SlideShare a Scribd company logo

Best Practices in Api Design

Download as PPTX, PDF
M
Muhammad Aamir ...

RESTful API Design Guidance

Software
1 of 11
Best Practices in API Design API Design Guidance Muhammad Aamir | Staff Software Engineer
A well-designed web API should aim to support? ● Platform Independence Any client should be able to call the API, regardless of how the API is implemented internally. This requires using standard protocols, and having a mechanism whereby the client and the web service can agree on the format of the data to exchange. ● Service Evolution The web API should be able to evolve and add functionality independently from client applications. As the API evolves, existing client applications should continue to function without modification. All functionality should be discoverable so that client applications can fully use it.
Design Principles of RESTful APIs using HTTP ● REST APIs are designed around resources, which are any kind of object, data, or service that can be accessed by the client. ● A resource has an identifier, which is a URI that uniquely identifies that resource. For example, the URI for a particular customer order might be: https://adventure-works.com/orders/1 ● Clients interact with a service by exchanging representations of resources. Many web APIs use JSON as the exchange format. For example, a GET request to the URI listed above might return this response body: {"orderId":1,"orderValue":99.90,"productId":1,"quantity":1} ● REST APIs use a uniform interface, which helps to decouple the client and service implementations. For REST APIs built on HTTP, the uniform interface includes using standard HTTP verbs to perform operations on resources. The most common operations are GET, POST, PUT, PATCH, and DELETE.
Design Principles of RESTful APIs using HTTP ● REST APIs use a stateless request model. HTTP requests should be independent and may occur in any order, so keeping transient state information between requests is not feasible. The only place where information is stored is in the resources themselves, and each request should be an atomic operation. This constraint enables web services to be highly scalable, because there is no need to retain any affinity between clients and specific servers. Any server can handle any request from any client. That said, other factors can limit scalability. For example, many web services write to a backend data store, which may be hard to scale out. For more information about strategies to scale out a data store, see Horizontal, vertical, and functional data partitioning. ● REST APIs are driven by hypermedia links that are contained in the representation. For example, the following shows a JSON representation of an order. It contains links to get or update the customer associated with the order.
Maturity Model for APIs (Leonard Richardson 2008) Level 0: Define one URI, and all operations are POST requests to this URI. Level 1: Create separate URIs for individual resources. Level 2: Use HTTP methods to define operations on resources. Level 3: Use hypermedia (HATEOAS, described below). Level 3 corresponds to a truly RESTful API according to Fielding's definition. In practice, many published web APIs fall somewhere around level 2.
Organize the API around resources Focus on the business entities that the web API exposes. For example, in an e-commerce system, the primary entities might be customers ,orders and invoices etc. Examples: https://adventure-works.com/orders // Good https://adventure-works.com/create-order // Avoid
Define operations in terms of HTTP methods The HTTP protocol defines a number of methods that assign semantic meaning to a request. The common HTTP methods used by most RESTful web APIs are: ● GET retrieves a representation of the resource at the specified URI. The body of the response message contains the details of the requested resource. ● POST creates a new resource at the specified URI. The body of the request message provides the details of the new resource. Note that POST can also be used to trigger operations that don't actually create resources. ● PUT either creates or replaces the resource at the specified URI. The body of the request message specifies the resource to be created or updated. ● PATCH performs a partial update of a resource. The request body specifies the set of changes to apply to the resource. ● DELETE removes the resource at the specified URI.
Media Types As mentioned earlier, clients and servers exchange representations of resources. For example, in a POST request, the request body contains a representation of the resource to create. In a GET request, the response body contains a representation of the fetched resource. In the HTTP protocol, formats are specified through the use of media types, also called MIME types. For non-binary data, most web APIs support JSON (media type = application/json) and possibly XML (media type = application/xml).
Asynchronous operations Sometimes a POST, PUT, PATCH, or DELETE operation might require processing that takes a while to complete. If you wait for completion before sending a response to the client, it may cause unacceptable latency. If so, consider making the operation asynchronous. Return HTTP status code 202 (Accepted) to indicate the request was accepted for processing but is not completed. You should expose an endpoint that returns the status of an asynchronous request, so the client can monitor the status by polling the status endpoint. Include the URI of the status endpoint in the Location header of the 202 response. For example: HTTP/1.1 202 Accepted Location: /api/status/12345
Use HATEOAS to enable navigation to related resources { "orderID":3, "productID":2, "quantity":4, "orderValue":16.60, "links":[ { "rel":"customer", "href":"https://adventure-works.com/customers/3", "action":"GET", "types":["text/xml","application/json"] }, { "rel":"customer", "href":"https://adventure-works.com/customers/3", "action":"DELETE", "types":[] }, { "rel":"self", "href":"https://adventure-works.com/orders/3", "action":"DELETE", "types":[] }] }
Versioning of RESTful Web API ● No versioning When no change in existing fields and appending new data that does not affect client applications. (Depends on client apps) ● URI versioning such as https://adventure-works.com/v2/customers/3 ● Query string versioning such as https://adventure-works.com/customers/3?version=2 ● Header versioning GET https://adventure-works.com/customers/3 HTTP/1.1 Custom-Header: api-version=1 ● Media type versioning GET https://adventure-works.com/customers/3 HTTP/1.1 Accept: application/vnd.adventure-works.v1+json

