Mobile apps and some architecture

We have two mobile apps for a service we are creating. The service had already a web interface. But it also has endpoints so the mobile apps can communicate with the service.

The basics

The endpoints are under a specific namespace, like `/api/v1`. This url format allows you to create incremental versions without breaking the previous one. It is also a common REST API with specific http methods, request and response format. The response follows a custom specification (no it's not JSON:API). But it is something similar for pagination, filters etc.

Error handling

We have a global and specific way of handling errors. The API is responsible to serve the messages and it return an error code. This is important as the app is multi-lingual and it serves the locals as well. Still the mobile app has the ability to show error messages under specific scenarios. For example in case the API is unreachable. Also some error codes are silently ignored. And some others, do specific actions. For example if there is a hack attempt the API will send a specific error code and the mobile will delete the authentication token.

Authentication

We haven't used JWT or something similar, we used devise and a custom session token. We also have enabled two-factor authentication. The reason for that is because we want to give to the user, an easy way to sign-out from all the devices if he wants to. Still, each device uses it's own unique authentication token.

Mobile tracking

There are in place both logging for endpoint requests, error tracking for the device and the web service. There are some headers which are sent from the mobile app for getting the device and track possible problems early for specific devices. The service serves an info endpoint and informs the mobile app for the minimum supported version. If this version isn't met, then the user has to download a newer one and he won't be able to use the app.

Styleguide, color palette etc.

As the mobile app is a react-native app, it is easier to make CSS changes. The API serves some basic styling, fonts etc. in case of a change and the mobile app is able to change it dynamically. This gives the ability to follow styling changes without the need to download a new version. This one is a bit too much I know, but it helped a lot. We had some webview screens and it was very ugly to have different styling on each one.
Last but not least, there is a maintenance message in case the service needs to go down for a while. In that case, the mobile informs the user with a maintenance screen and shows a custom message as well.

What other things are you using for your mobile / service app communication and you think necessary?