Should HTTP Verbs Be Used Semantically?
If I’m making a web application which integrates with a server-side backend, would it be considered best practice to use HTTP methods semantically? That is, for example, if I’m fetching data (e.g., to populate a menu, etc.), I would use GET, but to update data (e.g., save a record), I would use POST. (I realise there are other methods that may be even more appropriate, but we need to consider browser support.)
What is the need for ‘discoverability’ in a REST API when the clients are not advanced enough to make use of it anyway?
The various talks I have watched and tutorials I scanned on REST seem to stress something called ‘discoverability’. To my limited understanding, the term seems to mean that a client should be able to go to http://URL – and automatically get a list of things it can do.
Using a random string to authenticate HMAC?
I am designing a simple webservice and want to use HMAC for authentication to the service.
Proper response for a REST insert – full new record, or just the record id value?
I’m building a REST API which allows inserts (POST, not idempotent) and updates (PUT, idempotent) requests to add/update database to our application.
Is it reasonable for REST resources to be singular and plural?
I have been wondering if, rather than a more traditional layout like this:
REST API rule about tunneling
Just read this in the REST API Rulebook: GET and POST must not be used to tunnel other request methods.
How should I handle a redirect to an identity provider during a web api data request
Scenario I have a single-page web app consisting purely of html, css, and javascript. After initial load and during use, it updates various views with data from one or more RESTful apis via ajax calls. The api calls return data in a json format. Each web api may be hosted on independent domains. Question During […]
REST API wrapper – class design for ‘lite’ object responses
I am writing a class library to serve as a managed .NET wrapper over a REST API. I’m very new to OOP, and this task is an ideal opportunity for me to learn some OOP concepts in a real-life situation that makes sense to me.
Standard -server to server- and -browser to server- authentication method
I have server with some resources; until now all these resources were requested through a browser by a human user, and the authentication was made with an username/password method, that generates a cookie with a token (to have the session open for some time).
Rest Design concerning user login
To be as restful as possible, is a user login better designed using a GET or a POST on a REST webservice? And why?