Creating a RESTful API requires considering REST principles, API practices of major tech companies, and balancing purist and pragmatic approaches. The document provides guidance on designing URLs, HTTP verbs and status codes, authentication, versioning, and other concepts to create a usable and discoverable API. It emphasizes building APIs for application developers using standard patterns like OAuth2 and focusing on common use cases.
How to build Simple yet powerful API.pptxChanna Ly
How to build simple yet powerful API from novice to professional. API for beginners, API for gurus, Enterprise level API, REST API, JWT API, Deep dive.
CRUD APIs can be a very powerful tool. However, simply PUTing and POSTing entities can lead to anemic endpoints that lack business value. Go beyond the traditional CRUD API and provide more expressive and meaningful REST endpoints with an API crafted with a commanding paradigm.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
This presentation teach how to design a real-world and pragmatic web API. It draws from the experience Mario Cardinal have gained over the years being involved architecting many Web API. This presentation begins by differencing between a Web and a REST API, and then continue with the design process. We conclude with the core learnings of the session which is a review of the best practices when designing a web API. Armed with skills acquired, you can expect to see significant improvements in your ability to design a pragmatic web API.
Automating Cloud Operations - Everything you wanted to know about cURL and RE...Revelation Technologies
All cloud service providers support seamless cloud automation and management through a REST API architecture allowing for single tasks or complex multi-step orchestrations to be created. REST has become the de facto standard for these cloud interfaces because of its ease of us, communication over HTTP, and wide support of nearly all programming languages and operating systems.
Where do you start? How do you decipher the API documentation? Where do you authenticate? And how do you create cloud resources programmatically?
This presentation walks through the fundamentals of REST, how its invoked through cURL, as well as a live demonstration of the automated provisioning of Oracle Cloud services through cURL/REST.
APIs REST Usables con Hypermedia por Javier Ramirez, para codemotionjavier ramirez
Con la adopción de REST, la proliferación de smartphones y tablets y el revival del JavaScript, exponer nuestra aplicación como un servicio es más importante que nunca.
Frameworks como Rails hacen muy fácil la creación de un API (más o menos) REST, pero en muchas ocasiones estas APIs se diseñan sin pensar realmente en los desarrolladores que las va a usar.
En esta charla habo sobre algunos de los puntos que pueden hacer tu API REST más amigable para desarrolladores, cubriendo áreas como el autodescubrimiento, autenticación, cabeceras, formatos, versionado, parámetros, documentación y herramientas.
Aunque comparte tema (y algunas slides) con la charla de APIs usables que preparé para el grupo de Usuarios de Ruby en Londres, gran parte del material es inédito.
How to build Simple yet powerful API.pptxChanna Ly
How to build simple yet powerful API from novice to professional. API for beginners, API for gurus, Enterprise level API, REST API, JWT API, Deep dive.
CRUD APIs can be a very powerful tool. However, simply PUTing and POSTing entities can lead to anemic endpoints that lack business value. Go beyond the traditional CRUD API and provide more expressive and meaningful REST endpoints with an API crafted with a commanding paradigm.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
This presentation teach how to design a real-world and pragmatic web API. It draws from the experience Mario Cardinal have gained over the years being involved architecting many Web API. This presentation begins by differencing between a Web and a REST API, and then continue with the design process. We conclude with the core learnings of the session which is a review of the best practices when designing a web API. Armed with skills acquired, you can expect to see significant improvements in your ability to design a pragmatic web API.
Automating Cloud Operations - Everything you wanted to know about cURL and RE...Revelation Technologies
All cloud service providers support seamless cloud automation and management through a REST API architecture allowing for single tasks or complex multi-step orchestrations to be created. REST has become the de facto standard for these cloud interfaces because of its ease of us, communication over HTTP, and wide support of nearly all programming languages and operating systems.
Where do you start? How do you decipher the API documentation? Where do you authenticate? And how do you create cloud resources programmatically?
This presentation walks through the fundamentals of REST, how its invoked through cURL, as well as a live demonstration of the automated provisioning of Oracle Cloud services through cURL/REST.
APIs REST Usables con Hypermedia por Javier Ramirez, para codemotionjavier ramirez
Con la adopción de REST, la proliferación de smartphones y tablets y el revival del JavaScript, exponer nuestra aplicación como un servicio es más importante que nunca.
Frameworks como Rails hacen muy fácil la creación de un API (más o menos) REST, pero en muchas ocasiones estas APIs se diseñan sin pensar realmente en los desarrolladores que las va a usar.
En esta charla habo sobre algunos de los puntos que pueden hacer tu API REST más amigable para desarrolladores, cubriendo áreas como el autodescubrimiento, autenticación, cabeceras, formatos, versionado, parámetros, documentación y herramientas.
Aunque comparte tema (y algunas slides) con la charla de APIs usables que preparé para el grupo de Usuarios de Ruby en Londres, gran parte del material es inédito.
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...CA API Management
Web Based APIs have become a powerful tool for reaching end users in an increasingly fragmented market. The emergence of public and private APIs have introduced new challenges in identity management and access control. Attend this session to get a crash course in Web APIs, the risks they introduce and the emerging standards that can make them safer to use (including OAuth 2 and Open ID Connect)
How APIs Can Be Secured in Mobile EnvironmentsWSO2
To view recording of this webinar please use below URL:
http://wso2.com/library/webinars/2015/08/how-apis-can-be-secured-in-mobile-environments/
In this session, Shan, director of mobile architecture at WSO2 will discuss:
What makes mobile API authentication different from traditional API authentication
Best practices for implementing mobile API security
What WSO2 API Manager provides for mobile developers
These slides focus on documentation for REST APIs. See http://idratherbewriting.com for more detail. For the video recording, see http://youtu.be/0yfNd7tzH2Q. This deep dive is the second slide deck I used in the presentation.
