What is a REST API?
An API, or application programming interface, is a set of rules that define how applications or devices can connect to and communicate with each other. A REST API is an API that conforms to the design principles of the REST, or representational state transfer architectural style. For this reason, REST APIs are sometimes referred to RESTful APIs
REST design principles
1.Uniform interface
2.Client-server decoupling
3.Statelessness
4.Cacheability
5.Layered system architecture
6.Code on demand (optional).
REST API best practices
- Flexibility is a big advantage of REST API design, that same flexibility makes it easy to design an API that’s broken or performs poorly.
- The OpenAPI Specification (OAS) establishes an interface for describing an API in a way that allows any developer or application to discover it and fully understand its parameters and capabilities – available endpoints, allowed operations on each endpoint, operation parameters, authentication methods, and other information.
- Securing a REST API also starts with industry best practices, such as using hashing algorithms for password security and HTTPS for secure data transmission.
- An authorization framework like OAuth 2.0 (link resides outside IBM) can help limit the privileges of third-party applications.
- Using a timestamp in the HTTP header, an API can also reject any request that arrives after a certain time period.
- Parameter validation and JSON Web Tokens are other ways to ensure that only authorized clients can access the API.