SlideShare a Scribd company logo

Rest api standards and best practices

Download as PPSX, PDF
Ankita Mahajan
Ankita Mahajan

REST web service development guidelines and best practices. An introduction to guidelines and best practices for developing REST API or web services.

Technology
1 of 19
REST WEB SERVICE DEVELOPMENT GUIDELINES AND BEST PRACTICES PRESENTED BY: ANKITA MAHAJAN
OBJECTIVE This presentation gives an overview of best practices and guidelines for creating a rest service or for developing a rest service framework, over HTTP. These conventions are also helpful for rest services consumers.
NAMING AND URI CONVENTIONS API VERSIONING AND CATALOG COLLECTION RESOURCE ERROR RESPONSE ENTITY REFERENCES INTRODUCTION A G E N D A RESPONSE STATUS CODES SINGULAR RESOURCE
INTRODUCTION REST Constraints Client-Server Stateless Cacheable Uniform Interface Layered System Code on Demand (optional) • REST: Representational State Transfer • REST CONSTRAINTS • BASIC TERMINOLOGY: • Resource • Collection • Instance/Singular • REST API or service • Resource Identifier • Root resource • Sub-resource
BEHAVIOR • Behavior: HTTP methods • GET • POST • PUT • DELETE • HEAD • PATCH • Behavior should be implemented based on CRUD, unless there’s a specific requirement otherwise. • Coarse-grained approach for data • Media type or Data format of response: Client should be able to parse response • application/json • application/xml
NAMING CONVENTIONS • SEMANTICALLY PRECISE • LOWER CAMEL CASE • SHOULD NOT CONTAIN:  UNDERSCORES  HYPHENS  NUMBERS • Date/Time: UTC should be used, following ISO:8601 date/time standard • Collection resource names should be PLURAL NOUNS (not verbs) • Ex) /service/api/v1/departments/12/shelves/34/products
RESOURCE URI • Collection resource: /[context/]version/resourceName • Ex: /store/api/1.2/employees • Singular resource: /[context/]version/resourceName/resourceId • Ex: /store/api/1.2/employees/2 • Child resource: rootResourceUri/childResourceName • Ex: /store/api/1.2/employees/2/feedbacks • Query Parameters: /resourceName?queryParam1=val1&queryParam2=val • Ex: /store/api/1.2/employees?department=20&experience=5
API VERSIONING • Clients should know desired version no. • Multiple API versions can exist simultaneously. • It should be possible to find out current/latest version GET /store/api HTTP/1.1 Host: grocers.com:7001 HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json { [ "v1": { "canonicalLink": "/store/api/v1" }, "v2": { "canonicalLink": "/store/api/v2" } ], "canonicalLink": "/school/api" }
RESOURCE INDEX/CATALOG • A list of all resources available in the API. • Must include all root resources. • Separate catalog for each version. Response: HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json { “employees": { "canonicalLink": "/store/api/v1/employees" }, “customers": { "canonicalLink": "/store/api/v1/customers" }, "capabilities": { “cashAccepted": true, “cardAccepted": true }, "canonicalLink": "/store/api/v1" } Request: GET /store/api/v1 HTTP/1.1 Host: grocers.com:7001
GET SINGULAR RESOURCE • Use GET HTTP method to fetch response, based on accept header. • Accept header: application/JSON or application/XML GET /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 Accept: application/json HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json { "id": "12", "name": “Nutella 300g", "price": “100", “category“: “spreads“, "canonicalLink": "/store/api/v1/products/12" } GET /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 Accept: application/xml HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <resource> <id>12</id> <name>Nutella 300g</name> <price>100</price> <category>spreads</category> <canonicalLink>/store/api/v1/products/12</can onicalLink> </resource>
CREATE SINGULAR RESOURCE • Use POST HTTP method targeting a collection resource URL. • Response MUST contain new resource’s URI in Location response header. • Response MAY contain the following in response body : • The newly created resource • A generic acknowledgement with entity id and/or URL of the new resource Response: HTTP/1.1 201 Created Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json Location: https://grocers.com:7001/store/api/v1/products/12 { “msg”: “Product created successfully”, "id": "12", "canonicalLink": "/store/api/v1/products/12" } Request: POST /store/api/v1/products HTTP/1.1 Host: grocers.com:7001 Content-Type: application/json { "name": “Nutella 300g", "price": “100", “category“: “spreads“ }
