on HTTP, which is easy and ubiquitous • No drivers to install or configure • Your entire IT stack can be managed by REST APIs… • …do you want your enterprise data to be left out? Why would the database care about REST?
encrypted • HTTP, anyone on your network can see EVERYTHING you pass back and forth from your server Passwords! Pictures! EVERYTHING HTTPS always, HTTP never…mostly
– are you allowed to do what you’re asking? Authenticated User: JEFF Roles: admin, dev, user, test, god Requested Resource: ‘user’ role required Security
• Not recommended Cookie Based • One time user/password, session info returned in a cookie • Each request now includes this cookie in its request header • Cookies ‘expire’ after X seconds OAUTH2 • Waaay too complicated, we’ll cover this ‘next time’ Authentication
you are • They pass your identity and roles down to ORDS • ORDS makes sure your role matches up to what’s required to access a REST Service Authentication is handled by the Webserver
• Uniform Interface Exercising the API requires: • Location of our resource (URL) • Action to be performed (GET, PUT, …) REpresentational Stateless Transfer (REST)
– mobile, desktop, web… • HTTP(S) is ubiquitous, even avail in COBOL • Continuous Integration & Delivery • Automation (BASH + cURL) • OCI comes with REST APIs for all tenancy and DBCS operations
- GOOD • GET /ords/hr/delete_emp/ - BAD • DELETE /ords/hr/employees/97 – GOOD • Uniform operations on all resources: GET, POST, PUT, DELETE, OPTIONS, HEAD • Stateless requests, state transitions comm via hyper-links • Throwing HTTP onto your API <> REST
GET http://fridge/beers/beer 2. Server responds 200 http://fridge/beers/beer/meta 1. Client makes request POST http://fridge/beers/ {"id":1, "name":"Premium Ice Lite",…} 2. Server responds 201 Created http://fridge/beers/beer/1 Webserver
your Database license (MOS) • Single Instance, Container, or Pluggable deployments • On Premise or Oracle Cloud Infrastructure • Built by the Oracle Database Team FOR the Oracle Database All of this is available at no additional cost