Posts Tagged: api

Home » api

(English) The Richardson Maturity Model for REST APIs

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.On his website about software design patterns Martin Fowler provides an in-depth explanation of the Richardson Maturity Model for HTTP-based REST APIs by Leonard Richardson. According to that model REST APIs come in 4 levels of sophistication: Level 0, aka the "Everything is a POST request" model for example propagated by SOAP. This is basically tantamount to remote procedure invocation. Level 1 - Resources: Every resource is accessed through its own canonical URL. Level 2 - HTTP ... Read more

(English) API Security Best Practices by Expedited Security

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.For everyone dealing with web-based APIs, both as a provider and a consumer, web app security service supplier Expedited Security (known for Expedited SSL, among other products) has compiled a vast, extensive compendium on API security best practices. The importance of secure APIs and best practices that help has make APIs more secure and dependable can't be emphasised enough. Covering each possible attack vector and adopting every best practice out there can seem like ... Read more

(English) Jess Frazelle: „For the Love of Pipes“

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.Somewhat recently, Jess Frazelle wrote about her love of UNIX pipes, a sentiment I wholeheartedly share, to the extent that I think web apps should behave more like Unix programs by making data readily available via APIs so other applications can easily process that data. This, in a nutshell, is the Unix philosophy as stated by Doug McIlroy: Make each program do one thing well. To do a new job, build afresh rather than complicate ... Read more

(English) HTTP and REST Standards, Protocols and Headers for More Secure and More Robust Applications

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.Standards.REST is a website that helps you create better, more robust HTTP- and REST-based applications by providing an overview of existing, proven standards that allow you to build on existing solutions rather than re-invent the wheel yourself. The list of standards mentioned includes OAuth 2.0, the HTTP Caching standard and Application-Level Profile Semantics (ALPS), which - among others - is used extensively in Spring Data REST and Spring HATEOAS. On a closely related note, ... Read more

(English) HTML is an API

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.HTML is an API or rather it could be if we used more in the way it was intended. In a comment on this Hacker News post about Toapi, a library that makes clever use of XPath expressions in order to provide an API from existing web pages, a user wrote Now I don't want to be a downer: but we collectively seem to have forgotten that HTML as a markup language with sufficient ... Read more

(English) More on JSON and REST API Specifications

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.Expanding on my previous posts about annotating and validating JSON data structure with JSON Schema defining and documenting REST APIs using Swagger I have two additional suggestions for tools that help you define and build HTTP-based APIs in a less haphazard, more deliberate manner: JSON API: While JSON Schema allows you to annotate and validate JSON-based data types JSON API gives you clear, opinionated guidelines for structuring JSON API responses so you don't have think about those ... Read more

(English) Swagger: A Roundtrip Tool For Creating And Consuming REST APIs

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.In this second part of my series on useful tools for developing CRUD applications I'd like to introduce Swagger and Swagger Codegen in particular. Introduce perhaps isn't exactly the right word because first of all Swagger is quite well known in developer circles these days. Secondly, a few months ago I wrote a blog post about how to use Swagger to generate client SDKs for REST APIs. Swagger - originally having originated at Wordnik ... Read more

(English) Using Netflix Zuul As a Reverse Proxy / API Gateway

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.Zuul, which like the service discovery tool Eureka and the fault tolerance library Hystrix is part of Netflix' cloud orchestration stack, is a reverse proxy / API gateway. A reverse proxy conceptually works like this: A reverse proxy allows you to route requests to a single domain to multiple backing services behind that proxy. This can be conducive in situations where you want to break up your application into several loosely-coupled components that externally, that ... Read more

(English) Using Swagger to Generate Client SDKs for REST APIs

Leider ist der Eintrag nur auf Britisches Englisch verfügbar.These days Swagger is a popular, easy-to-use tool for (semi-)automatically documenting REST APIs on-the-fly. For example, in order to document a REST API created with Spring Boot and Jersey literally all you have to do is add these two entries to your Maven pom.xml: You'll then get a ready-made documentation for all your REST API endpoints. An example of how this looks like can be seen here. While this already is very useful in that ... Read more
Nächste Seite »