FULL UPDATE SINGULAR RESOURCE • Use PUT method targeting the singular resource, for “full” update • As per HTTP specification, the full resource representation should be provided in the PUT request body • Read-only fields like “id” and “canonicalLink” in request body should be ignored by API Response HTTP/1.1 204 No content Date: Thu, 26 May 2016 07:13:00 GMT OR HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT { “msg”: “Product updated”, “id”:12, "canonicalLink": "/store/api/v1/products/12" } Request PUT /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 Content-Type: application/json { "id": "12", "name": “Nutella 300g", "price": “200", “category“: “spreads“, "canonicalLink": "/store/api/v1/products/12" }
PARTIAL UPDATE SINGULAR RESOURCE • Use PATCH method along with a “patch document” • Service SHOULD allow client to update only required attributes of a resource • Patch-document specification: • XML Patch [RFC5261] • JSON Patch (draft-ietf-appsawg-json-patch) HTTP/1.1 204 No content Date: Thu, 26 May 2016 07:13:00 GMT OR HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT { “msg”: “Product price and category updated”, “id”:12, "canonicalLink": "/store/api/v1/products/12" } PATCH /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 { "price": "300", "category": "" } OR To avoid HTTP proxy issues with PATCH, use: POST /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 X-HTTP-Method-Override: PATCH
GET COLLECTION RESOURCE • API MUST return all default attributes of child resources along with their canonical links. • Based on performance or scalability requirements, paging and/or filtering MAY be supported to return a subset of child resources. HTTP/1.1 200 OK Date: Fri, 03 June 2016 07:32:00 GMT Content-Type: application/json { "items": [{ "id": "12", "name": “Nutella 300", "canonicalLink": “/store/api/v1/products/12" },{ "id": 35", "name": “Fruit Loops", "canonicalLink": “/store/api/v1/products/35" }], "canonicalLink": "/store/api/v1/products“ } GET /store/api/v1/products HTTP/1.1 Host: grocers.com:7001 Accept: application/json
COLLECTION RESOURCE PAGING • Paging is used to retrieve a subset of collection items based on two request query parameters: offset and limit • To get the next/previous page, query the next/previous link • hasMore specifies if there are subsequent elements to be retrieved HTTP/1.1 200 OK Date: Fri, 03 June 2016 07:32:00 GMT Content-Type: application/json { "items": [{ "id": “11", "name": “Taj Mahal tea", "canonicalLink": “/store/api/v1/products/11" },{ "id": 12", "name": “Nutella 300", "canonicalLink": “/store/api/v1/products/12" } ], "hasMore": true, "canonicalLink": "/store/api/v1/products", "selfLink": "/store/api/v1/products?offset=10&limit=2", "previousLink": "/store/api/v1/products?offset=8&limit=2", "nextLink": "/store/api/v1/products?offset=12&limit=2" } GET /store/api/v1/products?offset=10& limit=2 HTTP/1.1 Host: grocers.com:7001 Accept: application/json
RESPONSE STATUS CODES • Each HTTP response contains a status code which signifies the result of the HTTP request. The following should be supported: • 200: OK. Response for successful GET, PATCH, PUT, DELETE • 201: Created. Response for successful POST • 204: No Content. Request successfully executed & response doesn't have content • 400: Bad Request. Invalid parameters, parameter values or data format • 404: Resource not found. Invalid URL/resource • 500: Internal server error • The entire list of HTTP status codes can be found on httpStatuses.com
RESPONSE ERROR ENTITY • In case of a any error or validation failure a special response should be used. • An error entity should only have descriptive error details relevant for client. • Response should never have stack trace, internal code or file paths. HTTP/1.1 400 Bad Request Date: Mon, 10 Jun 2016 11:32:12 GMT Content-Type: application/json { "httpStatusCode": 400, "httpMessage": "Bad Request ", “errorTitle":”Invalid instance id” "errorCode": "errorcode:invalid:id", "errorDetail": “The requested product does not exist“, “moreInfo “: “http://www.grocers.com/errors/400/product" } GET /store/api/v1/products/6000 HTTP/1.1 Host: grocers.com:7001 Accept: application/json
REFERENCES • Architectural styles and the design of network-based software architectures, PhD Dissertation, Thomas Fielding, http://www.ics.uci.edu/~fielding/pubs/dissertation/fielding_dissertation .pdf
THANK YOU

