500 Internal Server ErrorPOST /domain.com/customer
Status CodesStatus Code
Description200 OK201 Created. New resource202 Accepted. Async Ops301 Moved Permanently. 302 Found. (Used for Redirect)304 Not Modified. Conditional GET400 Bad Request401 Unauthorized403 Forbidden404 Not Found405 Method Not allowed. Control Flow409 Conflict500 Internal Server Error501 Not Implemented503 Service unavailable….
Let’s talk Interfaces
GET /checkvist.com/checklists/440751
GET /checkvist.com/checklists/440751
Resource Representation
URL Extension
http://domain.com/customer/25.json
http://domain.com/news/article1.es
URL Query Parameters
http://domain.com/customer/25?format=json
Accept Headers
Content Negotiation
DemoSingle Entry. Single Representation
DemoManual Content Negotiation
DemoAuto Content Negotiation
Performance and Reliability
Making things reliable
Safe and Idempotent Verbs
Caching Built In
• Max-Age
• Expires
• Conditional GETs (ETags)
Demo of Caching
DemoE-Tags
Let’s talk Program State
HATEOAS
Hypermedia
Hypermedia
POST /domain.com/order
Media Types• XML and Microformats
• Existing Format:s ATOM
• Custom Formats:
Content-Type: application/vnd.company.doman+xml
• JSON:
• HAL
• JSON-DL
State Maintenance
• State is pushed to client
• Server cannot maintain state
• What about Cookies?
Added Benefit of Discoverability
• Known Entities - It’s all a resource
• Known Operations - Constraint on Verbs
• Known Representations - Same Resource
• Hypermedia Navigation - Know next steps
Let’s talk Versioning
Versioning
• URL Versioning
GET /domain.com/api/v1/customer
• Custom Header
X-Version: 2
• Accept Header
Accept: application/vnd.mytype.v2+json
Let’s talk Security
Options
• HTTP
• HTTPS
• Digest
• OAuth
• Federated Security
Let’s talk ReST
Richardson Maturity Model
Level 3:
Hypermedia
Level 2: HTTP Verbs
Level 1: Resources
Level 0:POX
Summary
• HTTP API == Application Interface
• You can have HTTP API and not be ReSTful
• ReSTFul systems over certain benefits when abiding by certain constraints