SlideShare a Scribd company logo

HATEOAS 101: An Introduction to Hypermedia as the Engine of Application State

Download as PPTX, PDF
Apigee | Google Cloud
Apigee | Google Cloud

The document provides an introduction to HATEOAS (Hypermedia as the Engine of Application State), which is one of the constraints of REST. It defines HATEOAS as using hypermedia links in responses to drive application state, rather than through out-of-band information. Popular web APIs often violate HATEOAS by not including these links, unlike web user interfaces which adhere to it. While including links in API responses may be helpful for developers, it does not truly implement HATEOAS unless the links drive the client application state at runtime, rather than the developer deciding application flow. A true HATEOAS client would handle generic RESTful APIs similar to how a feed reader handles synd

Technology
1 of 140
HATEOAS 101 An Opinionated Introduction Brian Mulloy Apigee @landlessness @apigee
groups.google.com/group/api-craft
youtube.com/apigee
New! IRC Channel #api-craft on freenode
WARNING: The author may betray a bias against the application of REST constraints to web APIs.
What is HATEOAS?
Hypermedia As The Engine Of Application State
Let’s put HATEOAS in the full context of REST.
The Constraints of REST 1. Client-server 2. Stateless server 3. Cache 4. Uniform interface a. Identification of resources b. Manipulation of resources through representations c. Self-descriptive messages d. Hypermedia as the engine of application state 5. Layered System 6. Code-On-Demand (optional)
Let’s break it down.
The first three constraints…
1. Client-server 2. Stateless server 3. Cache
…give us the client-cache-stateless-server web architecture.
client cache Each request must contain all information. No stored context on the stateless server. server Client has the right to reuse client response data. cache
(we’ll come back to the 4th constraint)
The 5th constraint, Layered System, lets us add features like a gateway, load balancer and firewall.
Each layer Layers can encapsulate provides services legacy services & protect new services from legacy stateless to it’s neighbors. clients. server load stateless client firewall gateway balancer server Each layer cannot stateless "see" beyond it’s server immediate neighbor.
The optional 6th constraint, Code-on-Demand, allows the client to request code from the server & execute it.
Add features to a deployed client, which provides for improved extensibility and configurability client stateless server code Better user-perceived performance and efficiency
Now lets tackle the 4 parts of the 4th constraint, Uniform Interface
With help from the Twitter UI.
a. Resource Identifier identifies the particular resource involved in an interaction between components.
http://twitter.com/#!/jack/status/20
b. Resource Representation represents the state of a resource for transfer between components.
<!DOCTYPE html> <html data-nav-highlight-class-name="highlight-global-nav-home"> <head> <title>Twitter</title> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta charset="utf-8" /> <meta name="description" content="Instantly connect to what&#39;s most important to you. Follow your friends, experts, favorite celebrities, and breaking news." /> <link rel="dns-prefetch" href="http://a0.twimg.com"/> <link rel="dns-prefetch" href="http://api.twitter.com"/> <script type="text/javascript" charset="utf-8"> document.domain = 'twitter.com'; // this will be copied to twttr.appStartTime once our JS has started up document.startTime = new Date().getTime(); var twttr = {}; twttr.versionName = 'phoenix'; twttr.isT1 = true; twttr.didPingKeynote = false; twttr.keynoteTTFTPing = function() { if (!twttr.didPingKeynote && window.location.href.indexOf('keynoteTest') > 0) { var image = document.createElement('img'); image.src = '/images/keynote.gif'; twttr.didPingKeynote = true; } } window.console||function(){var a=["log","debug","info","warn","error","assert","dir","dirxml","group","groupEnd","time","t imeEnd","count","trace","profile","profileEnd"];window.console={};for(var b=0;b<a.length;++b)window.console[a[b]]=function(){}}(); </script> …
c. Self-descriptive messages contains all the information necessary to complete transformations.
GET /#!/jack/status/20 HTTP/1.1 User-Agent: Chrome/18.0.1025.11 Host: twitter.com Accept: text/html
d. Hypermedia as the engine of application state
state state transition transition state transition transition state state
“ The name „Representational State Transfer‟ is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through the application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. -Roy Fielding Architectural Styles and the Design of Network-based Software Architectures Chapter 6
States are web pages.
Transitions are hyperlinks.
The key to implementing HATEOAS is pretty simple
In each response message include the links for the next request message.
REST Interface App Browser App UI Server User App Developer
home connect discover search my profile direct messages google: lists jack‟s first favorite about tweet help retweet reply to keyboard @jack shortcuts turn off retweets settings report @jack for spam sign out add or remove block @jack tweet to @jack Follow @jack @jack new tweet from lists
1 transition in, 32 transitions out
A quick aside
The three greatest inventions of all time are:
Bicycles
Beer
The Hyperlink
With a browser I can start at http://twitter.com
And navigate my way through every state of the entire Twitter application.
It’s amazing!
HATEOAS is not scary.
HATEOAS is the key constraint that makes surfing the web with a browser possible.
Let’s look at HATEOAS and APIs
With help from the Twitter API.
GET /1/statuses/show/20.json HTTP/1.1 Host: api.twitter.com
{ "created_at": "Tue Mar 21 20:50:14 +0000 2006", "id": 20, "id_str": "20", "text": "just setting up my twttr", "source": "web", "truncated": false, "in_reply_to_status_id": null, "in_reply_to_status_id_str": null, "in_reply_to_user_id": null, "in_reply_to_user_id_str": null, "in_reply_to_screen_name": null, "user": { "id": 12, "id_str": "12", "name": "Jack Dorsey", "screen_name": "jack", "location": "San Francisco", "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.", "url": null, "protected": false, "followers_count": 1935426, "friends_count": 1148, "listed_count": 17312, "created_at": "Tue Mar 21 20:50:14 +0000 2006", "favourites_count": 988, "utc_offset": -28800, "time_zone": "Pacific Time (US & Canada)", "geo_enabled": true, "verified": true, "statuses_count": 10894, "lang": "en", "contributors_enabled": true, "is_translator": false, "profile_background_color": "EBEBEB", "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif", "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif", "profile_background_tile": false, "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_link_color": "990000", "profile_sidebar_border_color": "DFDFDF", "profile_sidebar_fill_color": "F3F3F3", "profile_text_color": "333333", "profile_use_background_image": true, "show_all_inline_media": true, "default_profile": false, "default_profile_image": false, "following": null, "follow_request_sent": null, "notifications": null }, "geo": null, "coordinates": null, "place": null, "contributors": null, "retweet_count": 5973, "favorited": false, "retweeted": false }
Uh oh. There are zero hyperlinks.
How many should there be to respect the HATEOAS constraint?
At least one.