Recommended

RESTful API - Best Practices
RESTful API - Best PracticesRESTful API - Best Practices
RESTful API - Best PracticesTricode (part of Dept)
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
What is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaWhat is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaEdureka!
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developersPatrick Savalle
 
REST API
REST APIREST API
REST APITofazzal Ahmed
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 
Rest API
Rest APIRest API
Rest APIRohana K Amarakoon
 

Recommended

RESTful API - Best Practices
RESTful API - Best PracticesRESTful API - Best Practices
RESTful API - Best PracticesTricode (part of Dept)
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
What is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaWhat is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaEdureka!
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developersPatrick Savalle
 
REST API
REST APIREST API
REST APITofazzal Ahmed
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 
Rest API
Rest APIRest API
Rest APIRohana K Amarakoon
 
REST API Design & Development
REST API Design & DevelopmentREST API Design & Development
REST API Design & DevelopmentAshok Pundit
 
API Design- Best Practices
API Design- Best PracticesAPI Design- Best Practices
API Design- Best PracticesPrakash Bhandari
 
An Introduction To REST API
An Introduction To REST APIAn Introduction To REST API
An Introduction To REST APIAniruddh Bhilvare
 
Introduction to Swagger
Introduction to SwaggerIntroduction to Swagger
Introduction to SwaggerKnoldus Inc.
 
Introducing Swagger
Introducing SwaggerIntroducing Swagger
Introducing SwaggerTony Tam
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Rest API
Rest APIRest API
Rest APIPhil Aylesworth
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesChristopher Bartling
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web APIBrad Genereaux
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API TestingBruno Pedro
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecAdam Paxton
 
Web API Basics
Web API BasicsWeb API Basics
Web API BasicsLearnNowOnline
 
introduction about REST API
introduction about REST APIintroduction about REST API
introduction about REST APIAmilaSilva13
 
ASP.NET Web API
ASP.NET Web APIASP.NET Web API
ASP.NET Web APIhabib_786
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
 
SOAP vs REST
SOAP vs RESTSOAP vs REST
SOAP vs RESTMário Almeida
 
API Security in a Microservice Architecture
API Security in a Microservice ArchitectureAPI Security in a Microservice Architecture
API Security in a Microservice ArchitectureMatt McLarty
 
API Test Automation
API Test Automation API Test Automation
API Test Automation SQALab
 
Soap vs rest
Soap vs restSoap vs rest
Soap vs restAntonio Severien
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.Andrey Oleynik
 
Building Your First App with MongoDB
Building Your First App with MongoDBBuilding Your First App with MongoDB
Building Your First App with MongoDBMongoDB
 
Integrate MongoDB & SQL data with a single REST API
Integrate MongoDB & SQL data with a single REST APIIntegrate MongoDB & SQL data with a single REST API
Integrate MongoDB & SQL data with a single REST APIEspresso Logic
 

More Related Content

What's hot

REST API Design & Development
REST API Design & DevelopmentREST API Design & Development
REST API Design & DevelopmentAshok Pundit
 
Introduction to Swagger
Introduction to SwaggerIntroduction to Swagger
Introduction to SwaggerKnoldus Inc.
 
Introducing Swagger
Introducing SwaggerIntroducing Swagger
Introducing SwaggerTony Tam
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web APIBrad Genereaux
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API TestingBruno Pedro
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecAdam Paxton
 
introduction about REST API
introduction about REST APIintroduction about REST API
introduction about REST APIAmilaSilva13
 
ASP.NET Web API
ASP.NET Web APIASP.NET Web API
ASP.NET Web APIhabib_786
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
 
API Security in a Microservice Architecture
API Security in a Microservice ArchitectureAPI Security in a Microservice Architecture
API Security in a Microservice ArchitectureMatt McLarty
 
API Test Automation
API Test Automation API Test Automation
API Test Automation SQALab
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.Andrey Oleynik
 

What's hot (20)

REST API Design & Development
REST API Design & DevelopmentREST API Design & Development
REST API Design & Development
 
API Design- Best Practices
API Design- Best PracticesAPI Design- Best Practices
API Design- Best Practices
 