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTRevelation Technologies
All cloud service providers support seamless cloud automation and management through a REST API architecture allowing for single tasks or complex multi-step orchestrations to be created. REST has become the de facto standard for these cloud interfaces because of its ease of us, communication over HTTP, and wide support of nearly all programming languages and operating systems.
Where do you start? How do you decipher the API documentation? Where do you authenticate? And how do you create cloud resources programmatically?
This presentation walks through the fundamentals of REST, how its invoked through cURL, as well as a live demonstration of the automated provisioning of Oracle Cloud services through cURL/REST.
Petr Dvořák: Mobilní webové služby pohledem iPhone developeraWebExpo
Jak nejlépe uchopit komunikaci mezi mobilním zařízením a síťovými službami, jak nastavit spolupráci, pokud server a klient vyvíjí různé, často vzdálené organizace, a proč vůbec psát webové služby, když máme mobilní internet...
Primary focus of this presentation is on the hypermedia as the engine of application state (HATEOAS) and how HTTP APIs may benefit from it. Provides sneak peek into HAL media type & gives an overview of hypermedia support in Java tools (JAX-RS / HalBuilder and Spring HATEOAS) along with practical suggestions for server-side design of hypermedia API. Also includes quick overview of Richardson Maturity Model based on a set of examples, current API trends.
Web services tutorial slides from my session at DPC 2012 in Amsterdam. In this 3-hour session we built the simplest possible service, and then extended it, looking at RPC, REST and SOAP along the way.
Le Comptoir OCTO - Qu'apporte l'analyse de cycle de vie d'un audit d'éco-conc...OCTO Technology
par Nicolas Bordier (Consultant numérique responsable @OCTO Technology) et Alaric Rougnon-Glasson (Sustainable Tech Consultant @OCTO Technology)
Sur un exemple très concret d’audit d’éco-conception de l’outil de bilan carbone C’Bilan développé par ICDC (Filiales de la Caisse des dépôts et consignations) nous allons expliquer en quoi l’ACV (analyse de cycle de vie) a été déterminante pour identifier les pistes d’actions pour réduire jusqu'à 82% de l’empreinte environnementale du service.
Le Comptoir OCTO - Se conformer à la CSRD : un levier d'action insoupçonnéOCTO Technology
Se conformer à la CSRD : un levier d'action insoupçonné
par Bintou Diarra (Manager EPM @OCTO Technology), Chloé Wibaux (Consulting & stratégie @Accenture) et Frédéric Lenci (Partner @OCTO Technology)
À partir de 2024, plus de 50 000 entreprises en Europe rendront compte de leurs impacts environnementaux et sociaux, ainsi que sur les mesures prises pour les améliorer. Pour répondre à cette obligation, elles devront se conformer à la Corporate Sustainability Reporting Directive (CSRD) en exploitant toutes leurs données, ce qui représente un défi majeur. Grâce à notre expertise dans le domaine de la donnée, pilotage opérationnel et solutions technologiques, nous sommes prêts à aider nos clients à relever ces défis liés au reporting CSRD. Lors de ce Comptoir, nous exposerons notre approche de gouvernance des données ESG, nos méthodes pour piloter les actions ainsi que les solutions pour générer le rapport et superviser les initiatives ESG de manière opérationnelle.
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...CA API Management
Web Based APIs have become a powerful tool for reaching end users in an increasingly fragmented market. The emergence of public and private APIs have introduced new challenges in identity management and access control. Attend this session to get a crash course in Web APIs, the risks they introduce and the emerging standards that can make them safer to use (including OAuth 2 and Open ID Connect)
How APIs Can Be Secured in Mobile EnvironmentsWSO2
To view recording of this webinar please use below URL:
http://wso2.com/library/webinars/2015/08/how-apis-can-be-secured-in-mobile-environments/
In this session, Shan, director of mobile architecture at WSO2 will discuss:
What makes mobile API authentication different from traditional API authentication
Best practices for implementing mobile API security
What WSO2 API Manager provides for mobile developers
These slides focus on documentation for REST APIs. See http://idratherbewriting.com for more detail. For the video recording, see http://youtu.be/0yfNd7tzH2Q. This deep dive is the second slide deck I used in the presentation.
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTRevelation Technologies
All cloud service providers support seamless cloud automation and management through a REST API architecture allowing for single tasks or complex multi-step orchestrations to be created. REST has become the de facto standard for these cloud interfaces because of its ease of us, communication over HTTP, and wide support of nearly all programming languages and operating systems.
Where do you start? How do you decipher the API documentation? Where do you authenticate? And how do you create cloud resources programmatically?
This presentation walks through the fundamentals of REST, how its invoked through cURL, as well as a live demonstration of the automated provisioning of Oracle Cloud services through cURL/REST.
Petr Dvořák: Mobilní webové služby pohledem iPhone developeraWebExpo
Jak nejlépe uchopit komunikaci mezi mobilním zařízením a síťovými službami, jak nastavit spolupráci, pokud server a klient vyvíjí různé, často vzdálené organizace, a proč vůbec psát webové služby, když máme mobilní internet...