{ "created_at": "Tue Mar 21 20:50:14 +0000 2006", "id": 20, "id_str": "20", "text": "just setting up my twttr", "source": "web", "truncated": false, "in_reply_to_status_id": null, "in_reply_to_status_id_str": null, "in_reply_to_user_id": null, "in_reply_to_user_id_str": null, "in_reply_to_screen_name": null, "user": { "id": 12, "link": ”http://api.twitter.com/1/users/show.json?user_id=12", "id_str": "12", "name": "Jack Dorsey", "screen_name": "jack", "location": "San Francisco", "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.", "url": null, "protected": false, "followers_count": 1935426, "friends_count": 1148, "listed_count": 17312, "created_at": "Tue Mar 21 20:50:14 +0000 2006", "favourites_count": 988, "utc_offset": -28800, "time_zone": "Pacific Time (US & Canada)", "geo_enabled": true, "verified": true, "statuses_count": 10894, "lang": "en", "contributors_enabled": true, "is_translator": false, "profile_background_color": "EBEBEB", "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif", "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif", "profile_background_tile": false, "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_link_color": "990000", "profile_sidebar_border_color": "DFDFDF", "profile_sidebar_fill_color": "F3F3F3", "profile_text_color": "333333", "profile_use_background_image": true, "show_all_inline_media": true, "default_profile": false, "default_profile_image": false, "following": null, "follow_request_sent": null, "notifications": null }, "geo": null, "coordinates": null, "place": null, "contributors": null, "retweet_count": 5973, "favorited": false, "retweeted": false }
A few questions.
Now are we HATEOAS compliant?
If we add another link does it change the consuming application’s state machine?
Is it ok for the developer to ignore included links?
Can the developer add out-of-band links to her app?
What happens when an app relies on multiple APIs? Where is the state machine?
If the Twitter API had complied with HATEOAS
When Loren Brichter
Created Tweetie
Would he have been able to decide which user actions to include in his design?
Or would those decisions have been driven by the links in the response from the Twitter API?
Nearly all popular web UIs adhere to HATEOAS.
Nearly all popular web APIs violate HATEOAS.
Why?
Let’s examine the two worlds.
I guarantee hypermedia is engine of app I decide where state I craft the user to click, aka experience, aka change state. state diagram. REST Interface App Browser App UI Server User App Developer
The person who crafts the experience (state diagram) and the app user have the REST interface between them.
And the hypermedia links are given directly to the app user at runtime.
So the hypermedia in each response message is genuinely the engine of application state.
This pattern is not limited to user interfaces.
We see the same pattern for syndication feeds.
I guarantee hypermedia is engine of app state I craft stories, I decide where categories & related to click, aka media, aka state change state. diagram. REST Interface App Feed Reader Feed Content User App Server Publisher
But the world of apps and web APIs seems different.
Interface App App 1 Developer 1 App API Server App User App 2 Developer 2 App App 3 Developer 3
Interface I craft the user experience, I get no aka state diagram. App HATEOAS App 1 I decide where Developer 1 respect. to click, aka change state. App API Server App User App 2 Developer 2 App App 3 Developer 3
The person who crafts the experience (state machine) and the app user do not have the REST interface between them.
And the hypermedia links are not given directly to the app user at runtime.
Instead, the hypermedia are given to the developer at design time.
And the developer decides which states are possible for the app user at runtime.
We need a Yoda moment.
“ You must unlearn what you have learned. -Yoda
I used to call the world of popular, non-HATEOAS, non- SOAP web APIs, Pragmatic REST.
Oops.
How do we answer the questions many API teams are asking
1. Should we go down the HATEOAS path?
As a practical matter, for many teams that previous question is the same as the next question.
2. Should we include links in our responses?
But they have different answers.
1. For an API to be HATEOAS-compliant it requires a client app that is also HATEOAS-compliant.
A user-interface app driven by web APIs would be akin to a feed reader for syndicated content.
But designed to handle generic web APIs.
I guarantee hypermedia is engine of app I decide where state I craft a system of to click, aka interrelated resources, change state. aka state diagram. REST Interface App RESTful API API API Server User Client App Developer ?
Special thanks to @elasticpath for this metaphor.
There are interesting non-UI applications as well.
“ However, the style does not assume that all applications are browsers. In fact, the application details are hidden from the server by the generic connector interface, and thus a user agent could equally be an automated robot performing information retrieval for an indexing service, a personal agent looking for data that matches certain criteria, or a maintenance spider busy patrolling the information for broken references or modified content [39]. -Roy Fielding Architectural Styles and the Design of Network-based Software Architectures Chapter 5
If you’re not going down the HATEOAS client path, should you include links anyway?
2. If you think including links in the API response will be helpful for developers at design time, then go for it.
But I wouldn’t call it HATEOAS because those links are probably not the engine of application state for the app user at run time.
“ If the engine of application state (and hence the API) is not being driven by hypertext, then it cannot be RESTful and cannot be a REST API. Period. Is there some broken manual somewhere that needs to be fixed? -Roy Fielding “REST APIs must be hypertext-driven” Untangled: Musings of Roy T. Fielding
Here’s a call to action
We know what REST with the HATEOAS constraint is and isn’t.
We know what SOAP is and isn’t.
But we don’t have an intellectual framework for the way so many popular apps and web APIs work today.
We need a really smart person
Who cares about web APIs
To examine the constraints of REST
The Constraints of REST 1. Client-server 2. Stateless server 3. Cache 4. Uniform interface a. Identification of resources b. Manipulation of resources through representations c. Self-descriptive messages d. Hypermedia as the engine of application state 5. Layered System 6. Code-On-Demand (optional)
While keeping in mind how custom apps are built by people using web APIs
Interface App App 1 Developer 1 App API Server App User App 2 Developer 2 App App 3 Developer 3
To give us a new foundation
The Constraints of ____ 1. ??? 2. ??? 3. ??? 4. ??? 5. ??? 6. ???
So that we will have a better shared idea of what we’re really doing
We will be able to communicate more effectively
And we will be able to create more value for the planet and the people on it.
But please choose a nice, pronounceable acronym.
Further Exploring • http://steveklabnik.com/ • http://pinboard.in/u:earth2marsh/t:hateoas/ • http://www.ics.uci.edu/~fielding/pubs/dissert ation/top.htm • http://martinfowler.com/articles/richardsonM aturityModel.html • http://timelessrepo.com/haters-gonna- hateoas
Questions?
THANK YOU Subscribe to API webinars at: youtube.com/apigee
THANK YOU IRC #api-craft on freenode
THANK YOU Questions and ideas to: groups.google.com/group/api-craft
THANK YOU Contact me at: @landlessness brian@apigee.com