Recommended

REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and example
Shailesh singh
 
ReSTful API Final
ReSTful API FinalReSTful API Final
ReSTful API Final
Claudine Bruyns
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
Chetan Gadodia
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State Transfer
Peter R. Egli
 
Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)
Abhay Ananda Shukla
 
Rest api-interview
Rest api-interviewRest api-interview
Rest api-interview
Mohammed Kemal
 
Richarson maturity model (HATEOAS)
Richarson maturity model (HATEOAS)Richarson maturity model (HATEOAS)
Richarson maturity model (HATEOAS)
Avishek Patra
 
ReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedReST (Representational State Transfer) Explained
ReST (Representational State Transfer) Explained
Dhananjay Nene
 

Recommended

REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and example
Shailesh singh
 
ReSTful API Final
ReSTful API FinalReSTful API Final
ReSTful API Final
Claudine Bruyns
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
Chetan Gadodia
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State Transfer
Peter R. Egli
 
Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)
Abhay Ananda Shukla
 
Rest api-interview
Rest api-interviewRest api-interview
Rest api-interview
Mohammed Kemal
 
Richarson maturity model (HATEOAS)
Richarson maturity model (HATEOAS)Richarson maturity model (HATEOAS)
Richarson maturity model (HATEOAS)
Avishek Patra
 
ReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedReST (Representational State Transfer) Explained
ReST (Representational State Transfer) Explained
Dhananjay Nene
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural Style
Robert Wilson
 
JAX-RS. Developing RESTful APIs with Java
JAX-RS. Developing RESTful APIs with JavaJAX-RS. Developing RESTful APIs with Java
JAX-RS. Developing RESTful APIs with Java
Jerry Kurian
 
Rest API Automation with REST Assured
Rest API Automation with REST AssuredRest API Automation with REST Assured
Rest API Automation with REST Assured
TO THE NEW Pvt. Ltd.
 
Hypermedia APIs
Hypermedia APIsHypermedia APIs
Hypermedia APIs
Paulo Gandra de Sousa
 
introduction about REST API
introduction about REST APIintroduction about REST API
introduction about REST API
AmilaSilva13
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transfer
Tricode (part of Dept)
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
Geert Pante
 
Rest Webservice
Rest WebserviceRest Webservice
Rest Webservice
Viyaan Jhiingade
 
JSON and REST
JSON and RESTJSON and REST
JSON and REST
Robert MacLean
 
Restful Fundamentals
Restful FundamentalsRestful Fundamentals
Restful Fundamentals
Suresh Madhra
 
Rest http basics
Rest http basicsRest http basics
Rest http basics
Suresh Madhra
 
Benefits of Hypermedia API
Benefits of Hypermedia APIBenefits of Hypermedia API
Benefits of Hypermedia API
Paulo Gandra de Sousa
 
Standards of rest api
Standards of rest apiStandards of rest api
Standards of rest api
Maýur Chourasiya
 
Spring HATEOAS
Spring HATEOASSpring HATEOAS
Spring HATEOAS
Yoann Buch
 
Introduction to Hydra
Introduction to HydraIntroduction to Hydra
Introduction to Hydra
Alejandro Inestal
 
