Building Effective and Secure APIs

on

 Building Effective and Secure APIs

1. Use clear naming – Clear Picture of the API Workings.

2. Ensure Reliability through idempotent APIs – Remove Delicacy from the APIs

HTTP Method

IDEMPOTENCE

POST

NO

GET

YES

PUT

YES

PATCH

NO

DELETE

YES

 

3. Add Versioning – Easy to Upgrade the APIs.

          https://example.com/api/v1/carts/123

          https://example.com/api/v2/carts/123

4. Add Pagination – Amount of data returned by APIs.

5. Use clear query string for sorting and filtering data

          GET /users?sort_by=register

          GET /products?filter=color:blue

          GET /products?filter=size:10&sort_by=data_added&size=15inches

6. Don’t make security an afterthought when designing APIs -  Request tokens on each and every request

          Request Header { “ api-key ” : “1234564324564546-3242” }

7. Keep cross-resource reference simple – Direct paths make association clear for developers using you API

          https://example.com/api/v1/carts/123/items/321

8. Plan for Rate limiting – Overload Abuse

 

Comments

Post a Comment