Recommended

Sockets
SocketsSockets
SocketsHeithem Abbes
 
Cours 3 les objets distants rmi corba
Cours 3 les objets distants rmi corbaCours 3 les objets distants rmi corba
Cours 3 les objets distants rmi corbaMariem ZAOUALI
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Svetlin Nakov
 
Chapitre-4-Programmation-réseau-avec-les-sockets.pdf
Chapitre-4-Programmation-réseau-avec-les-sockets.pdfChapitre-4-Programmation-réseau-avec-les-sockets.pdf
Chapitre-4-Programmation-réseau-avec-les-sockets.pdfYoussefJamma
 
Les socket ing1_issat
Les socket ing1_issatLes socket ing1_issat
Les socket ing1_issatsloumaallagui
 
Support programmation orientée aspect mohamed youssfi (aop)
Support programmation orientée aspect mohamed youssfi (aop)Support programmation orientée aspect mohamed youssfi (aop)
Support programmation orientée aspect mohamed youssfi (aop)ENSET, Université Hassan II Casablanca
 
Failles de sécurité Web et Symfony
Failles de sécurité Web et SymfonyFailles de sécurité Web et Symfony
Failles de sécurité Web et SymfonyChamalaine Soufi
 
An Introduction of Node Package Manager (NPM)
An Introduction of Node Package Manager (NPM)An Introduction of Node Package Manager (NPM)
An Introduction of Node Package Manager (NPM)iFour Technolab Pvt. Ltd.
 

Recommended

Sockets
SocketsSockets
SocketsHeithem Abbes
 
Cours 3 les objets distants rmi corba
Cours 3 les objets distants rmi corbaCours 3 les objets distants rmi corba
Cours 3 les objets distants rmi corbaMariem ZAOUALI
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Svetlin Nakov
 
Chapitre-4-Programmation-réseau-avec-les-sockets.pdf
Chapitre-4-Programmation-réseau-avec-les-sockets.pdfChapitre-4-Programmation-réseau-avec-les-sockets.pdf
Chapitre-4-Programmation-réseau-avec-les-sockets.pdfYoussefJamma
 
Les socket ing1_issat
Les socket ing1_issatLes socket ing1_issat
Les socket ing1_issatsloumaallagui
 
Support programmation orientée aspect mohamed youssfi (aop)
Support programmation orientée aspect mohamed youssfi (aop)Support programmation orientée aspect mohamed youssfi (aop)
Support programmation orientée aspect mohamed youssfi (aop)ENSET, Université Hassan II Casablanca
 
Failles de sécurité Web et Symfony
Failles de sécurité Web et SymfonyFailles de sécurité Web et Symfony
Failles de sécurité Web et SymfonyChamalaine Soufi
 
An Introduction of Node Package Manager (NPM)
An Introduction of Node Package Manager (NPM)An Introduction of Node Package Manager (NPM)
An Introduction of Node Package Manager (NPM)iFour Technolab Pvt. Ltd.
 
