API Best Practices
With the Mapp APIs you can customize, extend and create new functionality on top of our platform. We have compiled a list of best practices to help you quickly get up to speed.
Contents On This Page |
---|
Endpoint
Our Mapp API endpoint is a centralized base where all of the services are located. We advise putting it in a central configuration, so you can easily modify it in the future. The endpoint might change in the event of a new version of our APIs, or if required for other (technical) reasons.
Authentication
The authentication endpoint creates a session token which must be used for any subsequent API calls. There is also a hard login limit of 10 times per minute. Once you exceed this limit, the client and account will be locked out for 10 minutes. This token can be stored on a disk, with a service like MemCached or a database like MySQL.
Retrying
In many cases it might be possible to retry API calls if an error occurs. Here are a few examples:
- Fetching a single item, or list of items with the method GET
- Updating an existing item with the method PUT
- Removing an existing item with the method DELETE
Retries using the method POST are inadvisable by default, as it might lead to the creation of duplicate objects. In that case, it is essential to have accurate error handling to confirm whether it was user error, or a Mapp API issue.
Throttling
All of our APIs are limited by a 100 request per minute read limit and a 60 request per minute write limit. Once you exceed either or both of these limits, you will receive a 429 Too Many Requests response status indicating that you should reduce the number of API calls. We suggest implementing an Exponential Backoff algorithm in your retry handler so that the rate of API call is automatically decreased until it is within the limits.
Mapp Interface
All of our interfaces are built upon our own API. That means you can simply login and look at the API calls being made to discover how we built our own interfaces. This can help you figure out what's going wrong with API calls you have made by yourself, but it can also be a source of inspiration.