The Glory of Rest
The Glory of RestThe Glory of Rest
The Glory of Rest
Sławomir Chrobak
 
Build an API the right way
Build an API the right wayBuild an API the right way
Build an API the right way
Software Guru
 
How to design a good REST API: Tools, techniques and best practices
How to design a good REST API: Tools, techniques and best practicesHow to design a good REST API: Tools, techniques and best practices
How to design a good REST API: Tools, techniques and best practices
WSO2
 
Salesforce REST API
Salesforce REST API Salesforce REST API
Salesforce REST API
Bohdan Dovhań
 
Integration with SAP using Mule ESB
Integration with SAP using Mule ESBIntegration with SAP using Mule ESB
Integration with SAP using Mule ESB
Sanjeet Pandey
 
Apitesting.pptx
Apitesting.pptxApitesting.pptx
Apitesting.pptx
NamanVerma88
 
Api design and development
Api design and developmentApi design and development
Api design and development
oquidave
 

More Related Content

What's hot

REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transfer
Tricode (part of Dept)
 

What's hot (20)

The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural Style
 
JAX-RS. Developing RESTful APIs with Java
JAX-RS. Developing RESTful APIs with JavaJAX-RS. Developing RESTful APIs with Java
JAX-RS. Developing RESTful APIs with Java
 
Rest API Automation with REST Assured
Rest API Automation with REST AssuredRest API Automation with REST Assured
Rest API Automation with REST Assured
 
Hypermedia APIs
Hypermedia APIsHypermedia APIs
Hypermedia APIs
 
introduction about REST API
introduction about REST APIintroduction about REST API
introduction about REST API
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transfer
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
 
Rest Webservice
Rest WebserviceRest Webservice
Rest Webservice
 
JSON and REST
JSON and RESTJSON and REST
JSON and REST
 
Restful Fundamentals
Restful FundamentalsRestful Fundamentals
Restful Fundamentals
 
Rest http basics
Rest http basicsRest http basics
Rest http basics
 
Benefits of Hypermedia API
Benefits of Hypermedia APIBenefits of Hypermedia API
Benefits of Hypermedia API
 
Standards of rest api
Standards of rest apiStandards of rest api
Standards of rest api
 
Spring HATEOAS
Spring HATEOASSpring HATEOAS
Spring HATEOAS
 
Introduction to Hydra
Introduction to HydraIntroduction to Hydra
Introduction to Hydra
 
The Glory of Rest
The Glory of RestThe Glory of Rest
The Glory of Rest
 
Build an API the right way
Build an API the right wayBuild an API the right way
Build an API the right way
 
How to design a good REST API: Tools, techniques and best practices
How to design a good REST API: Tools, techniques and best practicesHow to design a good REST API: Tools, techniques and best practices
How to design a good REST API: Tools, techniques and best practices
 
Salesforce REST API
Salesforce REST API Salesforce REST API
Salesforce REST API
 
Integration with SAP using Mule ESB
Integration with SAP using Mule ESBIntegration with SAP using Mule ESB
Integration with SAP using Mule ESB
 

Similar to Best Practices in Api Design

Switch to Backend 2023 | Day 1 Part 1
Switch to Backend 2023 | Day 1 Part 1Switch to Backend 2023 | Day 1 Part 1
Switch to Backend 2023 | Day 1 Part 1
Google Developer Students Club NIT Silchar
 

Similar to Best Practices in Api Design (20)

Apitesting.pptx
Apitesting.pptxApitesting.pptx
Apitesting.pptx
 
Api design and development
Api design and developmentApi design and development
Api design and development
 
WebApp #3 : API
WebApp #3 : APIWebApp #3 : API
WebApp #3 : API
 
API Basics
API BasicsAPI Basics
API Basics
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
 
Rest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookRest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbook
 
Restful web-services
Restful web-servicesRestful web-services
Restful web-services
 
Salesforce Integration
Salesforce IntegrationSalesforce Integration
Salesforce Integration
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
 
REST and RESTful Services
REST and RESTful ServicesREST and RESTful Services
REST and RESTful Services
 
REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and example
 
Restful web services
Restful web servicesRestful web services
Restful web services
 
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...
 