An Introduction To REST API
An Introduction To REST APIAn Introduction To REST API
An Introduction To REST API
 
Introduction to Swagger
Introduction to SwaggerIntroduction to Swagger
Introduction to Swagger
 
Introducing Swagger
Introducing SwaggerIntroducing Swagger
Introducing Swagger
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Rest API
Rest APIRest API
Rest API
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web Services
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web API
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API Testing
 
Designing APIs with OpenAPI Spec
Designing APIs with OpenAPI SpecDesigning APIs with OpenAPI Spec
Designing APIs with OpenAPI Spec
 
Web API Basics
Web API BasicsWeb API Basics
Web API Basics
 
introduction about REST API
introduction about REST APIintroduction about REST API
introduction about REST API
 
ASP.NET Web API
ASP.NET Web APIASP.NET Web API
ASP.NET Web API
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
 
SOAP vs REST
SOAP vs RESTSOAP vs REST
SOAP vs REST
 
API Security in a Microservice Architecture
API Security in a Microservice ArchitectureAPI Security in a Microservice Architecture
API Security in a Microservice Architecture
 
API Test Automation
API Test Automation API Test Automation
API Test Automation
 
Soap vs rest
Soap vs restSoap vs rest
Soap vs rest
 
API Testing. Streamline your testing process.
API Testing. Streamline your testing process.API Testing. Streamline your testing process.
API Testing. Streamline your testing process.
 

Similar to Rest api standards and best practices

Building Your First App with MongoDB
Building Your First App with MongoDBBuilding Your First App with MongoDB
Building Your First App with MongoDBMongoDB
 
Integrate MongoDB & SQL data with a single REST API
Integrate MongoDB & SQL data with a single REST APIIntegrate MongoDB & SQL data with a single REST API
Integrate MongoDB & SQL data with a single REST APIEspresso Logic
 
API design principles for accelerated development
API design principles for accelerated developmentAPI design principles for accelerated development
API design principles for accelerated developmentJonathan LeBlanc
 
Build an API the right way
Build an API the right wayBuild an API the right way
Build an API the right waySoftware Guru
 
Building an Api the Right Way
Building an Api the Right WayBuilding an Api the Right Way
Building an Api the Right WayIcalia Labs
 
RefCard RESTful API Design
RefCard RESTful API DesignRefCard RESTful API Design
RefCard RESTful API DesignOCTO Technology
 
Lies you have been told about REST
Lies you have been told about RESTLies you have been told about REST
Lies you have been told about RESTdarrelmiller71
 
Nordic APIs - Automatic Testing of (RESTful) API Documentation
Nordic APIs - Automatic Testing of (RESTful) API DocumentationNordic APIs - Automatic Testing of (RESTful) API Documentation
Nordic APIs - Automatic Testing of (RESTful) API DocumentationRouven Weßling
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsCarol McDonald
 
Introduction to CloudStack API
Introduction to CloudStack APIIntroduction to CloudStack API
Introduction to CloudStack APIKrunal Jain
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsWSO2
 
REST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptxREST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptxJason452803
 
Apache Ambari BOF - APIs - Hadoop Summit 2013
Apache Ambari BOF - APIs - Hadoop Summit 2013Apache Ambari BOF - APIs - Hadoop Summit 2013
Apache Ambari BOF - APIs - Hadoop Summit 2013Hortonworks
 

Similar to Rest api standards and best practices (20)

Building Your First App with MongoDB
Building Your First App with MongoDBBuilding Your First App with MongoDB
Building Your First App with MongoDB
 
Integrate MongoDB & SQL data with a single REST API
Integrate MongoDB & SQL data with a single REST APIIntegrate MongoDB & SQL data with a single REST API
Integrate MongoDB & SQL data with a single REST API
 
API gateway setup
API gateway setupAPI gateway setup
API gateway setup
 
Web api
Web apiWeb api
Web api
 
API design principles for accelerated development
API design principles for accelerated developmentAPI design principles for accelerated development
API design principles for accelerated development
 
Build an API the right way
Build an API the right wayBuild an API the right way
Build an API the right way
 
Building an Api the Right Way
Building an Api the Right WayBuilding an Api the Right Way
Building an Api the Right Way
 