Browser Serving Your We Application Security - ZendCon 2017
Browser Serving Your We Application Security - ZendCon 2017Browser Serving Your We Application Security - ZendCon 2017
Browser Serving Your We Application Security - ZendCon 2017Philippe Gamache
 
DPDK & Cloud Native
DPDK & Cloud NativeDPDK & Cloud Native
DPDK & Cloud NativeMichelle Holley
 
Chp3 - Architecture Logicielle des Applications Mobiles
Chp3 - Architecture Logicielle des Applications MobilesChp3 - Architecture Logicielle des Applications Mobiles
Chp3 - Architecture Logicielle des Applications MobilesLilia Sfaxi
 
Testando API REST - Parte 1
Testando API REST - Parte 1Testando API REST - Parte 1
Testando API REST - Parte 1alinebiath
 
Lab3-DB_Neo4j
Lab3-DB_Neo4jLab3-DB_Neo4j
Lab3-DB_Neo4jLilia Sfaxi
 
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka StreamsTraitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka StreamsENSET, Université Hassan II Casablanca
 
Chp5 - Applications Android
Chp5 - Applications AndroidChp5 - Applications Android
Chp5 - Applications AndroidLilia Sfaxi
 
cours j2ee -présentation
cours j2ee -présentationcours j2ee -présentation
cours j2ee -présentationYassine Badri
 
Cours 4 intergiciels orientes messages jms
Cours 4 intergiciels orientes messages jmsCours 4 intergiciels orientes messages jms
Cours 4 intergiciels orientes messages jmsMariem ZAOUALI
 
Apache Cordova
Apache CordovaApache Cordova
Apache CordovaIvano Malavolta
 
How to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyHow to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyNordic APIs
 
WEB SERVICE SOAP, JAVA, XML, JAXWS
WEB SERVICE SOAP, JAVA, XML, JAXWSWEB SERVICE SOAP, JAVA, XML, JAXWS
WEB SERVICE SOAP, JAVA, XML, JAXWSLhouceine OUHAMZA
 
An Introduction to Apache Hadoop Yarn
An Introduction to Apache Hadoop YarnAn Introduction to Apache Hadoop Yarn
An Introduction to Apache Hadoop YarnMike Frampton
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
Native Apps vs. Web Apps – What Is the Better Choice?
Native Apps vs. Web Apps – What Is the Better Choice?Native Apps vs. Web Apps – What Is the Better Choice?
Native Apps vs. Web Apps – What Is the Better Choice?ChromeInfo Technologies
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud ComputingNephoScale
 
Appels de procédures distants (RPC)
Appels de procédures distants (RPC)Appels de procédures distants (RPC)
Appels de procédures distants (RPC)Heithem Abbes
 
Architecture des Systèmes Logiciels
Architecture des Systèmes LogicielsArchitecture des Systèmes Logiciels
Architecture des Systèmes LogicielsGhazouani Mahdi
 
The State of libfabric in Open MPI
The State of libfabric in Open MPIThe State of libfabric in Open MPI
The State of libfabric in Open MPIJeff Squyres
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsHungWei Chiu
 
Why APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesWhy APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesApigee | Google Cloud
 
Rest and the hypermedia constraint
Rest and the hypermedia constraintRest and the hypermedia constraint
Rest and the hypermedia constraintInviqa
 

More Related Content

What's hot

Browser Serving Your We Application Security - ZendCon 2017
Browser Serving Your We Application Security - ZendCon 2017Browser Serving Your We Application Security - ZendCon 2017
Browser Serving Your We Application Security - ZendCon 2017Philippe Gamache
 
Chp3 - Architecture Logicielle des Applications Mobiles
Chp3 - Architecture Logicielle des Applications MobilesChp3 - Architecture Logicielle des Applications Mobiles
Chp3 - Architecture Logicielle des Applications MobilesLilia Sfaxi
 
Testando API REST - Parte 1
Testando API REST - Parte 1Testando API REST - Parte 1
Testando API REST - Parte 1alinebiath
 
Chp5 - Applications Android
Chp5 - Applications AndroidChp5 - Applications Android
Chp5 - Applications AndroidLilia Sfaxi
 
cours j2ee -présentation
cours j2ee -présentationcours j2ee -présentation
cours j2ee -présentationYassine Badri
 
Cours 4 intergiciels orientes messages jms
Cours 4 intergiciels orientes messages jmsCours 4 intergiciels orientes messages jms
Cours 4 intergiciels orientes messages jmsMariem ZAOUALI
 
How to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyHow to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyNordic APIs
 
WEB SERVICE SOAP, JAVA, XML, JAXWS
WEB SERVICE SOAP, JAVA, XML, JAXWSWEB SERVICE SOAP, JAVA, XML, JAXWS
WEB SERVICE SOAP, JAVA, XML, JAXWSLhouceine OUHAMZA
 
An Introduction to Apache Hadoop Yarn
An Introduction to Apache Hadoop YarnAn Introduction to Apache Hadoop Yarn
An Introduction to Apache Hadoop YarnMike Frampton
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
Native Apps vs. Web Apps – What Is the Better Choice?
Native Apps vs. Web Apps – What Is the Better Choice?Native Apps vs. Web Apps – What Is the Better Choice?
Native Apps vs. Web Apps – What Is the Better Choice?ChromeInfo Technologies
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud ComputingNephoScale
 
Appels de procédures distants (RPC)
Appels de procédures distants (RPC)Appels de procédures distants (RPC)
Appels de procédures distants (RPC)Heithem Abbes
 
