REST API Best Principles

-
As we are using REST APIs more and more nowadays, I thought of listing some of REST APIs best principles or practices that developer should take care of while designing/developing REST APIs. Please feel free to provide your thoughts.




1.       URI -
a.       Name versus Verb - Concrete names should be used for Resource name instead of action verbs. e.g. if API is to get users, it should be GET /USERS and not getUsers
b.       Singular versus Plural - There is always debate on if singular noun should be used or plural for the resource name. I think answer is that it depends. e.g. if GET API might return the list then it should be plural. But if API is for single object e.g. Cart, then it could be singular. In general, plural will provide more flexibility to return single or multiple records.
c.       Spinal case versus camel case - Shall we use camel case(like Java) or spinal case(-)? I think it is individual preference. But some of the rest principles encourage using spinal case in the name e.g. URI to return current user could be current-user instead of CurrentUser. current-user name provides more readability than CurrentUser

2.       Versioning -
Versioning is very important in the API design as APIs are always going to change in future. So good design should consider versioning so that new feature/attributes could be added in the API in future without impacting consuming systems.

There are different ways of adding versioning -
a.       Versioning could be added in the URI like below.  Advantages of using versioning in URI is that it is crystal clear to the developers about the version they are using. I personally liked displaying version visually in the URL instead of putting it in header.
https://example.org/api/v1/*
b.       Adding versioning in content-type e.g. application/json+v1. Disadvantage of this is that only developer knows the version since version is not displayed in the URI.
c.       Using custom header - versioning could be added in the custom header too.

3.       Cacheable -
Caching is critical for the API as proper caching reduces load on the server and improving the performance of the API. Developers should know if API is cacheable or not. If it is cacheable, when they should renew the cache. This information could be passed through headers like Cache-Control and Expires header.

Cache-Control header could be used to declare if cache should be public or private (used with CDNs) or whether or not the data should not be cached (no-cache) or stored (no-store). We can have a max-age (in
seconds) for which that the data should be stored and a number that is designed to override the Expires header.

4.       Documentation -
APIs are of no use to anyone until documented. Detailed and upto date documentation is important for the APIs. There are many tools like Swagger or readme etc which provide platform for API documentation. There are other tools like MuleSoft API designer which allows developer to design the API specification and mock them up. It is worth spending time on API specification before developing it.

5.       Status codes -
HTTP provides lot of predefined status codes for different scenarios. So it is important to return correct status code. e.g. if a POST API is called and a resource is created, then API can return 201(Created) along with resource id instead of 200(OK).

It is important to return proper error code, messages in case of any error. It helps consumers of the API in investigating and resolving the issue.

6.       API Gateway - Last and one of the most important point is to protect your API. We should put gateway which will front face the APIs. Consuming system needs to call API Gateway url which will delegate request to actual APIs after checking for some policies. API Gateway could help in authentication/authorization, throttling and rate limiting etc. Our APIs will be secure since consuming system can not directly access the API and we can define rate limit policy in API Gateway. e.g. if API access is limited to 100 times a day for a consuming system and system tried to access it 101 time, API gateway will return error to the system.


Comments

  1. SachinVarshanOctober 23, 2018 at 9:53 PM

    This blog really very help full for all developers and students thank you for writing this blog and now Angularjs training development language more job opportunities available all development company's thank once.

    Angularjs training in chennai | Angularjs training in velachery

    ReplyDelete
  2. UnknownDecember 19, 2018 at 5:03 AM

    Marketing is an ever-changing domain. Digital Marketing has added a lot of value to it in recent times. Thanks for writing an article that highlights the importance of digital marketing.

    Digital Marketing Training In Chennai

    ReplyDelete
  3. Intelio systemsDecember 31, 2018 at 11:54 PM

    We provide search engine optimization services in Lahore. . SEO services is a way to rank your website in search engines and to get more leads for business growth.

    ReplyDelete
  4. poojaJanuary 21, 2019 at 4:11 AM

    First time I visited this blog. Really this is awesome blog. It is very pleasure to get it as I got huge helps right here.
    Low cost web designing company in hyderabad
    website designing companies in Hyderabad
    website designing companies in Hyderabad

    ReplyDelete
  5. General BlogJuly 6, 2021 at 3:23 AM

    Digital Marketers are also involved in Social Media Marketing in Pakistan as business minds have no idea what SMO is and what it does for their brand. Digital marketing in Pakistan experts come in and make sure that the traffic influx on the brand’s website is steady and constantly increasing.

    ReplyDelete

Post a Comment

Popular posts from this blog

Brief guide to ecommerce

-
Electronic Commerce (commonly known as Ecommerce) – In simpler form, ecommerce is a concept where buying and selling of product or service is conducted over electronic systems such as the Internet by the businesses and consumers. In other words, if a transaction is done over the internet then it is ecommerce. Now a days, we use ecommerce in one way or the other. It might be in form of buying ticket through irctc, buying/selling a product on a site, downloading a proprietary software or video after paying to vendor etc. are some of the examples of ecommerce form. Ecommerce was started around 1979 by Michael Aldrich (as per Wikipedia). Earlier we had only Brick and Mortar stores. Brick and mortar businesses are companies that have a physical presence and offer face-to-face customer experiences. E.g. Walmart, Best Buy etc. These companies have online as well as offline presence. Traditional Commerce versus Ecommerce Traditional commerce Ecommerce Information...
Read more

New age career opportunities in Information Technology after graduation

-
Image
IT boom is almost over now. Gone are the days when anyone knowing only technologies like Java, JSP, Servlet etc could have easily landed a job. Data is growing fast with companies like Facebook,LinkedIn,Twitter and competition between the companies is getting tough day by day. Today, companies focus on user experience and personalization and therefore, the need to harness this vast data is more important than ever. Now how this is translated to the newer career opportunities for graduates who have just graduated.   1. Big Data Data is growing at a rapid pace (doubling in every two years). Every year, we perform 1.2 trillion searches. Facebook users send on an average 30+ million messages every minute. Since data is growing at fast rate, it arises need to store and process the data. There are many technologies like Hadoop,Hive, MongoDB, Couchbase, Spark etc which allows user to store tons of data. This is one of the area which started growing in last couple of years and will a...
Read more

CQ - How to set replication automatically from Author instance to publisher instance

-
a)       Open tools console and double click on Replication à Agents on Author à Default Agent b)       It will open Default Agent in a new window as c)       Click on Edit button to open its configuration d)       Click on Transport tab and change the port number mentioned in URI tab to the port number of publisher. Once it is changed, click on OK to apply the changes. You can now edit any content in author environment and that should be automatically replicated on publisher environment. Note – There should be one replication agent for one publisher environment. It means if you want to replicate one author to two publisher instance, then two replication agent needs to be set on the tools console.
Read more