Doing REST Right
Doing REST RightDoing REST Right
Doing REST Right
 
RefCard RESTful API Design
RefCard RESTful API DesignRefCard RESTful API Design
RefCard RESTful API Design
 
Lies you have been told about REST
Lies you have been told about RESTLies you have been told about REST
Lies you have been told about REST
 
APITalkMeetupSharable
APITalkMeetupSharableAPITalkMeetupSharable
APITalkMeetupSharable
 
Nordic APIs - Automatic Testing of (RESTful) API Documentation
Nordic APIs - Automatic Testing of (RESTful) API DocumentationNordic APIs - Automatic Testing of (RESTful) API Documentation
Nordic APIs - Automatic Testing of (RESTful) API Documentation
 
Consumer-centric API Design
Consumer-centric API DesignConsumer-centric API Design
Consumer-centric API Design
 
REST APIs
REST APIsREST APIs
REST APIs
 
Rest
RestRest
Rest
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.js
 
Introduction to CloudStack API
Introduction to CloudStack APIIntroduction to CloudStack API
Introduction to CloudStack API
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile Environments
 
REST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptxREST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptx
 
Apache Ambari BOF - APIs - Hadoop Summit 2013
Apache Ambari BOF - APIs - Hadoop Summit 2013Apache Ambari BOF - APIs - Hadoop Summit 2013
Apache Ambari BOF - APIs - Hadoop Summit 2013
 

More from Ankita Mahajan

Understanding Goods & Services Tax (GST), India
Understanding Goods & Services Tax (GST), IndiaUnderstanding Goods & Services Tax (GST), India
Understanding Goods & Services Tax (GST), IndiaAnkita Mahajan
 
Introduction to Data Center Network Architecture
Introduction to Data Center Network ArchitectureIntroduction to Data Center Network Architecture
Introduction to Data Center Network ArchitectureAnkita Mahajan
 
Virtualization in 4-4 1-4 Data Center Network.
Virtualization in 4-4 1-4 Data Center Network.Virtualization in 4-4 1-4 Data Center Network.
Virtualization in 4-4 1-4 Data Center Network.Ankita Mahajan
 
FATTREE: A scalable Commodity Data Center Network Architecture
FATTREE: A scalable Commodity Data Center Network ArchitectureFATTREE: A scalable Commodity Data Center Network Architecture
FATTREE: A scalable Commodity Data Center Network ArchitectureAnkita Mahajan
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
 
VL2: A scalable and flexible Data Center Network
VL2: A scalable and flexible Data Center NetworkVL2: A scalable and flexible Data Center Network
VL2: A scalable and flexible Data Center NetworkAnkita Mahajan
 

More from Ankita Mahajan (8)

Eye training
Eye trainingEye training
Eye training
 
Understanding Goods & Services Tax (GST), India
Understanding Goods & Services Tax (GST), IndiaUnderstanding Goods & Services Tax (GST), India
Understanding Goods & Services Tax (GST), India
 
Introduction to Data Center Network Architecture
Introduction to Data Center Network ArchitectureIntroduction to Data Center Network Architecture
Introduction to Data Center Network Architecture
 
Virtualization in 4-4 1-4 Data Center Network.
Virtualization in 4-4 1-4 Data Center Network.Virtualization in 4-4 1-4 Data Center Network.
Virtualization in 4-4 1-4 Data Center Network.
 
FATTREE: A scalable Commodity Data Center Network Architecture
FATTREE: A scalable Commodity Data Center Network ArchitectureFATTREE: A scalable Commodity Data Center Network Architecture
FATTREE: A scalable Commodity Data Center Network Architecture
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined Networking
 
VL2: A scalable and flexible Data Center Network
VL2: A scalable and flexible Data Center NetworkVL2: A scalable and flexible Data Center Network
VL2: A scalable and flexible Data Center Network
 

Recently uploaded

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Recently uploaded (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Rest api standards and best practices