Architecture des Systèmes Logiciels
Architecture des Systèmes LogicielsArchitecture des Systèmes Logiciels
Architecture des Systèmes LogicielsGhazouani Mahdi
 
The State of libfabric in Open MPI
The State of libfabric in Open MPIThe State of libfabric in Open MPI
The State of libfabric in Open MPIJeff Squyres
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsHungWei Chiu
 

What's hot (20)

Browser Serving Your We Application Security - ZendCon 2017
Browser Serving Your We Application Security - ZendCon 2017Browser Serving Your We Application Security - ZendCon 2017
Browser Serving Your We Application Security - ZendCon 2017
 
DPDK & Cloud Native
DPDK & Cloud NativeDPDK & Cloud Native
DPDK & Cloud Native
 
Chp3 - Architecture Logicielle des Applications Mobiles
Chp3 - Architecture Logicielle des Applications MobilesChp3 - Architecture Logicielle des Applications Mobiles
Chp3 - Architecture Logicielle des Applications Mobiles
 
Testando API REST - Parte 1
Testando API REST - Parte 1Testando API REST - Parte 1
Testando API REST - Parte 1
 
Lab3-DB_Neo4j
Lab3-DB_Neo4jLab3-DB_Neo4j
Lab3-DB_Neo4j
 
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka StreamsTraitement distribue en BIg Data - KAFKA Broker and Kafka Streams
Traitement distribue en BIg Data - KAFKA Broker and Kafka Streams
 
Chp5 - Applications Android
Chp5 - Applications AndroidChp5 - Applications Android
Chp5 - Applications Android
 
cours j2ee -présentation
cours j2ee -présentationcours j2ee -présentation
cours j2ee -présentation
 
Cours 4 intergiciels orientes messages jms
Cours 4 intergiciels orientes messages jmsCours 4 intergiciels orientes messages jms
Cours 4 intergiciels orientes messages jms
 
Apache Cordova
Apache CordovaApache Cordova
Apache Cordova
 
How to Build an Effective API Security Strategy
How to Build an Effective API Security StrategyHow to Build an Effective API Security Strategy
How to Build an Effective API Security Strategy
 
WEB SERVICE SOAP, JAVA, XML, JAXWS
WEB SERVICE SOAP, JAVA, XML, JAXWSWEB SERVICE SOAP, JAVA, XML, JAXWS
WEB SERVICE SOAP, JAVA, XML, JAXWS
 
An Introduction to Apache Hadoop Yarn
An Introduction to Apache Hadoop YarnAn Introduction to Apache Hadoop Yarn
An Introduction to Apache Hadoop Yarn
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUD
 
Native Apps vs. Web Apps – What Is the Better Choice?
Native Apps vs. Web Apps – What Is the Better Choice?Native Apps vs. Web Apps – What Is the Better Choice?
Native Apps vs. Web Apps – What Is the Better Choice?
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud Computing
 
Appels de procédures distants (RPC)
Appels de procédures distants (RPC)Appels de procédures distants (RPC)
Appels de procédures distants (RPC)
 
Architecture des Systèmes Logiciels
Architecture des Systèmes LogicielsArchitecture des Systèmes Logiciels
Architecture des Systèmes Logiciels
 
The State of libfabric in Open MPI
The State of libfabric in Open MPIThe State of libfabric in Open MPI
The State of libfabric in Open MPI
 
Control Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring UsControl Your Network ASICs, What Benefits switchdev Can Bring Us
Control Your Network ASICs, What Benefits switchdev Can Bring Us
 

Viewers also liked

Why APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesWhy APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesApigee | Google Cloud
 
Rest and the hypermedia constraint
Rest and the hypermedia constraintRest and the hypermedia constraint
Rest and the hypermedia constraintInviqa
 
The Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReSTThe Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReSTBruno Kessler Foundation
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Learn REST in 18 Slides
Learn REST in 18 SlidesLearn REST in 18 Slides
Learn REST in 18 SlidesSuraj Gupta
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developersPatrick Savalle
 

Viewers also liked (9)

Why APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesWhy APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast Slides
 
Rest and the hypermedia constraint
Rest and the hypermedia constraintRest and the hypermedia constraint
Rest and the hypermedia constraint
 
The Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReSTThe Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReST
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Introduction To REST
Introduction To RESTIntroduction To REST
Introduction To REST
 
Learn REST in 18 Slides
Learn REST in 18 SlidesLearn REST in 18 Slides
Learn REST in 18 Slides
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
 
REST Presentation
REST PresentationREST Presentation
REST Presentation
 

Similar to HATEOAS 101: An Introduction to Hypermedia as the Engine of Application State

Authentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresAuthentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresCorley S.r.l.
 
Web Apps and more
Web Apps and moreWeb Apps and more
Web Apps and moreYan Shi
 
Web app and more
Web app and moreWeb app and more
Web app and morefaming su
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!QAware GmbH
 
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008Association Paris-Web
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesBrad Hill
 
Connect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket PipelinesConnect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket PipelinesAtlassian
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersViktor Gamov
 
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docxCross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docxmydrynan
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
Evolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di PalmaEvolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di PalmaMongoDB
 
Programming For Google Wave
Programming For Google WaveProgramming For Google Wave
Programming For Google WaveRodrigo Borges
 
How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?Graham Charters
 
Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Matt Johansen
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Falljtmelton
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083Divyam Pateriya
 
GWT Web Socket and data serialization
GWT Web Socket and data serializationGWT Web Socket and data serialization
GWT Web Socket and data serializationGWTcon
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosPROIDEA
 

Similar to HATEOAS 101: An Introduction to Hypermedia as the Engine of Application State (20)

Authentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresAuthentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructures
 
Web Apps and more
Web Apps and moreWeb Apps and more
Web Apps and more
 
Web app and more
Web app and moreWeb app and more
Web app and more
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!
 
