- Informational responses (100–199)
- Successful responses (200–299)
- Redirection messages (300–399)
- Client error responses (400–499)
- Server error responses (500–599)
The GET method requests a representation of the specified resource. Requests using GET should only retrieve data.
The HEAD method asks for a response identical to a GET request, but without the response body.
The POST method submits an entity to the specified resource, often causing a change in state or side effects on the server.
The PUT method replaces all current representations of the target resource with the request payload.
The DELETE method deletes the specified resource.
The CONNECT method establishes a tunnel to the server identified by the target resource.
The OPTIONS method describes the communication options for the target resource.
The TRACE method performs a message loop-back test along the path to the target resource.
The PATCH method applies partial modifications to a resource.
The QUERY(RFC) method provides a solution that spans the gap between the use of GET and POST. As with POST, the input to the query operation is passed along within the payload of the request rather than as part of the request URI. Unlike POST, however, the method is explicitly safe and idempotent, allowing functions like caching and automatic retries to operate.
- PUT is meant to be used when you want to edit whole resource
- PATCH is meant to be used when you edit only small part of the resource
- POST - to create resource
The Swamp of POX (Plain Old XML) means that you’re using HTTP. Technically, REST services can be provided over any application layer protocol as long as they conform to certain properties. In practice, basically, everyone uses HTTP.
Anyway - even Level 0, has some rules
- Hyphens (-) should be used to improve the readability of URIs - Also referred to as spinal-case
- Underscores (_) should not be used in URIs
- Lowercase letters should be preferred in URI paths
- File extensions should not be included in URIs
API design at Level 1 is all about using different URLs to interact with the different resources in your application.
Rules at this level:
- A trailing forward-slash (/) should not be included in URIs
- http://api.canvas.com/shape/ - BAD
- http://api.canvas.com/shape - GOOD
- Forward slash separator (/) must be used to indicate a hierarchical relationship
- Should the endpoint name be singular or plural?
See methods description above
General Header These header fields have general applicability for both request and response messages.
Client Request Header These header fields have applicability only for request messages.
Server Response Header These header fields have applicability only for response messages.
Entity Header These header fields define meta information about the entity-body or, if no BODY is present, about the resource identified by the request.
- Paging
- Filtering
- Sorting
- Searching
See codes above
This level is the one that everyone falls down on. There are two parts to this: content negotiation and HATEOAS. Content negotiation is focused on different representations of a particular resource, and HATEOAS is about the discoverability of actions on a resource
- In URI
/v1then/v2
- hard to maintain
- introducing version identifiers in the URI leads to a very large URI footprint.
- old codebase to maintain
- Negotiation by headers
Example:
Content-Type: application/vnd.myname.v1+jsonHave same issues as #1 - Enter new elements in API (like new fields), let clients know that old fields are deprecated, remove old fields after (whatever is you policy) period
- HATEOAS constraint. According to this, most of the URIs should be DISCOVERED by Clients, not hardcoded.