  • 1. REST WEB SERVICE DEVELOPMENT GUIDELINES AND BEST PRACTICES PRESENTED BY: ANKITA MAHAJAN
  • 2. OBJECTIVE This presentation gives an overview of best practices and guidelines for creating a rest service or for developing a rest service framework, over HTTP. These conventions are also helpful for rest services consumers.
  • 3. NAMING AND URI CONVENTIONS API VERSIONING AND CATALOG COLLECTION RESOURCE ERROR RESPONSE ENTITY REFERENCES INTRODUCTION A G E N D A RESPONSE STATUS CODES SINGULAR RESOURCE
  • 4. INTRODUCTION REST Constraints Client-Server Stateless Cacheable Uniform Interface Layered System Code on Demand (optional) • REST: Representational State Transfer • REST CONSTRAINTS • BASIC TERMINOLOGY: • Resource • Collection • Instance/Singular • REST API or service • Resource Identifier • Root resource • Sub-resource
  • 5. BEHAVIOR • Behavior: HTTP methods • GET • POST • PUT • DELETE • HEAD • PATCH • Behavior should be implemented based on CRUD, unless there’s a specific requirement otherwise. • Coarse-grained approach for data • Media type or Data format of response: Client should be able to parse response • application/json • application/xml
  • 6. NAMING CONVENTIONS • SEMANTICALLY PRECISE • LOWER CAMEL CASE • SHOULD NOT CONTAIN:  UNDERSCORES  HYPHENS  NUMBERS • Date/Time: UTC should be used, following ISO:8601 date/time standard • Collection resource names should be PLURAL NOUNS (not verbs) • Ex) /service/api/v1/departments/12/shelves/34/products
  • 7. RESOURCE URI • Collection resource: /[context/]version/resourceName • Ex: /store/api/1.2/employees • Singular resource: /[context/]version/resourceName/resourceId • Ex: /store/api/1.2/employees/2 • Child resource: rootResourceUri/childResourceName • Ex: /store/api/1.2/employees/2/feedbacks • Query Parameters: /resourceName?queryParam1=val1&queryParam2=val • Ex: /store/api/1.2/employees?department=20&experience=5
  • 8. API VERSIONING • Clients should know desired version no. • Multiple API versions can exist simultaneously. • It should be possible to find out current/latest version GET /store/api HTTP/1.1 Host: grocers.com:7001 HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json { [ "v1": { "canonicalLink": "/store/api/v1" }, "v2": { "canonicalLink": "/store/api/v2" } ], "canonicalLink": "/school/api" }
  • 9. RESOURCE INDEX/CATALOG • A list of all resources available in the API. • Must include all root resources. • Separate catalog for each version. Response: HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json { “employees": { "canonicalLink": "/store/api/v1/employees" }, “customers": { "canonicalLink": "/store/api/v1/customers" }, "capabilities": { “cashAccepted": true, “cardAccepted": true }, "canonicalLink": "/store/api/v1" } Request: GET /store/api/v1 HTTP/1.1 Host: grocers.com:7001
  • 10. GET SINGULAR RESOURCE • Use GET HTTP method to fetch response, based on accept header. • Accept header: application/JSON or application/XML GET /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 Accept: application/json HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json { "id": "12", "name": “Nutella 300g", "price": “100", “category“: “spreads“, "canonicalLink": "/store/api/v1/products/12" } GET /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 Accept: application/xml HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <resource> <id>12</id> <name>Nutella 300g</name> <price>100</price> <category>spreads</category> <canonicalLink>/store/api/v1/products/12</can onicalLink> </resource>
  • 11. CREATE SINGULAR RESOURCE • Use POST HTTP method targeting a collection resource URL. • Response MUST contain new resource’s URI in Location response header. • Response MAY contain the following in response body : • The newly created resource • A generic acknowledgement with entity id and/or URL of the new resource Response: HTTP/1.1 201 Created Date: Thu, 26 May 2016 07:13:00 GMT Content-Type: application/json Location: https://grocers.com:7001/store/api/v1/products/12 { “msg”: “Product created successfully”, "id": "12", "canonicalLink": "/store/api/v1/products/12" } Request: POST /store/api/v1/products HTTP/1.1 Host: grocers.com:7001 Content-Type: application/json { "name": “Nutella 300g", "price": “100", “category“: “spreads“ }
