Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
REST API Design, Part II
Search
Nate Abele
August 30, 2013
Programming
230
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
REST API Design, Part II
Given at PHP Undiscovered, SF.
Nate Abele
August 30, 2013
More Decks by Nate Abele
See All by Nate Abele
Running Kubernetes in the Browser. Yes, really. Not really. Kind of.
nateabele
1
79
Un-dux Your Front-End
nateabele
1
160
CloudFormation For Fun & Profit (But Mostly Sanity)
nateabele
0
91
Functional Reactive Systems
nateabele
1
190
ngPittsburgh - AngularUI Router Philosophy
nateabele
1
1.2k
The Future of Programming
nateabele
1
600
Past, Present, and Future: The Evolution of PHP Development
nateabele
1
650
The Future of Programming: PHP Argentina 2014
nateabele
1
130
Designing Hypermedia APIs
nateabele
4
720
Other Decks in Programming
See All in Programming
軽量Java基盤の設計 DIコンテナに頼らない、長期保守と1秒起動の実現 JJUG CCC 2026 Spring
macha64
0
570
LLM本来の能力を解き放つサンドボックス技術とAI民主化への適用
yukukotani
3
4.5k
技術的負債解消で開発者の未来を開く- AIの力でコード刷新
kmd2kmd
0
120
ランチタイムLT会3周年!ランチタイムLT会を3年間続けられたお話
y0hgi
1
100
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
nrslib
0
300
Lessons from Spec-Driven Development
simas
PRO
0
220
「AIで開発し、AIを届ける」をEvalでつなぐ 〜AIネイティブに始めるプロダクト開発の実践〜 / Connecting "Develop with AI, deliver AI" with Eval
rkaga
4
5.4k
The NotImplementedError Problem in Ruby
koic
1
930
Datadog LLM Observabilityで実現する 安全なLLM Usage 管理
3150
0
110
セキュリティの専門家じゃなくてもできる。「セキュリティ意識」をアップデートして サプライチェーン攻撃への耐性を高めよう。
tk3fftk
5
930
Oxcを導入して開発体験が向上した話
yug1224
4
340
AI駆動開発を妨げる技術的負債の解消アプローチ / ai-refactoring-approach
minodriven
13
6.7k
Featured
See All Featured
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
860
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
430
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.4k
Reality Check: Gamification 10 Years Later
codingconduct
0
2.2k
It's Worth the Effort
3n
188
29k
How to train your dragon (web standard)
notwaldorf
97
6.7k
Done Done
chrislema
186
16k
Testing 201, or: Great Expectations
jmmastey
46
8.2k
Faster Mobile Websites
deanohume
310
32k
Scaling GitHub
holman
464
140k
Into the Great Unknown - MozCon
thekraken
41
2.6k
Transcript
The Dream of the 90’s is Withering on the Vine
(in Portland)
How to Future-Proof & Increase The Level of Sanity in
the Design of Your APIs, by Respecting the Best Practices of HTTP Or...
This is Roy
Principles • Client-Server • Stateless • Cacheable • Uniform Interface
• Opaque Layering • Code-on-Demand
Objectives •Auth •Querying •Relationships •Pagination •Formats •Caching •Logging •API Versioning
Auth •Simple! •Basic vs. Digest (over SSL, obviously) •Upshot of
Basic: http://user:
[email protected]
/objects •Cookies? •Custom Tokens?
Querying •There are approaches to making this discoverable •They are
ridiculously ivory-tower •Better: ?q=<whatever>
Relationships •Goal: Introspect API domain model and transform object relationships
to URLs
Relationships GET /tasks HTTP/1.1 [{ title: "Finish client demo", completed:
false, _links: { self: { href: "http://my.app/tasks/1138" }, owner: { href: "http://my.app/users/nate" }, subtasks: { href: "http://my.app/tasks/1138/subtasks" } } }]
Pagination GET /tasks?page=5&order=due ?
Pagination HTTP Range! GET /videos/rickroll.mp4 Range: bytes=100-99999
Pagination HEAD /tasks HTTP/1.1 ... HTTP 200 OK Accept-Ranges: tasks
Pagination HEAD /posts HTTP/1.1 ... HTTP 200 OK Accept-Ranges: posts
Pagination GET /posts HTTP/1.1 Range: posts=1-20
Caching (Strategies) • Generated cache keys (ETag, If-None-Match) • For
writes: If-Match • Time-based (Last-Modified / If-Modified-Since)
Logging Custom Response Headers!
Logging X-Query-Log: SELECT * From users WHERE name = "nate"
X-Query-Log: SELECT * From tasks WHERE user_id = 13
Logging X-Query-Log: users.find({ name: "nate" })
DEMO