REST stands for REpresentational State Transfer. It is an architectural style for designing networked applications.
An API is an application programming interface. A Web API (or Web Service) conforming to the REST architectural style is a REST API or RESTful API. A RESTful API is an interface that allows two systems to exchange information securely over the internet using an HTTP request.
The 6 principles of REST which makes any web service, a RESTful API are -
RESTful Services are stateless to ensure reliability and scalability, which means that it does not store any information about the client’s state. Instead, the session on the server is identified by the session identifier which is used to process the client’s request sent by the client.
REST is an architectural style, while SOAP is a protocol. REST uses lightweight data formats like JSON, while SOAP uses XML exclusively. REST uses HTTP methods, while SOAP uses a request/response model.
The three main components of REST API are Uniform Resource Identifiers, HTTP Methods, and HTTP Headers. The URL specifies the path to the resource. An HTTP method tells the server what it needs to do with the resource. Headers are the metadata exchanged between the client and server.
HTTP methods are used to indicate the desired action for a resource. The common HTTP methods used in RESTful services are GET, POST, PUT, DELETE, PATCH, OPTIONS, and HEAD.
CRUD stands for Create, Read, Update, and Delete which represents the fundamental operations performed on resources in a REST API.
In REST, the primary data representation is called resource. A resource can be a singleton or a collection. For example, “customers” is a collection resource, and “customer” is a singleton resource in an e-commerce domain.
These resources are addressable by URLs and HTTP methods can perform operations on resources.
REST APIs use Uniform Resource Identifiers (URIs) to address resources. URI (Uniform Resource Identifier) is a string of characters that identifies a name or a resource on the Internet, while URL (Uniform Resource Locator) is a type of URI that specifies the network location of a resource and how to access it.
In other words, a URL is a type of URI that includes the protocol (HTTP, FTP, etc.), the domain name, and the path to the resource.
The main parts of the HTTP response are the HTTP version, response status code, Response Header, and Response body.
Some of the most common HTTP response status codes are 200 OK, 201 Created, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, etc.
REST services are scalable as it is stateless in that they do not store data on the server even though they are requested and do not require much communication.
The resources in REST APIs are represented with the help of XML (extensible markup language) and JSON (JavaScript Object Notation).
It is the process of storing the responses sent by the server so that it can be used whenever required to reduce the server load time is called caching.
Caching stores responses to reduce server load and improve performance. It can be implemented using HTTP cache headers like Cache-Control and ETag to indicate whether a response can be cached and for how long.
REST APIs can be kept secure with the help of safety measures such as Authentication and authorization mechanism, API Server Validation, and TSl/SSL Encryption, and sensitive information such as username, password, or tokens should not be visible in URIs.
Authentication can be handled using various methods, including API keys, OAuth2, JWT (JSON Web Tokens), and basic authentication. The selection of authentication methods depends on security requirements.
This is a simple authentication method that involves sending the client's username and password in the request header as base64-encoded values.
OAuth is a widely used authentication method that allows clients to access resources owned by a third-party API on behalf of the resource owner. It involves obtaining an access token from the API, which the client can then include in the request header to authenticate the request.
Options in REST APIs are an HTTP method that fetches all the various operations that are supported. It returns data describing what other methods and operations the server supports at the given URL.
Payload refers to the request data present in the request body of any HTTP request. Mostly it is used while using the POST method.
A client sends a message in the form of an HTTP Request and the server responds in the form of an HTTP Response called Messaging. In other words, the exchange of information or communication between the client and the server using HTTP messages.
Addressing in REST refers to the mechanism by which a resource or multiple resources are located lying on the server. URLs provide a unique and standardized way to locate and interact with resources in the system.
The URL format is:
<protocol>://<application_name>/ <resource_type>/ <resource_id>
AJAX stands for Asynchronous javascript and XML. AJAX supports asynchronous requests and thus does not require constant client-server interactions.