  • 12. FULL UPDATE SINGULAR RESOURCE • Use PUT method targeting the singular resource, for “full” update • As per HTTP specification, the full resource representation should be provided in the PUT request body • Read-only fields like “id” and “canonicalLink” in request body should be ignored by API Response HTTP/1.1 204 No content Date: Thu, 26 May 2016 07:13:00 GMT OR HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT { “msg”: “Product updated”, “id”:12, "canonicalLink": "/store/api/v1/products/12" } Request PUT /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 Content-Type: application/json { "id": "12", "name": “Nutella 300g", "price": “200", “category“: “spreads“, "canonicalLink": "/store/api/v1/products/12" }
  • 13. PARTIAL UPDATE SINGULAR RESOURCE • Use PATCH method along with a “patch document” • Service SHOULD allow client to update only required attributes of a resource • Patch-document specification: • XML Patch [RFC5261] • JSON Patch (draft-ietf-appsawg-json-patch) HTTP/1.1 204 No content Date: Thu, 26 May 2016 07:13:00 GMT OR HTTP/1.1 200 OK Date: Thu, 26 May 2016 07:13:00 GMT { “msg”: “Product price and category updated”, “id”:12, "canonicalLink": "/store/api/v1/products/12" } PATCH /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 { "price": "300", "category": "" } OR To avoid HTTP proxy issues with PATCH, use: POST /store/api/v1/products/12 HTTP/1.1 Host: grocers.com:7001 X-HTTP-Method-Override: PATCH
  • 14. GET COLLECTION RESOURCE • API MUST return all default attributes of child resources along with their canonical links. • Based on performance or scalability requirements, paging and/or filtering MAY be supported to return a subset of child resources. HTTP/1.1 200 OK Date: Fri, 03 June 2016 07:32:00 GMT Content-Type: application/json { "items": [{ "id": "12", "name": “Nutella 300", "canonicalLink": “/store/api/v1/products/12" },{ "id": 35", "name": “Fruit Loops", "canonicalLink": “/store/api/v1/products/35" }], "canonicalLink": "/store/api/v1/products“ } GET /store/api/v1/products HTTP/1.1 Host: grocers.com:7001 Accept: application/json
  • 15. COLLECTION RESOURCE PAGING • Paging is used to retrieve a subset of collection items based on two request query parameters: offset and limit • To get the next/previous page, query the next/previous link • hasMore specifies if there are subsequent elements to be retrieved HTTP/1.1 200 OK Date: Fri, 03 June 2016 07:32:00 GMT Content-Type: application/json { "items": [{ "id": “11", "name": “Taj Mahal tea", "canonicalLink": “/store/api/v1/products/11" },{ "id": 12", "name": “Nutella 300", "canonicalLink": “/store/api/v1/products/12" } ], "hasMore": true, "canonicalLink": "/store/api/v1/products", "selfLink": "/store/api/v1/products?offset=10&limit=2", "previousLink": "/store/api/v1/products?offset=8&limit=2", "nextLink": "/store/api/v1/products?offset=12&limit=2" } GET /store/api/v1/products?offset=10& limit=2 HTTP/1.1 Host: grocers.com:7001 Accept: application/json
  • 16. RESPONSE STATUS CODES • Each HTTP response contains a status code which signifies the result of the HTTP request. The following should be supported: • 200: OK. Response for successful GET, PATCH, PUT, DELETE • 201: Created. Response for successful POST • 204: No Content. Request successfully executed & response doesn't have content • 400: Bad Request. Invalid parameters, parameter values or data format • 404: Resource not found. Invalid URL/resource • 500: Internal server error • The entire list of HTTP status codes can be found on httpStatuses.com
  • 17. RESPONSE ERROR ENTITY • In case of a any error or validation failure a special response should be used. • An error entity should only have descriptive error details relevant for client. • Response should never have stack trace, internal code or file paths. HTTP/1.1 400 Bad Request Date: Mon, 10 Jun 2016 11:32:12 GMT Content-Type: application/json { "httpStatusCode": 400, "httpMessage": "Bad Request ", “errorTitle":”Invalid instance id” "errorCode": "errorcode:invalid:id", "errorDetail": “The requested product does not exist“, “moreInfo “: “http://www.grocers.com/errors/400/product" } GET /store/api/v1/products/6000 HTTP/1.1 Host: grocers.com:7001 Accept: application/json
  • 18. REFERENCES • Architectural styles and the design of network-based software architectures, PhD Dissertation, Thomas Fielding, http://www.ics.uci.edu/~fielding/pubs/dissertation/fielding_dissertation .pdf

Editor's Notes

  1. Context is the application/api name Version is the api version, not resource version
  2. Service MAY return a response body