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
 
Connect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket PipelinesConnect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket Pipelines
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
 
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docxCross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Evolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di PalmaEvolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di Palma
 
Api
ApiApi
Api
 
Programming For Google Wave
Programming For Google WaveProgramming For Google Wave
Programming For Google Wave
 
How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?
 
Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Top 10 Web Hacks 2012
Top 10 Web Hacks 2012
 
Google Web Toolkit
Google Web ToolkitGoogle Web Toolkit
Google Web Toolkit
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Fall
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083
 
GWT Web Socket and data serialization
GWT Web Socket and data serializationGWT Web Socket and data serialization
GWT Web Socket and data serialization
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
 

More from Apigee | Google Cloud

Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Apigee | Google Cloud
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldApigee | Google Cloud
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Apigee | Google Cloud
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketApigee | Google Cloud
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsApigee | Google Cloud
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessApigee | Google Cloud
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorApigee | Google Cloud
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailApigee | Google Cloud
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranApigee | Google Cloud
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!Apigee | Google Cloud
 

More from Apigee | Google Cloud (20)

How Secure Are Your APIs?
How Secure Are Your APIs?How Secure Are Your APIs?
How Secure Are Your APIs?
 
Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)
 
Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
 
Ticketmaster at a glance
Ticketmaster at a glanceTicketmaster at a glance
Ticketmaster at a glance
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First World
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management Market
 
Walgreens at a glance
Walgreens at a glanceWalgreens at a glance
Walgreens at a glance
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices Deployments
 
Pitney Bowes at a glance
Pitney Bowes at a glancePitney Bowes at a glance
Pitney Bowes at a glance
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices Success
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet Kapoor
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg Brail
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant Jhingran
 
London Adapt or Die: Opening Keynot
London Adapt or Die: Opening KeynotLondon Adapt or Die: Opening Keynot
London Adapt or Die: Opening Keynot
 
London Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynoteLondon Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynote
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