AJAX and REST are two different approaches to building web applications that involve client-server communication. As they are not alternatives, they are overlapping concepts. AJAX can be used to make RESTful web service calls, as it allows for asynchronous communication with the server, and can handle the HTTP methods used in RESTful web services.
AJAX is a web development method that enables data to be transmitted asynchronously between client and server without reloading the whole page again which improves user interaction with websites.
REST is a prototype for designing web services. It is built on HTTP and makes use of existing HTTP methods.
An Idempotent method means that if a single request is called multiple times, the response will always same no matter how many times it has been called.
To upload files, use multi-part form requests to specify destination and file information. Two files cannot have the same name in a given folder as file names are not case-sensitive.
You can make a file upload request like this using the curl command-line tool:
curl -X POST -H "Content-Type: multipart/form-data" -F "file=@/path/to/file.jpg"http://example.com/api/upload
This would send a POST request to the /api/upload endpoint with the contents of the file.jpg file included as a multipart/form-data part. The server could then process the request and handle the file upload.
Rate limits restrict the number of requests a user can make within any given timeframe. API rate limiting helps to protect the API from malicious bot attacks and DDoS attacks.
When any changes and new features are implemented in new versions of the API instead of continually altering just one version, then it is called versioning of REST APIs.
Versioning can be done in many ways like through URI path, headers, request parameters, or content negotiation. URI path is the most common technique of versioning. This strategy involves putting the version number in the path of the URI, and is often done with the prefix "v".
For example-
http://www.example.com/api/v1/products
http://api.example.com/v1/products
Webhooks are user-defined HTTP callbacks – they notify changes, so they are called “event-based APIs.” When that event occurs is seen by the webhook, it will then initiate and carry out its programming, performing any number of tasks that are assigned according to the specific event.
APIs and webhooks are both designed to send data between an application and a server. The way they communicate is also very similar. They’re using the same protocols to establish connections and send data.
The main difference between them is that webhooks do not need to request a response, while APIs demand requests to get a response. Webhooks are great for downloading or uploading data updates to or from an external system when a trigger is met. Meanwhile, an API is designed specifically to maintain communication. Webhooks can’t handle complicated data streams in the same way that APIs can like intense two-way encryption is very hard for webhooks.
JAX-RS stands for Java API for RESTful web services. It is a Java-based specification implemented for RESTful services and defined by JEE. It provides recommendations and annotations for developing RESTful web services to make the creation of RESTful APIs in Java easier.
The RESTful web services can be tested with the help of tools such as Swagger or Postman, which enable users to check query parameters, response headers, headers, etc.
HTTP headers provide metadata about the request/response like content type, authorization, caching directives, and more. They provide additional context to the message.
Pagination can be implemented by adding query parameters like (? page=2) to the API endpoint or response headers. The server then returns a subset of results per page.
JAXB is a Java Architecture used for XML binding in RESTful web API. XML documents can be mapped to Java objects and vice versa using JAXB, a Java technology. Although JAXB is not specifically REST, it can be used with RESTful web services to process XML data.
CORS is a browser security feature to control which domains can access your API. Proper CORS configuration is essential as it is enforced by browsers to prevent unauthorized access.
Content negotiation is the process of selecting the specific representation for a response based on the client’s request. Clients can specify their chosen representation format (like JSON, XML, or HTML) using the Accept header in the HTTP request. The server can then return the response in the requested format if it’s available.
Media types are identifiers used to indicate the format of a resource representation. Some common media types used in content negotiation using the HTTP request header Content-Type are application/JSON, application/xml, and text/html, etc.
HATEOAS stands for “Hypermedia as the Engine of Application State”. It’s a constraint of RESTful web services that suggests that the service should provide links to related resources along with the response data.
For example, the response returned by the server contains hypermedia links that can be navigated by the client.
This means that clients can determine the available actions they can take by following links in the response, rather than being hard-coded to a specific set of API endpoints. This makes the API more flexible and easier to change over time.
Copyright © 2023 - Proleed Academy | All Rights Reserved.