Web 13 | REST API
Web 13 | REST APIWeb 13 | REST API
Web 13 | REST API
 
Introduction To REST
Introduction To RESTIntroduction To REST
Introduction To REST
 
ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web api
 
Building Restful Applications Using Php
Building Restful Applications Using PhpBuilding Restful Applications Using Php
Building Restful Applications Using Php
 
Switch to Backend 2023 | Day 1 Part 1
Switch to Backend 2023 | Day 1 Part 1Switch to Backend 2023 | Day 1 Part 1
Switch to Backend 2023 | Day 1 Part 1
 
Ijirsm ashok-kumar-ps-compulsiveness-of-res tful-web-services
Ijirsm ashok-kumar-ps-compulsiveness-of-res tful-web-servicesIjirsm ashok-kumar-ps-compulsiveness-of-res tful-web-services
Ijirsm ashok-kumar-ps-compulsiveness-of-res tful-web-services
 
What are restful web services?
What are restful web services?What are restful web services?
What are restful web services?
 

Recently uploaded

Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
SelfMade bd
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea Goulet
Andrea Goulet
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio, Inc.
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Gáspár Nagy
 
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Andrea Goulet
 

Recently uploaded (20)

The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfThe Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Sinoville Clinic ](+27832195400*)[🏥Abortion Pill Prices Sinoville ● Women's A...
Sinoville Clinic ](+27832195400*)[🏥Abortion Pill Prices Sinoville ● Women's A...Sinoville Clinic ](+27832195400*)[🏥Abortion Pill Prices Sinoville ● Women's A...
Sinoville Clinic ](+27832195400*)[🏥Abortion Pill Prices Sinoville ● Women's A...
 
Optimizing Operations by Aligning Resources with Strategic Objectives Using O...
Optimizing Operations by Aligning Resources with Strategic Objectives Using O...Optimizing Operations by Aligning Resources with Strategic Objectives Using O...
Optimizing Operations by Aligning Resources with Strategic Objectives Using O...
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
 
Transformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with LinksTransformer Neural Network Use Cases with Links
Transformer Neural Network Use Cases with Links
 
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
 
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea Goulet
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres
^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres
^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
 
BusinessGPT - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AIBusinessGPT - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AI
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Automate your OpenSIPS config tests - OpenSIPS Summit 2024
Automate your OpenSIPS config tests - OpenSIPS Summit 2024Automate your OpenSIPS config tests - OpenSIPS Summit 2024
Automate your OpenSIPS config tests - OpenSIPS Summit 2024
 
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
Entropy, Software Quality, and Innovation (presented at Princeton Plasma Phys...
 
how-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdfhow-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdf
 
What is a Recruitment Management Software?
What is a Recruitment Management Software?What is a Recruitment Management Software?
What is a Recruitment Management Software?
 
Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...
Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...
Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...
 
The Strategic Impact of Buying vs Building in Test Automation
The Strategic Impact of Buying vs Building in Test AutomationThe Strategic Impact of Buying vs Building in Test Automation
The Strategic Impact of Buying vs Building in Test Automation
 