Primary focus of this presentation is on the hypermedia as the engine of application state (HATEOAS) and how HTTP APIs may benefit from it. Provides sneak peek into HAL media type & gives an overview of hypermedia support in Java tools (JAX-RS / HalBuilder and Spring HATEOAS) along with practical suggestions for server-side design of hypermedia API. Also includes quick overview of Richardson Maturity Model based on a set of examples, current API trends.
Web services tutorial slides from my session at DPC 2012 in Amsterdam. In this 3-hour session we built the simplest possible service, and then extended it, looking at RPC, REST and SOAP along the way.
Le Comptoir OCTO - Qu'apporte l'analyse de cycle de vie d'un audit d'éco-conc...OCTO Technology
par Nicolas Bordier (Consultant numérique responsable @OCTO Technology) et Alaric Rougnon-Glasson (Sustainable Tech Consultant @OCTO Technology)
Sur un exemple très concret d’audit d’éco-conception de l’outil de bilan carbone C’Bilan développé par ICDC (Filiales de la Caisse des dépôts et consignations) nous allons expliquer en quoi l’ACV (analyse de cycle de vie) a été déterminante pour identifier les pistes d’actions pour réduire jusqu'à 82% de l’empreinte environnementale du service.
Le Comptoir OCTO - Se conformer à la CSRD : un levier d'action insoupçonnéOCTO Technology
Se conformer à la CSRD : un levier d'action insoupçonné
par Bintou Diarra (Manager EPM @OCTO Technology), Chloé Wibaux (Consulting & stratégie @Accenture) et Frédéric Lenci (Partner @OCTO Technology)
À partir de 2024, plus de 50 000 entreprises en Europe rendront compte de leurs impacts environnementaux et sociaux, ainsi que sur les mesures prises pour les améliorer. Pour répondre à cette obligation, elles devront se conformer à la Corporate Sustainability Reporting Directive (CSRD) en exploitant toutes leurs données, ce qui représente un défi majeur. Grâce à notre expertise dans le domaine de la donnée, pilotage opérationnel et solutions technologiques, nous sommes prêts à aider nos clients à relever ces défis liés au reporting CSRD. Lors de ce Comptoir, nous exposerons notre approche de gouvernance des données ESG, nos méthodes pour piloter les actions ainsi que les solutions pour générer le rapport et superviser les initiatives ESG de manière opérationnelle.
Le Comptoir OCTO - MLOps : Les patterns MLOps dans le cloudOCTO Technology
Comment choisir son architecture MLOps dans le cloud ?
par Baptiste Courbe (Senior Data Consultant & MLOps @OCTO Technology)
Choisir une architecture aura de grands impacts en termes de mise en œuvre, de maintenabilité, d'évolutivité, de passage à l’échelle, etc. À travers nos retours d’expérience sur les différents cloud providers, venez découvrir les différents niveaux de complexité de telles architectures et les critères de décision.
Que vous soyez débutant ou expert en MLOps, nous vous donnerons les clés pour faire les bons choix techniques.Vous repartirez avec une vue d’ensemble des bonnes pratiques et des pièges à éviter pour déployer vos applications de Machine Learning XGBoost ou LLM dans le cloud.
Vidéo Youtube : https://www.youtube.com/watch?v=j_5pI6iYRs4&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=57
Compte-rendu :
La Grosse Conf 2024 - Philippe Stepniewski -Atelier - Live coding d'une base ...OCTO Technology
Par Philippe Stepniewski - ML Engineer
Et si nous développions ensemble un moteur de recherche multimodal texte-image ? Imaginons un moteur qui, à partir d'une simple description textuelle d'un produit sur un site d'e-commerce, puisse trouver instantanément les images correspondantes, sans nécessiter la saisie préalable de textes descriptifs pour nos produits ! Les bases de données vectorielles seront au centre de cet atelier. Il serait tout à fait possible de prendre une solution clé en main, mais où serait le fun là-dedans ? Rien de tel que de mettre les mains dans le code pour comprendre le fonctionnement de tels concepts, alors implémentons en une nous-mêmes ! Pré-requis : Pour assister à cet atelier et comprendre ce qui sera affiché à l’écran, il est recommandé d’être à l’aise dans la lecture de code Python manipulant des données vectorielles (type Numpy). Même si nous effectuerons des rappels en début d’atelier, des rudiments en data science vous aideront à comprendre les concepts manipulés : CNN, embedding, distance/similarités entre vecteurs.
La Grosse Conf 2024 - Philippe Prados - Atelier - RAG : au-delà de la démonst...OCTO Technology
Par Philippe Prados - Pionnier de l'informatique
Un des usages les plus fréquents des Larges Languages Models (LLM) consiste à répondre à des questions à partir d’une base documentaire : le fameux Retrieval Augmented Generation (RAG). Les démonstrations font leur effet wahou ! Les douleurs arrivent lorsque la solution est vraiment utilisée : le modèle répond à côté, ignore des informations présentes dans les documents… Comment aller plus loin ? Comment rendre la solution plus robuste ? Plus fiable ? Pour répondre à ces questions, nous allons mettre les mains dans le code, dans l’architecture, pour appliquer les concepts classiques de l’informatique aux RAG. Pré-requis : Même si un rappel sera fait au début, pour assister à cet atelier et comprendre ce qui sera affiché à l’écran, il est recommandé d’être à l’aise dans la lecture de code Python et les principes de base des modèles de langage et des bases vectorielles.
