4. use the HTTP
● URI: resource
● HTTP methods: actions
(GET/PUT/POST/DELETE)
● HTTP response: status codes (200, 400, ...)
● HTTP headers
○ Accept: application/json
5. HATEOAS
● Hypermedia as the Engine of Application
State
● all above + provide links to resources in the
body
6. Stateless
● server contains no client state
○ HTTP auth (over HTTPS)
○ signed cookies, tokens
○ (server side sessions)
● self-descriptive messages
● any session state is held on the client
8. Example
GET /users -> (200) retrieve user list
POST /users/ [data] -> (201) create & return
new user
PUT /users/12 [data] -> (200) modify (create if
not exists or 404) user 12
DELETE /users/12 -> (200) delete user 12