Best Practices in Api Design

  • 1. Best Practices in API Design API Design Guidance Muhammad Aamir | Staff Software Engineer
  • 2. A well-designed web API should aim to support? ● Platform Independence Any client should be able to call the API, regardless of how the API is implemented internally. This requires using standard protocols, and having a mechanism whereby the client and the web service can agree on the format of the data to exchange. ● Service Evolution The web API should be able to evolve and add functionality independently from client applications. As the API evolves, existing client applications should continue to function without modification. All functionality should be discoverable so that client applications can fully use it.
  • 3. Design Principles of RESTful APIs using HTTP ● REST APIs are designed around resources, which are any kind of object, data, or service that can be accessed by the client. ● A resource has an identifier, which is a URI that uniquely identifies that resource. For example, the URI for a particular customer order might be: https://adventure-works.com/orders/1 ● Clients interact with a service by exchanging representations of resources. Many web APIs use JSON as the exchange format. For example, a GET request to the URI listed above might return this response body: {"orderId":1,"orderValue":99.90,"productId":1,"quantity":1} ● REST APIs use a uniform interface, which helps to decouple the client and service implementations. For REST APIs built on HTTP, the uniform interface includes using standard HTTP verbs to perform operations on resources. The most common operations are GET, POST, PUT, PATCH, and DELETE.
  • 4. Design Principles of RESTful APIs using HTTP ● REST APIs use a stateless request model. HTTP requests should be independent and may occur in any order, so keeping transient state information between requests is not feasible. The only place where information is stored is in the resources themselves, and each request should be an atomic operation. This constraint enables web services to be highly scalable, because there is no need to retain any affinity between clients and specific servers. Any server can handle any request from any client. That said, other factors can limit scalability. For example, many web services write to a backend data store, which may be hard to scale out. For more information about strategies to scale out a data store, see Horizontal, vertical, and functional data partitioning. ● REST APIs are driven by hypermedia links that are contained in the representation. For example, the following shows a JSON representation of an order. It contains links to get or update the customer associated with the order.
  • 5. Maturity Model for APIs (Leonard Richardson 2008) Level 0: Define one URI, and all operations are POST requests to this URI. Level 1: Create separate URIs for individual resources. Level 2: Use HTTP methods to define operations on resources. Level 3: Use hypermedia (HATEOAS, described below). Level 3 corresponds to a truly RESTful API according to Fielding's definition. In practice, many published web APIs fall somewhere around level 2.
  • 6. Organize the API around resources Focus on the business entities that the web API exposes. For example, in an e-commerce system, the primary entities might be customers ,orders and invoices etc. Examples: https://adventure-works.com/orders // Good https://adventure-works.com/create-order // Avoid
  • 7. Define operations in terms of HTTP methods The HTTP protocol defines a number of methods that assign semantic meaning to a request. The common HTTP methods used by most RESTful web APIs are: ● GET retrieves a representation of the resource at the specified URI. The body of the response message contains the details of the requested resource. ● POST creates a new resource at the specified URI. The body of the request message provides the details of the new resource. Note that POST can also be used to trigger operations that don't actually create resources. ● PUT either creates or replaces the resource at the specified URI. The body of the request message specifies the resource to be created or updated. ● PATCH performs a partial update of a resource. The request body specifies the set of changes to apply to the resource. ● DELETE removes the resource at the specified URI.
  • 8. Media Types As mentioned earlier, clients and servers exchange representations of resources. For example, in a POST request, the request body contains a representation of the resource to create. In a GET request, the response body contains a representation of the fetched resource. In the HTTP protocol, formats are specified through the use of media types, also called MIME types. For non-binary data, most web APIs support JSON (media type = application/json) and possibly XML (media type = application/xml).
  • 9. Asynchronous operations Sometimes a POST, PUT, PATCH, or DELETE operation might require processing that takes a while to complete. If you wait for completion before sending a response to the client, it may cause unacceptable latency. If so, consider making the operation asynchronous. Return HTTP status code 202 (Accepted) to indicate the request was accepted for processing but is not completed. You should expose an endpoint that returns the status of an asynchronous request, so the client can monitor the status by polling the status endpoint. Include the URI of the status endpoint in the Location header of the 202 response. For example: HTTP/1.1 202 Accepted Location: /api/status/12345
  • 10. Use HATEOAS to enable navigation to related resources { "orderID":3, "productID":2, "quantity":4, "orderValue":16.60, "links":[ { "rel":"customer", "href":"https://adventure-works.com/customers/3", "action":"GET", "types":["text/xml","application/json"] }, { "rel":"customer", "href":"https://adventure-works.com/customers/3", "action":"DELETE", "types":[] }, { "rel":"self", "href":"https://adventure-works.com/orders/3", "action":"DELETE", "types":[] }] }
  • 11. Versioning of RESTful Web API ● No versioning When no change in existing fields and appending new data that does not affect client applications. (Depends on client apps) ● URI versioning such as https://adventure-works.com/v2/customers/3 ● Query string versioning such as https://adventure-works.com/customers/3?version=2 ● Header versioning GET https://adventure-works.com/customers/3 HTTP/1.1 Custom-Header: api-version=1 ● Media type versioning GET https://adventure-works.com/customers/3 HTTP/1.1 Accept: application/vnd.adventure-works.v1+json