Le Comptoir OCTO - Maîtriser le RAG : connecter les modèles d’IA génératives ...OCTO Technology
Maîtriser le RAG : connecter les modèles d’IA génératives aux données de l’entreprise
par Nicolas Cavallo (Head of Natural Language Processing @OCTO Technology)
Les chatbots intelligents qui répondent directement aux clients, des tâches accélérées et simplifiées pour les salariés via des services d’assistance helpdesk automatisés, etc. Après plusieurs mois de développement et d’implémentation de projets de génération augmentée de récupération (Retrieval Augmented Generation - RAG),faisons le bilan sur ce principal cas d’usage à base d’IA génératives.
Nous détaillerons le fonctionnement du RAG qui permet de connecter la puissance de l’IA générative au patrimoine informationnel des entreprises. Nous examinerons plus particulièrement les méthodologies pour les évaluer et les améliorer. Grâce à nos retours d’expérience, nous détaillerons des stratégies d’intégration dans un environnement souverain.
Vidéo Youtube : https://www.youtube.com/watch?v=9tmlseutQM8
Compte-rendu : https://blog.octo.com/maitriser-le-rag-retrieval-augmented-generation
OCTO Talks - Les IA s'invitent au chevet des développeursOCTO Technology
Les IA s'invitent au chevet des développeurs : rêve ou cauchemar ?
par Alain Faure (Architecte @OCTO Technology) et Alexandre Jeambrun (Programmeur, Crafter & Coach tech @OCTO Technology)
L’année 2023 marque le retour en force de l’intelligence artificielle avec la démocratisation des IA génératives qui ont le potentiel de perturber de nombreuses activités et en particulier le développement d'applications. La révolution de l’IA dans le développement de code n’a pas attendu le buzz de chatGPT. La société TabNine est créée en 2017 et dès 2018 Microsoft lance Intellicode, puis copilot en 2022. AWS se joint au mouvement avec CodeWhisperer. Tous ces outils sont opérationnels et leur base d'utilisateurs s'accroît jour après jour.
Effet de mode, évolution ou révolution, est ce que bientôt il y aura moins de développeurs ? Que savent vraiment faire ces IA ? Quels types de gains en attendre et comment les utiliser ? Comment les équipes accueillent elles ces outils ? Faut-il les former ? Quels risques y a-t-il à utiliser ces outils ? Bienvenue à un tour complet de l'IA dans le monde du développement
Lancement du livre Culture Test Vol.2
par Sylvie Ponthus (développeuse, chef de projet et coach agile @ OCTO Technology), Stéphane Bedeau (développeur et formateur @OCTO Technology) et Christophe Breheret-Girardin (Coach Craft, formateur et conférencier @OCTO Technology)
Et si tester, c’était mieux faire, faire plus rapidement ? À l'occasion de la sortie du premier volume de notre trilogie Culture Test, on vous donne rendez-vous le mardi 5 décembre dans les locaux d'OCTO Technology pour rencontrer les auteurs, confronter les points de vue, et vous dévoiler en exclusivité le prochain tome
Le Comptoir OCTO - Green AI, comment éviter que votre votre potion magique d’...OCTO Technology
Green AI, comment éviter que votre votre potion magique d’IA ne se transforme en poison ?
par Eric Biernat (Directeur Big Data Analytics @OCTO Technology) et Reynald Riviere (Manager Sénior Data Science @OCTO Technology)
Après l’électricité et l’Internet, nous sommes maintenant dans l’ère de l’IA avec des modèles qui optimisent l’usage de nos ressources … sans avoir conscience que ces modèles d’IA sont eux aussi énergivores. Venir découvrir comment l’écologie de l'IA est devenu notre quête avec le Green AI selon 3 angles de vue : le software, le hardware et le processus.
Vidéo Youtube : https://www.youtube.com/watch?v=7nWADBWA22c
Compte-rendu : https://blog.octo.com/comptoir-green-ai
OCTO Talks - State of the art Architecture dans les frontend webOCTO Technology
Vous avez dit architecture front 💅 ? Du CSS au CDN, personne ne sera épargné !
par Pierrette Bertrand (Head of Web Front Development @OCTO Technology), David Ostermann (Developpeur Front End @OCTO Technology) et Florian Leroy (Consultant Senior @OCTO Technology)
Qu’est-ce qu’une architecture front ? Selon que vous demandiez à un intégrateur, un développeur frontend, un développeur d’API ou tout simplement, à un architecte, la réponse sera bien différente. Car selon notre expérience, ce dernier, n’a en réalité qu’une partie de la réponse. Dans ce talk, nous regarderons ensemble les avantages et inconvénients de la multitude des choix possibles, à chaque étage, afin de donner une carte utile pour s’y retrouver. N’en déplaise aux développeurs front, le concept d’architecture front dépasse de loin le choix de leur framework préféré !
Cette Refcard est un condensé de bonnes pratiques qui s'adresse autant aux consommateurs qu'aux développeurs d'API GraphQL.
Elle aborde notamment la documentation, le versioning, le code first, le monitoring, la découvrabilité, la sécurité et le design de schéma.
Comment la culture d'entreprise peut faire la différence lors d'une fusion acquisition ?
par Lucie quach, Vanessa Govi et Frédéric Lenci
Comment la Culture s'est retrouvée parmi les sujets d'intégration clés lors d'une fusion ? Venez découvrir les coulisses de 6 mois de la co-construction entre ALD/Leaseplan pour définir la culture commune de l'entreprise de 15 700 personnes couvrant 60 pays et les supports que l'on a co-créés pour l'implémenter aussi bien au COMEX que sur le terrain.
