REST API Name-Not-Found

From Coder Merlin
Within these castle walls be forged Mavens of Computer Science ...
— Merlin, The Coder

Introduction to APIs[edit]

An API, or application programming interface, is a set of rules that define how applications or devices can connect to and communicate with each other. It is the connection between databases, servers, the internet, etc. REST is considered a modern API and, before REST, the world of APIs was messy and not user friendly. APIs were only designed to be flexible, not accessible. Precursors to REST included SOAP and COBRA, which were both terrible and were widely regarded as near-impossible to use.

API example.png

What REST API Is[edit]

REST API conforms to the design principles of the REST(representational state transfer) architectural style. These APIs are sometimes referred to as RESTful APIs. REST provides a relatively high level of flexibility and freedom for developers which is why it has emerged as a common method for connecting components and applications in a microservices architecture.

REST Design Principles[edit]

REST has 6 guiding constraints/principles: 1. User Interface and Data Storage issues are separate 2. Each request from the client to the server has all the necessary information to explain the request, with no context coming from the server itself. 3. All data within a response to a request is labeled as cacheable or non-cacheable, if the data is cacheable then the client is given the right to reuse the data for later. 4. The system architecture is simple and generalized 5. The system is layered, where each component cannot access data beyond the layer it is interacting with. 6. REST allows clients to download and execute code in the form of individual scripts, allowing clients to reduce the number of features.

REST History[edit]

REST API was created by a computer scientist named Roy Fielding in 2000. REST was created to usher in the modern architecture for the World Wide Web. REST was first used by large e-commerce websites such as Amazon and eBay.

REST example.png

How REST API Works[edit]

REST APIs communicate via HTTP requests to perform standard database functions like creating, reading, updating, and deleting records within a resource. For example, a REST API would use a GET request to retrieve a record, a POST request to create one, a PUT request to update a record, and a DELETE request to delete one. All HTTP methods can be used in API calls. A well-designed REST API is similar to a website running in a web browser with built-in HTTP functionality.

The state of a resource at any particular instant, or timestamp, is known as the resource representation. This information can be delivered to a client in virtually any format including JavaScript Object Notation (JSON), HTML, XLT, Python, PHP, or plain text. JSON is popular because it’s readable by both humans and machines—and it is programming language-agnostic.

Request headers and parameters are also important in REST API calls because they include important identifier information such as metadata, authorizations, uniform resource identifiers (URIs), caching, cookies and more. Request headers and response headers, along with conventional HTTP status codes, are used within well-designed REST APIs.

How to improve REST API[edit]

lthough flexibility is a big advantage of REST API design, that same flexibility makes it easy to design an API that’s broken or performs poorly. For this reason, professional developers share best practices in REST API specifications.

The OpenAPI Specification (OAS) establishes an interface for describing an API in a way that allows any developer or application to discover it and fully understand its parameters and capabilities - available endpoints, allowed operations on each endpoint, operation parameters, authentication methods, and other information. Securing a REST API also starts with industry best practices, such as using hashing algorithms for password security and HTTPS for secure data transmission. An authorization framework like OAuth 2.0 can help limit the privileges of third-party applications. Using a timestamp in the HTTP header, an API can also reject any request that arrives after a certain time period. Parameter validation and JSON Web Tokens are other ways to ensure that only authorized clients can access the API.

REST Example.png