HATEOAS 101: An Introduction to Hypermedia as the Engine of Application State

  • 1. HATEOAS 101 An Opinionated Introduction Brian Mulloy Apigee @landlessness @apigee
  • 4. New! IRC Channel #api-craft on freenode
  • 5. WARNING: The author may betray a bias against the application of REST constraints to web APIs.
  • 7.
  • 8. Hypermedia As The Engine Of Application State
  • 9. Let’s put HATEOAS in the full context of REST.
  • 10. The Constraints of REST 1. Client-server 2. Stateless server 3. Cache 4. Uniform interface a. Identification of resources b. Manipulation of resources through representations c. Self-descriptive messages d. Hypermedia as the engine of application state 5. Layered System 6. Code-On-Demand (optional)
  • 12. The first three constraints…
  • 13. 1. Client-server 2. Stateless server 3. Cache
  • 14. …give us the client-cache-stateless-server web architecture.
  • 15. client cache Each request must contain all information. No stored context on the stateless server. server Client has the right to reuse client response data. cache
  • 16. (we’ll come back to the 4th constraint)
  • 17. The 5th constraint, Layered System, lets us add features like a gateway, load balancer and firewall.
  • 18. Each layer Layers can encapsulate provides services legacy services & protect new services from legacy stateless to it’s neighbors. clients. server load stateless client firewall gateway balancer server Each layer cannot stateless "see" beyond it’s server immediate neighbor.
  • 19. The optional 6th constraint, Code-on-Demand, allows the client to request code from the server & execute it.
  • 20. Add features to a deployed client, which provides for improved extensibility and configurability client stateless server code Better user-perceived performance and efficiency
  • 21. Now lets tackle the 4 parts of the 4th constraint, Uniform Interface
  • 22. With help from the Twitter UI.
  • 23. a. Resource Identifier identifies the particular resource involved in an interaction between components.
  • 25. b. Resource Representation represents the state of a resource for transfer between components.
  • 26. <!DOCTYPE html> <html data-nav-highlight-class-name="highlight-global-nav-home"> <head> <title>Twitter</title> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta charset="utf-8" /> <meta name="description" content="Instantly connect to what&#39;s most important to you. Follow your friends, experts, favorite celebrities, and breaking news." /> <link rel="dns-prefetch" href="http://a0.twimg.com"/> <link rel="dns-prefetch" href="http://api.twitter.com"/> <script type="text/javascript" charset="utf-8"> document.domain = 'twitter.com'; // this will be copied to twttr.appStartTime once our JS has started up document.startTime = new Date().getTime(); var twttr = {}; twttr.versionName = 'phoenix'; twttr.isT1 = true; twttr.didPingKeynote = false; twttr.keynoteTTFTPing = function() { if (!twttr.didPingKeynote && window.location.href.indexOf('keynoteTest') > 0) { var image = document.createElement('img'); image.src = '/images/keynote.gif'; twttr.didPingKeynote = true; } } window.console||function(){var a=["log","debug","info","warn","error","assert","dir","dirxml","group","groupEnd","time","t imeEnd","count","trace","profile","profileEnd"];window.console={};for(var b=0;b<a.length;++b)window.console[a[b]]=function(){}}(); </script> …
  • 27. c. Self-descriptive messages contains all the information necessary to complete transformations.
  • 28. GET /#!/jack/status/20 HTTP/1.1 User-Agent: Chrome/18.0.1025.11 Host: twitter.com Accept: text/html
  • 29. d. Hypermedia as the engine of application state
  • 30.
  • 31. state state transition transition state transition transition state state
  • 32. The name „Representational State Transfer‟ is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through the application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. -Roy Fielding Architectural Styles and the Design of Network-based Software Architectures Chapter 6
  • 33. States are web pages.
  • 35. The key to implementing HATEOAS is pretty simple
  • 36. In each response message include the links for the next request message.
  • 37. REST Interface App Browser App UI Server User App Developer
  • 38.
  • 39. home connect discover search my profile direct messages google: lists jack‟s first favorite about tweet help retweet reply to keyboard @jack shortcuts turn off retweets settings report @jack for spam sign out add or remove block @jack tweet to @jack Follow @jack @jack new tweet from lists
  • 40. 1 transition in, 32 transitions out
  • 42. The three greatest inventions of all time are:
  • 44. Beer
  • 46. With a browser I can start at http://twitter.com
  • 47. And navigate my way through every state of the entire Twitter application.
  • 49. HATEOAS is not scary.
  • 50.
  • 51. HATEOAS is the key constraint that makes surfing the web with a browser possible.
  • 52. Let’s look at HATEOAS and APIs
  • 53. With help from the Twitter API.
  • 55. { "created_at": "Tue Mar 21 20:50:14 +0000 2006", "id": 20, "id_str": "20", "text": "just setting up my twttr", "source": "web", "truncated": false, "in_reply_to_status_id": null, "in_reply_to_status_id_str": null, "in_reply_to_user_id": null, "in_reply_to_user_id_str": null, "in_reply_to_screen_name": null, "user": { "id": 12, "id_str": "12", "name": "Jack Dorsey", "screen_name": "jack", "location": "San Francisco", "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.", "url": null, "protected": false, "followers_count": 1935426, "friends_count": 1148, "listed_count": 17312, "created_at": "Tue Mar 21 20:50:14 +0000 2006", "favourites_count": 988, "utc_offset": -28800, "time_zone": "Pacific Time (US & Canada)", "geo_enabled": true, "verified": true, "statuses_count": 10894, "lang": "en", "contributors_enabled": true, "is_translator": false, "profile_background_color": "EBEBEB", "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif", "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif", "profile_background_tile": false, "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_link_color": "990000", "profile_sidebar_border_color": "DFDFDF", "profile_sidebar_fill_color": "F3F3F3", "profile_text_color": "333333", "profile_use_background_image": true, "show_all_inline_media": true, "default_profile": false, "default_profile_image": false, "following": null, "follow_request_sent": null, "notifications": null }, "geo": null, "coordinates": null, "place": null, "contributors": null, "retweet_count": 5973, "favorited": false, "retweeted": false }
  • 56. Uh oh. There are zero hyperlinks.
  • 57. How many should there be to respect the HATEOAS constraint?