Vidéo Youtube : https://www.youtube.com/watch?v=smnpq7Ey9pk
Compte-rendu : https://blog.octo.com/compte-rendu-du-comptoir-definition-de-la-culture-dentreprise-issue-dune-fusion
Le Comptoir OCTO - Comment optimiser les stocks en linéaire par la Data ? OCTO Technology
Par Antoine Moreau (Head of Data & AI @OCTO Technology), Pierre Sabrié (Directeur Prévision @Groupe Casino) et Nicolas Gery (Retail Strategy & Consulting Senior Manager @Accenture)
Comment sécuriser la disponibilité des produits en rayon, réduire la casse et les stocks, et gagner en efficacité en centrale et en magasins ?
Casino a réussi rapidement ce pari grâce à une solution algorithmique capable de traiter des données à la maille la plus fine (articles x magasins), de manière quotidienne en se basant sur les assets Cloud.
Rejoignez Pierre, Antoine et Nicolas qui vous partageront les réussites, les difficultés rencontrées et la démarche Casino.
Vidéo Youtube : https://www.youtube.com/watch?v=6oX4NvXZkTk&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=47
Compte-rendu : https://blog.octo.com/compte-rendu-le-comptoir-x-casino-comment-optimiser-les-stocks-en-lineaire-par-la-data/
Le Comptoir OCTO - Retour sur 5 ans de mise en oeuvre : Comment le RGPD a réi...OCTO Technology
Par Julie François (Consultante et formatrice RGPD @OCTO Technology)
Le RGPD a fêté ses 5 ans de mise en application et vous pensez toujours que votre équipe ne manipule pas “vraiment” de données personnelles ? Alors ce Comptoir OCTO est fait pour vous !
Chez OCTO, nous avons la conviction que le RGPD n'est pas qu'une affaire de juristes. Alors embarquez avec nous pour une sensibilisation rythmée et parlante. Au programme des retours d’expérience sur 5 années de mise en œuvre, qui vous feront découvrir le sujet de la protection des données autrement.
Vidéo Youtube : https://www.youtube.com/watch?v=uum3Qxisuu0&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=51
Compte-rendu : https://blog.octo.com/compte-rendu-du-comptoir-retour-sur-5-ans-de-mise-en-oeuvre-comment-le-rgpd-a-reinvente-la-protection-des-donnees-personnelles/
Le Comptoir OCTO - Affinez vos forecasts avec la planification distribuée et...OCTO Technology
par Wilde Diogene (Manager EPM @OCTO Technology), Samir Benyoucef (Consultant @OCTO Technology) et Elghali Guessous (Delivery Manager EPM @OCTO Technology)
Les approches traditionnelles de planification, basées sur un consensus entre différents départements (ventes, marketing, finance), peuvent être consommatrices de temps et aboutir à des prévisions inexactes. Découvrez comment exploiter l'IA et le Machine Learning pour créer une plateforme de prévision du chiffre d'affaires intelligente. En associant le planning distribué de Pigment (EPM) et la puissance prédictive de Dataiku (Auto ML), vous bénéficiez d'un gain de temps significatif dans votre planification, d'une prise de décision éclairée et d'une meilleure gestion de vos ressources (humaines, production, stocks...).
Surmontez les incertitudes et pilotez votre entreprise vers le succès avec confiance.
Vidéo Youtube : https://www.youtube.com/watch?v=tBwlWAksFik&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=48
Compte-rendu : https://blog.octo.com/affinez-vos-forecast-avec-le-planning-distribue-et-lautoml/
Le Comptoir OCTO - La formation au cœur de la stratégie d’éco-conceptionOCTO Technology
Par Brice Le Roux (GreenOps @OCTO Technology) et Frédéric Menetreux (Architecte d’entreprise @CA-GIP)
Vous souhaitez acquérir les leviers d’action pour mettre en œuvre la sobriété numérique et mesurer les impacts de votre infrastructure ? Rejoignez Brice et Frédéric qui vous partageront les réussites et améliorations de la formation réalisée au Crédit Agricole par OCTO Academy
Vidéo Youtube : https://www.youtube.com/watch?v=efrJT_ZJ5fk&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=50
Compte-rendu : https://blog.octo.com/les-comptoirs-octo-la-formation-au-coeur-de-la-strategie-deco-conception-de-linfra/
Le Comptoir OCTO - Une vision de plateforme sans leadership tech n’est qu’hal...OCTO Technology
Par Wassel Alazhar (Architecte @OCTO Technology), François-Xavier Bouffant (Engineering Manager @Wakam )et Etienne Debost (Head of Architecture @Wakam)
La littérature promeut les plateformes digitales comme un levier de croissance pour les entreprises et un vrai avantage stratégique dans l’économie numérique.
Force est de constater que les entreprises qui se lancent dans cette aventure échouent : elles n’arrivent pas à dépasser le Proof Of Concept ou bien s’enlisent dans la paralysis analysis après des millions d’euros dépensés.
