users and also allow them to forward content from WhatsApp directly to our application. For example enabling Web-hooks for different WhatsApp channels to receive the messages from those channels. If yes, can someone guide me how can we implement this feature? and how can we authorize those channels with our WA business account
Finding sources/documentation for developing needed feature
Whatsapp API allows you to Broadcast messages to Unlimited Users, automate notifications, integrate Chatbots, provide Live Chat on Multiple devices and many more functions. Install the WhatsApp Business API Client and then Install your API client. Once your client is working, you can update your application settings. Start using the client, Register your phone number with an API call to /account and send a test message with a call to /messages . let me know if u find this helpful.
Yes, it is possible. The WhatsApp Business Platform allows medium and large businesses to communicate with their customers at scale. Using their APIs, businesses can connect thousands of agents and bots to interact with customers programmatically and manually. Additionally, the APIs can be integrated with numerous backend systems, such as CRM and marketing platforms
Here is the link for the documentation: https://developers.facebook.com/docs/whatsapp/overview
Link for different types of webhooks:
https://developers.facebook.com/docs/whatsapp/webhooks
There are multiple ways given in the documentation. But keep in mind, do read the documentation carefully, they have their updated and the previous version so use them as per your requirements.
I've looked briefly through Spotify's API documentation to try and see what exactly can be done with the API. I'm trying to do some data analysis on Spotify data, specifically on user listens / user playlists. However, as far as I can tell, the only way to uncover that information is through OAuth, and each user whose play information I desire would need to explicitly grant permission to my app to use their information. Since I am not building a user-facing app and am interested in doing mass analysis on many users at once, I don't think this would work for my purposes.
My question - is there any way to return multiple users' listening habits through a script that pulls data from Spotify using its API? Or is that possible strictly by way of an application that one user at a time gives authentication to when they load an app that uses this API?
is there any way to return multiple users' listening habits through a script that pulls data from Spotify using its API?
Spotify doesn't expose users' listening habits unless they authorized the app requesting it (I think this is what you meant when you said "through OAuth"). There's pretty big privacy reasons for not exposing users' data to the world.
I want to make a desktop application which will need to use a 3rd party REST API to get information. However, the number of requests is limited by the API Key. If I use one API key for all users, the request quota will be exhausted really fast. Now, is it standard (and legal) to make each user sign up for his/her own API key? How are API keys used in context of open-source projects?
To generate the API key, I want to make a sign up form within the application, where the user puts in his/her information and the application sends those information to the 3rd party website to get an API key. Does that sound right?
In general the use of an API is limited to the requests from one machine and not to the API key most of the time.
Again depending of the type of third party services you are using, but the requests to the service should be established by the client not the server.
For example if you want to know geographic coordinates from a specific place, but obviously you can't ask the user directly for GPS coordinates. So you implement the Google Maps Javascript Library into your app which requests the Google API for the coordinates to the human readable address and returns it to the client. This in turn sends the data to your server.
In this way your server never comes into contact with the third party service.
If you have sensitive data or data which shouldn't be manipulated by the user you have to request from your server directly of course. But take a look into the documentation of the service before hack something together which isn't in the intention of the service provider.
Never ever try to outwit a service provider. They will detect your inappropriate use and block you for all time!
I am developing an app for iOS. I am planning to publish this app in app-store as free app. I would like to authorize app users via outside RESTful webservice. Is this practice against any Apple official guidelines and can be not approved by Apple app review?
The Apple Review Guidelines 11.1 states:
Apps that unlock or enable additional features or functionality with
mechanisms other than the App Store will be rejected.
It sounds clear, but I believe it is open to interpretation on behalf of their reviewers. My company has produced an app exactly as you describe and it not only passed but has been versioned up very recently. Like yours, this app consumes a web service and while the launch screen is public facing, the user must immediately authenticate on the screen after that to go any further.
Our app was not a good candidate for the enterprise store model, since the intention is to distribute to customers, not employees.
Also, and perhaps most telling, when you prepare to upload your binary the iTunes Connect portal has a place for you to enter demo account credentials for the testers to access protected content in your app. So I think you're OK. Screencap below taken from iTunes Connect.
UPDATE
Apparently, when submitting your app you can provide demo account information (#erikr98), implying that an app like yours could be tested by Apple and be approved in the store. I've seen apps like this and worked on them before, but was under the impression that you also had to provide some sort of functionality in the app outside of your "pay wall."
....
I think the answer is maybe. It sounds like you're hovering the line between a public app and an enterprise app. I'm going to assume your question could be rephrased like this:
"I make money from my customers through an existing process (probably on the web) and I want to allow them to use that functionality on iOS without giving 1/3 of that money to Apple via a paid-app or through In-App Purchase. If I build a free app and provide my current customers access to its content via their existing accounts (and through a login process) will Apple reject it?"
Apple's App Store Review Guidelines, Section 11, clearly states that if you allow users to upgrade the content, unlock features or abilities, or purchase content through your application, that purchase must be done through In-App Purchase.
However, in my experience I have found that Apple will not reject an application if it provides value to everyone, not just those with an account. If you provide some sort of benefit for someone without an account you stand a much better chance. In my case we had, 5 features available to the people without an account, and 10 features available for those that could login. Our app was approved and released to the App Store. This was last year.
Also, think about this from a reviewer's perspective at Apple: When you sit down to review an app, its probably not a good sign that you can't access any part of the app without a user name and password.
Look at the model that the newspapers use. Washington Post, for example, has a free app with a $15 In-App purchase that provides you access to their content. You get a limited number of free articles, first, though. See, they provide content for everyone even if on a limited basis. You can also sign into the application, which unlocks all content, if you already have a paying account.
I like to build a system that will allow users to "commit buy" a deal, but will only be charged after a minimum # of committers are reached. The time span in which the "deal" will continue can be either weekly or monthly.
I like to stay away from building one from the ground up as much as possible.
I know there's another thread on StackOverflow that asked paypal, amazon, or google checkout API to serve this purpose, but this seems too much like a hack?
I did some reading on using a gateway like Authorize.net to process credit card information and they can store the user information and has a service like pay-as-you-go. Would using their API be a better choice? Can their pay-as-you-go method provide the system that I'm looking for?
I did some reading on using a gateway like Authorize.net to process
credit card information and they can store the user information and
has a service like pay-as-you-go. Would using their API be a better
choice?
I have used Authorize.net for recurring payments and it is easy to implement if you are fluent in working with a web service (regardless of language). You can integrate with them without the user needing to leave your website and without storing the user's credit card information.
However, you will be receiving the user's credit card number to implement such a model, and there are still precautions to be taken (versus redirecting to a secure third party site to receive the number).
Refine your question to be more specific to receive more specific answers.