Questions tagged [rest]
Representational state transfer, or REST, is an architectural style for networking software to transfer information through the web.
1,567
questions
203
votes
7
answers
127k
views
How do searches fit into a RESTful interface?
When designing a RESTful interface, the semantics of the request types are deemed vital to the design.
GET - List collection or retrieve element
PUT - Replace collection or element
POST - Create ...
194
votes
6
answers
268k
views
Difference between REST and CRUD
I learned REST and it feels a lot like CRUD (from what I have read about CRUD).
I know they are different, and I wonder if thinking they are similar means I don't understand them.
Is it that REST is ...
160
votes
9
answers
96k
views
Which HTTP verb should I use to trigger an action in a REST web service?
I am implementing a RESTful web service and one of the available actions will be reload. It will be used to reload configurations, cache, etc.
We started with a simple GET to an URI like this: ${path}...
127
votes
4
answers
69k
views
REST API security Stored token vs JWT vs OAuth
I am still trying to find the best security solution for protecting REST API, because the amount of mobile applications and API is increasing every day.
I have tried different ways of authentication,...
124
votes
8
answers
211k
views
RESTful API. Should I be returning the object that was created / updated?
I'm designing a RESTful web service using WebApi and was wondering what HTTP responses and response bodies to return when updating / creating objects.
For example I can use the POST method to send ...
116
votes
9
answers
82k
views
How to safeguard a REST API for only trusted mobile applications
How do I make sure my REST API only responds to requests generated by trusted clients, in my case my own mobile applications? I want to prevent unwanted requests coming from other sources. I don't ...
114
votes
3
answers
139k
views
Should cookies be used in a RESTful API?
I'm specifically interested in how users perform authorized / authenticated operations on a web API.
Are authentication cookies compatible with the REST philosophy, and why?
98
votes
8
answers
79k
views
RESTFul: state changing actions
I am planning to build a RESTfull API but there are some architectural questions that are creating some problems in my head. Adding backend business logic to clients is an option that I would like to ...
90
votes
6
answers
78k
views
HTTP Status Code for "Still Processing"
I'm building a RESTful API that supports queuing long-running tasks for eventual handling.
The typical workflow for this API would be:
User fills in form
Client posts data to API
API returns 202 ...
86
votes
7
answers
208k
views
Designing a REST api by URI vs query string
Let's say I have three resources that are related like so:
Grandparent (collection) -> Parent (collection) -> and Child (collection)
The above depicts the relationship among these resources ...
85
votes
3
answers
33k
views
What is REST (in simple English) [closed]
Lately I have become interested in familiarizing myself with REST. I tried reading wiki entry on REST, but it was of no help. I would really appreciate it if someone can explain in simple English (...
79
votes
3
answers
56k
views
Trailing slash in RESTful API
I have been having a debate about what to do with a trailing slash in a RESTful API.
Lets say I have a resource called dogs and subordinate resources for individual dogs. We can therefore do the ...
76
votes
6
answers
88k
views
Many small requests vs. few large requests (API Design)
I'm currently working on a project with an organization as follows:
Client - Gets data from the main server via REST api.
Server - Requests data from various other servers via third-party APIs
Third-...
73
votes
4
answers
29k
views
Why PATCH method is not idempotent?
I was wondering about this.
Suppose I have a user resource with id and name fields.
If I want to update a field I could just do a PATCH request to the resource like this
PATCH /users/42
{"name&...
73
votes
2
answers
59k
views
How should a REST API handle PUT requests to partially-modifiable resources?
Suppose a REST API, in response to a HTTP GET request, returns some additional data in a sub-object owner:
{
id: 'xyz',
... some other data ...
owner: {
name: 'Jo Bloggs',
role: '...