Date post: | 28-Mar-2015 |
Category: |
Documents |
Upload: | clark-burger |
View: | 216 times |
Download: | 0 times |
REST In Practice
GET
Introduction overview
Best practices
Agenda
Introduction
Roy T Fielding PhD dissertation 2000
Main characteristics Client-server Stateless Caching Layered architecture Code on demand URIs
REpresentational State Transfer
Levels of REST
Image c
ourt
esy
of
Mart
in F
ow
ler
Richardsonrsquos Maturity Model
Plain Old XML (over HTTP)
One URI one method
Level 0 Swamp of POX
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Introduction overview
Best practices
Agenda
Introduction
Roy T Fielding PhD dissertation 2000
Main characteristics Client-server Stateless Caching Layered architecture Code on demand URIs
REpresentational State Transfer
Levels of REST
Image c
ourt
esy
of
Mart
in F
ow
ler
Richardsonrsquos Maturity Model
Plain Old XML (over HTTP)
One URI one method
Level 0 Swamp of POX
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Introduction
Roy T Fielding PhD dissertation 2000
Main characteristics Client-server Stateless Caching Layered architecture Code on demand URIs
REpresentational State Transfer
Levels of REST
Image c
ourt
esy
of
Mart
in F
ow
ler
Richardsonrsquos Maturity Model
Plain Old XML (over HTTP)
One URI one method
Level 0 Swamp of POX
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Roy T Fielding PhD dissertation 2000
Main characteristics Client-server Stateless Caching Layered architecture Code on demand URIs
REpresentational State Transfer
Levels of REST
Image c
ourt
esy
of
Mart
in F
ow
ler
Richardsonrsquos Maturity Model
Plain Old XML (over HTTP)
One URI one method
Level 0 Swamp of POX
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Levels of REST
Image c
ourt
esy
of
Mart
in F
ow
ler
Richardsonrsquos Maturity Model
Plain Old XML (over HTTP)
One URI one method
Level 0 Swamp of POX
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Plain Old XML (over HTTP)
One URI one method
Level 0 Swamp of POX
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
POST appointmentService HTTP11
ltopenSlotRequest date=2010-01-04 doctor=mjonesgt
Level 0 POX request
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltopenSlotListgt ltslot start=1400 end=1450gt ltdoctor id=mjonesgt ltslotgt ltslot start=1600 end=1650gt ltdoctor id=mjonesgt ltslotgtltopenSlotListgt
Level 0 POX response
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
POST appointmentService HTTP11
ltappointmentRequestgt ltslot doctor=mjones start=1400
end=1450gt ltpatient id=jsmithgtltappointmentRequestgt
Level 0 POX request
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltappointmentgt ltslot doctor=mjones start=1400 end=1450gt ltpatient id=jsmithgtltappointmentgt
Level 0 POX response
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Many URIs one method
Level 1 Resources
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
POST doctorsmjones HTTP11
ltopenSlotRequest date=2010-01-04gt
Level 1 Resources request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 1 Resources response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 1 Resources request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 1 Resources response
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Many URIs many (HTTP) methods
This is what most call REST
Best practices follow
Level 2 Verbs
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
GET doctorsmjonesslotsdate=20100104ampstatus=open HTTP11
Level 2 Verbs request
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjones
start=1400 end=1450gt ltslot id=5678 doctor=mjones
start=1600 end=1650gtltopenSlotListgt
Level 2 Verbs response
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
POST slots1234 HTTP11
ltappointmentRequestgt ltpatient id=jsmithgtltappointmentRequestgt
Level 2 Verbs request
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltappointment id=2468gt ltslot id=1234 doctor=mjones
start=1400 end=1450rdquogt ltpatient id=jsmithgtltappointmentgt
Level 2 Verbs response
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HATEOAS amp self-descriptive messages
Problems peoplersquos awareness tools
Level 3 HyperMedia
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 200 OK
ltopenSlotListgt ltslot id=1234 doctor=mjonesrdquo start=1400 end=1450gt ltlink rel=linkrelsslotbook
uri=slots1234gt ltslotgt
hellipltopenSlotListgt
Level 3 Hypermedia response
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP11 201 CreatedLocation httpslots1234appointment
ltappointment id=rdquo0001rdquogt ltslot id=1234gt ltpatient id=jsmithgt ltslotgt ltlink rel=linkrelsappointmentcancel uri=appointment0001gt ltlink rel=self uri=appointment0001gtltappointmentgt
Level 3 Hypermedia response
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Best practices
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Resources vs actions
getTickets vs ticketsgetMusemTickets vs ticketstype=museum
Nouns vs verbs
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Resource GET POST PUT DELETE
tickets List tickets Create a new ticket
Bulk update Delete all tickets
tickets123 Get the details of one ticket
Error Update a given ticket
Delete a given ticket
Base URL structure
Plural + IDCRUD-style operationsConcrete not abstract names
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
httpapicompanycomcafev1
Major rev only
Numbers not nicknames dates etc
Versioning
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP status codes
Short description Pointer to more information
Error handling
201
200
400204
401
403
404
503
405
500200 400
500
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
HTTP Status Code 401
status 401 messageAuthentication failed code 12345 more infohttpdeveloperscompanycomdocserrors12345
Error handling
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Ways to differentiate
tickets123jsontickets123format=jsonAccept applicationjson
Bonus applicationcompanyv1+json
Format handling
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Paginationticketsoffset=50amplimit=25
Partial responseticketsfields=datelocation
Use defaults (documentation)
Pagination partial response defaults
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Session management ndash REST is stateless
Caching ndash itrsquos very much encouraged
What if nouns are not appropriate ndash use verbs
The rest of REST ndash 21
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Security ndash preferred is OAuth lot of BasicDigest over HTTPS in practice
Subdomains api developers for SDK
The rest of REST ndash 22
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Roy Fieldingrsquos dissertation
REST in Practice from OrsquoReilly
Apigee blog amp video tutorials
Articles forums
Literature
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Levels of REST
REST ne CRUD
Consistent view of best practices
Summary
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
Questions
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk
gaboritorokgmailcom
httpswwwlinkedincomingabortorok
Gaacutebor Toumlroumlk