6.5 REST-based APIs Flashcards
Summarize characteristics of REST-based APIs (authentication types, CRUD, HTTP verbs, and data encoding). (33 cards)
Define:
API Key
A unique identifier used to authenticate API requests.
API keys are commonly used to control access to public or private resources, and they help in tracking API usage.
What is a RESTful API?
An interface using HTTP requests to perform CRUD operations.
REST stands for Representational State Transfer, emphasizing statelessness and a uniform interface.
Define:
“statelessness” in RESTful APIs.
Each request must contain all required information.
The server doesn’t store session data, making the system scalable and easy to manage.
What are the six attributes defined for REST APIs?
- Client/server architecture
- Stateless operation
- Clear statement of cacheable/uncacheable
- Uniform interface
- Layered
- Code-on-demand
Client/server architecture: Separation of client and server roles.
Stateless operation: Each request is independent and has all necessary information.
Clear statement of cacheable/uncacheable: Specifies which responses can be cached.
Uniform interface: Consistent interface for interaction across services.
Layered: Allows multiple layers of servers between client and server.
Code-on-demand: Server can provide executable code to the client.
True or False:
REST APIs are always stateless.
True
Statelessness means the server doesn’t retain client session information between requests.
Describe the concept of a resource in RESTful APIs.
It is any object or data accessed via a URI.
Resources can represent users, documents, or any entity that can be acted upon by HTTP methods.
List two required attributes of a REST-based API.
- Uses HTTP
- Client/server architecture
Uses HTTP: RESTful APIs rely on the HTTP protocol for communication.
Client/server architecture: RESTful APIs maintain a clear separation between client and server.
List the four primary HTTP methods used in REST APIs.
- GET
- POST
- PUT
- DELETE
GET: Retrieves data from the server without modifying any resource.
POST: Sends data to the server to create a new resource.
PUT: Updates an existing resource with new data.
DELETE: Removes a specified resource from the server.
Why are HTTP verbs important in REST APIs?
They define the action on resources.
HTTP verbs play a crucial role in REST APIs by standardizing how clients interact with resources.
How does the GET method work in REST APIs?
It retrieves data without modifying the resource.
GET is used to fetch data like user details or product information from the server.
What are the four fundamental operations that a REST API can perform?
- Create
- Read
- Update
- Delete
Create: Adds new resources to the server.
Read: Retrieves existing resources from the server.
Update: Modifies existing resources on the server.
Delete: Removes resources from the server.
True or False:
The DELETE method permanently removes a resource from the server.
True
DELETE is used to permanently delete the specified resource.
Which HTTP verb corresponds to the CRUD action ‘Read’?
GET
The GET method is used to retrieve data from the server without modifying any resource. It is the standard method for reading data in RESTful APIs.
True or False:
PUT and PATCH can be used interchangeably to update a resource.
False
PUT replaces the entire resource, while PATCH updates only the specified fields.
What type of architecture do REST APIs use?
Client/server
Clients handle user interactions, while servers manage data storage and processing.
Fill in the blank:
The HTTP verb used for updating an existing resource is ______.
PUT
PUT replaces an existing resource with a new version.
Describe how the PATCH method works in REST APIs.
It partially updates a resource.
PATCH is used to apply updates to specific fields, unlike PUT which replaces the entire resource.
Fill in the blank:
The HTTP verb for creating new data structures is ______.
POST
POST is used to create new resources on the server.
Describe the role of authentication in REST APIs.
It ensures only authorized access to resources.
Common methods include Basic Authentication, OAuth, and API keys for securing API endpoints.
Define:
Basic Authentication
in REST APIs
A method where the client sends base64-encoded credentials.
While easy to implement, it is considered insecure because the credentials can be easily decoded if intercepted. It’s often recommended to use it over HTTPS or opt for more secure authentication methods like OAuth.
How does OAuth work as an authentication method in REST APIs?
It uses tokens to grant access without exposing credentials.
OAuth allows secure and delegated access to resources without sharing passwords.
Why is data encoding important in REST APIs?
It ensures proper data transmission.
It maintains data integrity and supports content negotiation, allowing clients and servers to agree upon the data format (such as JSON or XML) for communication.
What is the most commonly used data format in REST APIs?
JSON
(JavaScript Object Notation)
JSON is lightweight, easy to read, and supported by most web technologies.
What type of data does a REST API typically return?
In text format, commonly as JSON.
REST APIs primarily return data in textual formats like JSON (JavaScript Object Notation) due to its lightweight nature and ease of use.