Nous vous partageons un retour sur l'expérience Wakam. Nous avons réussi à amorcer une dynamique pour construire une plateforme (tunnel de distribution en marque blanche, APIs, web apps, blockchain...) qui permet d’innover, de fournir des capacités métiers sous forme de commodité et d’assurer une expérience hyper personnalisable aux partenaires, en moins de 6 mois
Vidéo Youtube : https://www.youtube.com/watch?v=tfioZZTfX1M&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=49
Compte-rendu : https://blog.octo.com/compte-rendu-du-comptoir-une-vision-de-plateforme-sans-leadership-tech-nest-quhallucination/
Le Comptoir OCTO - L'avenir de la gestion du bilan carbone : les solutions E...OCTO Technology
Par Wilde Diogene (Manager EPM @OCTO Technology), Samir Benyoucef (Consultant @OCTO Technology) et Matthieu Mlatac (Consultant sénior @OCTO Technology)
Plongez dans les bénéfices des solutions EPM pour améliorer la gestion du bilan carbone de votre entreprise. En simplifiant la collecte et l’analyse, ces solutions offrent une vision claire de votre empreinte environnementale et permettent d’identifier les opportunités de réductions de vos émissions. Les bénéfices pour votre entreprise incluent une meilleure efficacité opérationnelle, des coûts réduits, une réputation renforcée et une contribution significative aux efforts de lutte contre le changement climatique.
Vidéo Youtube : https://www.youtube.com/watch?v=ak--ftSio-I&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=46
Compte-rendu : https://blog.octo.com/lavenir-de-la-gestion-du-bilan-carbone-les-solutions-epm-au-service-de-la-performance-environnementale/
Le Comptoir OCTO - Continuous discovery et continuous delivery pour construir...OCTO Technology
Par Mehdi Houacine (Consultant Senior @OCTO Technology), Sofia Calcagno (Machine Learning Engineer @OCTO Technology) et Thomas Dobrzelewski (Lead Product Manager B2C @Wakam)
Wakam a comme ambition de réinventer le métier de l'assurance en y introduisant plus de transparence et de sécurisation via le blockchain. Or, ce type d'innovation structurante pose plusieurs questions : qui seront ses utilisateurs cibles ? Quel sera son impact sur le processus métier ? Nous vous présenterons ici une démarche liant expérimentation et déploiement via les outils du DDD permettant de faire pivoter un produit rapidement.
Vidéo Youtube : https://www.youtube.com/watch?v=Q3ElzHtV40s&list=PLBD8R108T9T4D3mcLiDpT67f9ERg1Hm2r&index=45
Compte-rendu : https://blog.octo.com/compte-rendu-du-comptoir-continuous-delivery-et-continuous-discovery-pour-construire-lassurance-de-demain/
L’état de l’art des tests front-end
Maîtriser et fiabiliser son code sont aujourd’hui devenus incontournables pour tout développeur devant faire face à des architectures Web de plus en plus riches et complexes.
Il existe des outils pour réaliser des tests front-end d’applications Web et répondre aux besoins d’un développement de qualité.
Nous vous invitons ici à parcourir l’écosystème de ces tests front-end d’applications Web. Que vous soyez déjà convaincus par les tests ou tout simplement curieux, ce document vous guidera pour les mettre en place sur vos projets.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
2. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
As soon as we start working on an API, design issues arise. A robust and
strong design is a key factor for API success. A poorly designed API will
indeed lead to misuse or – even worse – no use at all by its intended clients:
application developers.
Creating and providing a state of the art API requires taking into account:
RESTful API principles as described in the literature (Roy Fielding, Leonard Richardson,
Martin Fowler, HTTP specification…)
The API practices of the Web Giants
Nowadays, two opposing approaches are seen.
“Purists” insist upon following REST principles without compromise. “Pragmatics” prefer
a more practical approach, to provide their clients with a more usable API. The proper
solution often lies in between.
Designing a REST API raises questions and issues for which there is no universal answer.
REST best practices are still being debated and consolidated, which is what makes this
job fascinating.
To facilitate and accelerate the design and development of your APIs, we share our
vision and beliefs with you in this Reference Card. They come from our direct experience
on API projects.
RESTful API
Design.
3. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
Why an API
strategy ?
“Anytime,Anywhere,Any device” are the key problems of
digitalisation. API is the answer to “Business Agility” as it
allows to build rapidly new GUI for upcoming devices.
An API layer enables
Cross device
Cross channel
360° customer view
Open API allows
To outsource innovation
To create new business
models
Embrace WOA
“Web Oriented Architecture”
Build a fast, scalable secured
REST API
Based on: REST, HATEOAS,
Stateless decoupled µ-services,
Asynchronous patterns, OAuth2
and OpenID Connect protocols
Leverage the power of your
existing web infrastructure
DISCLAMER
This Reference Card doesn’t claim to be absolutely accurate. The design
concepts exposed result from our previous work in the REST area. Please
check out our blog http://blog.octo.com, and feel free to comment or
challenge this API cookbook. We are really looking forward to sharing with
you.
4. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
HTTP STATUS CODE DESCRIPTION
SUCCESS
200 OK
•
Basic success code. Works for the general cases.
•
Especially used on successful first GET requests or PUT/PATCH updated content.
201 Created •
Indicates that a resource was created. Typically responding to PUT and POST requests.
202 Accepted
•
Indicates that the request has been accepted for processing.
•
Typically responding to an asynchronous processing call (for a better UX and good performances).
204 No Content •
The request succeeded but there is nothing to show. Usually sent after a successful DELETE.
206 Partial Content •
The returned resource is incomplete. Typically used with paginated resources.
HTTP Status codes.