  • 59. { "created_at": "Tue Mar 21 20:50:14 +0000 2006", "id": 20, "id_str": "20", "text": "just setting up my twttr", "source": "web", "truncated": false, "in_reply_to_status_id": null, "in_reply_to_status_id_str": null, "in_reply_to_user_id": null, "in_reply_to_user_id_str": null, "in_reply_to_screen_name": null, "user": { "id": 12, "link": ”http://api.twitter.com/1/users/show.json?user_id=12", "id_str": "12", "name": "Jack Dorsey", "screen_name": "jack", "location": "San Francisco", "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.", "url": null, "protected": false, "followers_count": 1935426, "friends_count": 1148, "listed_count": 17312, "created_at": "Tue Mar 21 20:50:14 +0000 2006", "favourites_count": 988, "utc_offset": -28800, "time_zone": "Pacific Time (US & Canada)", "geo_enabled": true, "verified": true, "statuses_count": 10894, "lang": "en", "contributors_enabled": true, "is_translator": false, "profile_background_color": "EBEBEB", "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif", "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif", "profile_background_tile": false, "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_link_color": "990000", "profile_sidebar_border_color": "DFDFDF", "profile_sidebar_fill_color": "F3F3F3", "profile_text_color": "333333", "profile_use_background_image": true, "show_all_inline_media": true, "default_profile": false, "default_profile_image": false, "following": null, "follow_request_sent": null, "notifications": null }, "geo": null, "coordinates": null, "place": null, "contributors": null, "retweet_count": 5973, "favorited": false, "retweeted": false }
  • 61. Now are we HATEOAS compliant?
  • 62. If we add another link does it change the consuming application’s state machine?
  • 63. Is it ok for the developer to ignore included links?
  • 64. Can the developer add out-of-band links to her app?
  • 65. What happens when an app relies on multiple APIs? Where is the state machine?
  • 66. If the Twitter API had complied with HATEOAS
  • 68.
  • 70.
  • 71. Would he have been able to decide which user actions to include in his design?
  • 72.
  • 73. Or would those decisions have been driven by the links in the response from the Twitter API?
  • 74.
  • 75.
  • 76. Nearly all popular web UIs adhere to HATEOAS.
  • 77. Nearly all popular web APIs violate HATEOAS.
  • 78. Why?
  • 79. Let’s examine the two worlds.
  • 80. I guarantee hypermedia is engine of app I decide where state I craft the user to click, aka experience, aka change state. state diagram. REST Interface App Browser App UI Server User App Developer
  • 81. The person who crafts the experience (state diagram) and the app user have the REST interface between them.
  • 82. And the hypermedia links are given directly to the app user at runtime.
  • 83. So the hypermedia in each response message is genuinely the engine of application state.
  • 84. This pattern is not limited to user interfaces.
  • 85. We see the same pattern for syndication feeds.
  • 86. I guarantee hypermedia is engine of app state I craft stories, I decide where categories & related to click, aka media, aka state change state. diagram. REST Interface App Feed Reader Feed Content User App Server Publisher
  • 87. But the world of apps and web APIs seems different.
  • 88. Interface App App 1 Developer 1 App API Server App User App 2 Developer 2 App App 3 Developer 3
  • 89. Interface I craft the user experience, I get no aka state diagram. App HATEOAS App 1 I decide where Developer 1 respect. to click, aka change state. App API Server App User App 2 Developer 2 App App 3 Developer 3
  • 90. The person who crafts the experience (state machine) and the app user do not have the REST interface between them.
  • 91. And the hypermedia links are not given directly to the app user at runtime.
  • 92. Instead, the hypermedia are given to the developer at design time.
  • 93. And the developer decides which states are possible for the app user at runtime.
  • 94. We need a Yoda moment.
  • 95.
  • 96. “ You must unlearn what you have learned. -Yoda
  • 97. I used to call the world of popular, non-HATEOAS, non- SOAP web APIs, Pragmatic REST.
  • 98. Oops.
  • 99. How do we answer the questions many API teams are asking
  • 100. 1. Should we go down the HATEOAS path?
  • 101. As a practical matter, for many teams that previous question is the same as the next question.
  • 102. 2. Should we include links in our responses?
  • 103. But they have different answers.
  • 104. 1. For an API to be HATEOAS-compliant it requires a client app that is also HATEOAS-compliant.
  • 105. A user-interface app driven by web APIs would be akin to a feed reader for syndicated content.
  • 106. But designed to handle generic web APIs.
  • 107. I guarantee hypermedia is engine of app I decide where state I craft a system of to click, aka interrelated resources, change state. aka state diagram. REST Interface App RESTful API API API Server User Client App Developer ?
  • 108. Special thanks to @elasticpath for this metaphor.
  • 109. There are interesting non-UI applications as well.
  • 110. However, the style does not assume that all applications are browsers. In fact, the application details are hidden from the server by the generic connector interface, and thus a user agent could equally be an automated robot performing information retrieval for an indexing service, a personal agent looking for data that matches certain criteria, or a maintenance spider busy patrolling the information for broken references or modified content [39]. -Roy Fielding Architectural Styles and the Design of Network-based Software Architectures Chapter 5
  • 111. If you’re not going down the HATEOAS client path, should you include links anyway?
  • 112. 2. If you think including links in the API response will be helpful for developers at design time, then go for it.
  • 113.
  • 114. But I wouldn’t call it HATEOAS because those links are probably not the engine of application state for the app user at run time.
  • 115. If the engine of application state (and hence the API) is not being driven by hypertext, then it cannot be RESTful and cannot be a REST API. Period. Is there some broken manual somewhere that needs to be fixed? -Roy Fielding “REST APIs must be hypertext-driven” Untangled: Musings of Roy T. Fielding
  • 116.
  • 117. Here’s a call to action
  • 118. We know what REST with the HATEOAS constraint is and isn’t.
  • 119. We know what SOAP is and isn’t.
  • 120. But we don’t have an intellectual framework for the way so many popular apps and web APIs work today.
  • 121. We need a really smart person
  • 122. Who cares about web APIs
  • 123. To examine the constraints of REST
  • 124. The Constraints of REST 1. Client-server 2. Stateless server 3. Cache 4. Uniform interface a. Identification of resources b. Manipulation of resources through representations c. Self-descriptive messages d. Hypermedia as the engine of application state 5. Layered System 6. Code-On-Demand (optional)
  • 125. While keeping in mind how custom apps are built by people using web APIs
  • 126. Interface App App 1 Developer 1 App API Server App User App 2 Developer 2 App App 3 Developer 3
  • 127. To give us a new foundation
  • 128. The Constraints of ____ 1. ??? 2. ??? 3. ??? 4. ??? 5. ??? 6. ???
  • 129. So that we will have a better shared idea of what we’re really doing
  • 130. We will be able to communicate more effectively
  • 131. And we will be able to create more value for the planet and the people on it.
  • 132.
  • 133. But please choose a nice, pronounceable acronym.
  • 134.
  • 135. Further Exploring • http://steveklabnik.com/ • http://pinboard.in/u:earth2marsh/t:hateoas/ • http://www.ics.uci.edu/~fielding/pubs/dissert ation/top.htm • http://martinfowler.com/articles/richardsonM aturityModel.html • http://timelessrepo.com/haters-gonna- hateoas
  • 137. THANK YOU Subscribe to API webinars at: youtube.com/apigee
  • 139. THANK YOU Questions and ideas to: groups.google.com/group/api-craft
  • 140. THANK YOU Contact me at: @landlessness brian@apigee.com

Editor's Notes

  1. Creative Commons Attribution-Share Alike 3.0 United States License
  2. http://www.flickr.com/photos/kmakice/2478522449/
  3. http://www.flickr.com/photos/kmakice/2478522449/