SERVER ERROR
400 Bad Request
General error for a request that cannot be processed.
CLIENT ERROR
GET /bookings?paid=true
→ 400 Bad Request
→ {error:invalid_request, error_description:There is no ‘paid’ property}
401 Unauthorized
I do not know you, tell me who you are and I will check your permissions.
GET /bookings/42
→ 401 Unauthorized
→ {error”:no_credentials, error_description:You must be authenticated}
403 Forbidden
Your rights are not sufficient to access this resource.
GET /bookings/42
→ 403 Forbidden
→ {error:protected_resource, error_description:You need sufficient rights}
404 Not Found
The resource you are requesting does not exist.
GET /hotels/999999
→ 404 Not Found
→ {error:not_found, error_description: The hotel ‘999999’ does not exist}
405 Method Not Allowed
Either the method is not supported or relevant on this resource or the user does not have the permission.
PUT /hotels/999999
→ 405 Method Not Allowed
→ {error:not_implemented, error_description:Hotel creation not implemented}
406 Not Acceptable
There is nothing to send that matches the Accept-* headers. For example, you requested a resource in XML
but it is only available in JSON.
GET /hotels
Accept-Language: cn
→ 406 Not Acceptable
→ {error: not_acceptable, error_description:Available languages: en, fr}
The request seems right, but a problem occurred on the server. The client cannot do anything about that.
GET /users
→ 500 Internal server error
→ {error:server_error, error_description:Oops! Something went wrong…}
ERROR 418
I’m a teapot
500 Internal Server Error
5. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
General concepts.
Anyone should be able to use your API without
having to refer to the documentation.
Use standard, concrete and shared terms,
not your specific business terms or acronyms.
Never allow application developers to do
things more than one way.
Design your API for your clients (Application
developers), not for your data.
Target main use cases first, deal with
exceptions later.
GET /orders, GET /users, GET /products, ...
KISS
OAuth2/OIDC HTTPS
You should use OAuth2 to manage Authorization.
OAuth2 matches 99% of requirements and client
typologies, don’t reinvent the wheel, you’ll fail.
You should use HTTPS for every API/OAuth2
request. You may use OpenID Connect to
handle Authentication.
SECURITY
CURL
You should use CURL to share examples,
which you can copy/paste easily.
GRANULARITY
Medium grained resources
You should use medium grained, not fine nor
coarse. Resources shouldn’t be nested more
than two levels deep:
GET /users/007
{ id”:007,
first_name”:James,
name:Bond,
address:{
street:”Horsen Ferry Road,
”city:{name:London}
}
}
API DOMAIN
NAMES
You may consider the following five
subdomains:
Production: https://api.fakecompany.com
Test: https://api.sandbox.fakecompany.com
Developer portal:
https://developers.fakecompany.com
Production: https://oauth2.fakecompany.com
Test: https://oauth2.sandbox.fakecompany.com
www.
CURL –X POST
-H Accept: application/json
-H Authorization: Bearer at-80003004-19a8-46a2-908e-33d4057128e7
-d ‘{state:running}’
https://api.fakecompany.com/v1/users/007/orders?client_id=API_KEY_003
6. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
URLs.
You should use nouns, not verbs (vs SOAP-RPC).
GET /orders not /getAllOrders
NOUNS
You should use plural nouns, not singular nouns,
to manage two different types of resources:
Collection resource: /users
Instance resource: /users/007
You should remain consistent.
GET /users/007 not GET /user/007
PLURALS
user(s)
You may choose between snake_case or
camelCase for attributes and parameters,
but you should remain consistent.
CONSISTENT
CASE
GET /orders?id_user=007
or GET /orders?idUser=007
POST/orders {id_user:007}
or POST/orders {idUser:007}
If you have to use more than one word in URL,
you should use spinal-case (some servers
ignore case).
POST /specific-orders
You should make versioning mandatory in the
URL at the highest scope (major versions).
You may support at most two versions at the
same time (Native apps need a longer cycle).
GET /v1/orders
VERSIONING
You should leverage the hierarchical nature
of the URL to imply structure (aggregation or
composition). Ex: an order contains products.
GET /orders/1234/products/1
HIERARCHICAL
STRUCTURE
/V1/ /V2/
/V3/ /V4/
POST is used to Create an instance of a collection.
The ID isn’t provided, and the new resource
location is returned in the “Location” Header.
POST /orders {state:running, «id_user:007}
201 Created
Location: https://api.fakecompany.com/orders/1234
But remember that, if the ID is specified by the
client, PUT is used to Create the resource.
PUT /orders/1234
201 Created
PUT is used for Updates to perform a full
replacement.
PUT /orders/1234 {state:paid, id_user:007}
200 Ok
PATCH is commonly used for partial Update.
PATCH /orders/1234 {state:paid}
200 Ok
Use HTTP verbs for CRUD operations (Create/Read/Update/Delete).
CRUD-LIKE OPERATIONS
HTTP VERB COLLECTION: /ORDERS INSTANCE : /ORDER/{ID}
GET
POST
PUT
PATCH
DELETE
Read a list of orders. 200 OK.
Create a new order. 201 Created.
-
-
-
Read the details of a single order. 200 OK.
-
Full Update: 200 OK./ Create a specific order:
201 Created.
Partial Update. 200 OK.
Delete order. 204 OK.
GET is used to Read a collection.
GET /orders
200 Ok
[{id:1234, state:paid}
{id:5678, state:running}]
GET is used to Read an instance.
GET /orders/1234
200 Ok
{id:1234, state:paid}
nouns
verbs
7. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
Query strings.
SEARCH
You should use /search keyword to perform a
search on a specific resource.
GET /restaurants/search?type=thai
You may use the “Google way” to perform a
global search on multiple resources.
GET /search?q=running+paid
SORT
PAGINATION
You may use a range query parameter. Pagination is mandatory: a default pagination has
to be defined, for example: range=0-25.
The response should contain the following headers: Link, Content-Range, Accept-Range.
Note that pagination may cause some unexpected behavior if many resources are added.
PARTIAL
RESPONSES
Youshouldusepartialresponsessodevelopers
can select which information they need, to
optimize bandwidth (crucial for mobile
development).
/orders?range=48-55
206 Partial Content
Content-Range: 48-55/971
Accept-Range: order 10
Link : https://api.fakecompany.com/v1/orders?range=0-7; rel=first,
https://api.fakecompany.com/v1/orders?range=40-47; rel=prev,
https://api.fakecompany.com/v1/orders?range=56-64; rel=next,
https://api.fakecompany.com/v1/orders?range=968-975; rel=last
GET /users/007?fields=firstname,name,address(street)
200 OK
{ id:007,
firstname:James,
name:Bond,
address:{street:Horsen Ferry Road}
}
FILTERS
You ought to use ‘?’ to filter resources
GET /orders?state=payedid_user=007
or(multipleURIsmayrefertothesameresource)
GET /users/007/orders?state=paied
Use ?sort =atribute1,atributeN to sort resources.
By default resources are sorted in ascending order.
Use ?desc=atribute1,atributeN to sort resources
in descending order
GET /restaurants?sort=rating,reviews,name;desc=rate,reviews
URL RESERVED
WORDS :
FIRST, LAST, COUNT
Use /first to get the 1st element
GET /orders/first
200 OK
{id:1234, state:paid}
Use /last to retrieve the latest resource of a
collection
GET /orders/last
200 OK
{id:5678, state:running}
Use /count to get the current size of a collection
GET /orders/count
200 OK
{2}
8. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
Other key concepts.
Content negotiation is managed only in a pure
RESTful way. The client asks for the required
content, in the Accept header, in order of
preference. Default format is JSON.
Accept: application/json, text/plain not /orders.json
CONTENT
NEGOTIATION
UseISO8601standardforDate/Time/Timestamp:
1978-05-10T06:06:06+00:00 or 1978-05-10
Add support for different Languages.
Accept-Language: fr-CA, fr-FR not ?language=fr
I18N
Use CORS standard to support REST API
requests from browsers (js SPA…).
But if you plan to support Internet Explorer 7/8
or 9, you shall consider specifics endpoints to
add JSONP support.
All requests will be sent with a GET method!
Content negotiation cannot be handled with
Accept header in JSONP.
Payload cannot be used to send data.
CROSS-ORIGIN
REQUESTS
POST /orders and /orders.jsonp?method=POSTcallback=foo
GET /orders and /orders.jsonp?callback=foo
GET /orders/1234 and /orders/1234.jsonp?callback=foo
PUT /orders/1234 and /orders/1234.jsonp?method=PUTcallback=foo
Warning: a web crawler could easily damage your application with a method parameter.
Make sure that an OAuth2 access_token is required, and an OAuth2 client_id as well.
Your API should provide Hypermedia links in order to be completely discoverable. But keep
in mind that a majority of users wont probably use those hyperlinks (for now), and will read
the API documentation and copy/paste call examples.
So, each call to the API should return in the Link header every possible state of the applica-
tion from the current state, plus self.
You may use RFC5988 Link notation to implement HATEOAS :
HATEOAS
GET /users/007
200 Ok
{ id:007, firstname:Mario,...}
Link : https://api.fakecompany.com/v1/users; rel=self; method:GET,
https://api.fakecompany.com/v1/addresses/42; rel=addresses; method:GET,
https://api.fakecompany.com/v1/orders/1234; rel=orders; method:GET
In a few use cases we have to consider operations
or services rather than resources.
You may use a POST request with a verb at the
end of the URI.
“NON RESOURCE”
SCENARIOS
POST /emails/42/send
POST /calculator/sum [1,2,3,5,8,13,21]
POST /convert?from=EURto=USDamount=42
However, you should consider using RESTful
resources first before going this way.
RESTFUL WAY
10. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
We believe that API
IS THE ENGINE OF
DIGITAL STRATEGY
WE KNOW that the Web infiltrates
AND transforms COMPANIES
WE WORK TOGETHER,
with passion, TO CONNECT
BUSINESS IT
We help you CREATE
OPPORTUNITIES AND EMBRACE
THE WEBInside Out.
11. octo.com
REST
F
U
L
AP
I
D
ES
I
G
N
OCTO Technology
“ Dans un monde complexe aux ressources finies, nous recherchons ensemble de meilleures
façons d'agir. Nous œuvrons à concevoir et à réaliser les produits numériques essentiels au
progrès de nos clients et à l'émergence d'écosystèmes vertueux”
– Manifeste OCTO Technology -
CABINET DE CONSEIL ET DE RÉALISATION IT
Paris
Toulouse
Hauts-de-France
IMPLANTATIONS
1OOO
OCTOS
OCTO EN TÊTE
DU PALMARÈS
3 CONFÉRENCES
FORMATION
La conférence tech par OCTO
3
6x