API/HTTP Flashcards
What is a URL?
subset of URI that includes explicit reference of how to access resource i.e (ftp vs http protocol).
What is a URI?
Way of identifying a resource
What is a URN?
Everything after the //
Consists of host with dedicated IP,then resource path and finally optional url query to transfer other info.
What are the useful HTTP methods?
GET- request resource from server
POST - submit resource to a server (like submitting a form)
PUT - Replace resource on server
PATCH - Update/modify resource on the server
DELETE - delete resource from server
OPTIONS - Get options for the resource
TRACE- traceback loop
What are the HTTP response categories?
100: Info
200: success
300: Redirection
400: Client Error
500: Server Error
What is REST vs SOAP?
Rest: Is an architecture that allows use of JSON or XML, lightweight for mobile applications.
SOAP: Relies on SOAP protocol and only can use XML for transfer, heavyweight for enterprise applications.
What are the 6 constraints of REST?
Client-server architecture: Client manages UI, server manages data storage
Statelessness: No client information is stored on server between requests, client responsible for maintaining states
Cacheability: All REST responses must explicitly be marked as cacheable or not cacheable.
Layered System: Client shouldn’t know/care if connected to server or middleman like CDN.
Code on Demand: Servers can transfer executable and compiled code to clients.
Uniform Interface:
1. Resource identification in requests - URI request must specify where the resource is and what format the response should use.
2. Resource manipulation through representation - client can modify resource on the server once given a copy.
3. Self-descriptive messages: Data type must be specified from server and client.
4. Hypermedia as engine of application state: REST usage is described with every returned resource (via hyperlinks). Like choose your own adventure novel
What is an API?
Application Programming Interface, allows different softwares to communicate with each other.
What is the Bolt on strategy for developing APIs?
Add on API to existing system/code, makes easy to develop but bad decisions in existing infrastructure leak through to the API
What is the Greenfield Strategy for developing APIs?
API or mobile first mindset for new systems
Leverages new tech and architectures for best results but is also the most difficult.
What is the Facade strategy for API dev?
Mix of the previous strategies by replacing code piece by piece.
Ideal for legacy systems as the app is functional but leaves too many different mindsets in the system at the same time.
What are the API Relationships?
Independent: Can exist on its own
Dependent: Can only exist if another resource already exists
Associative: Can be dependent or independent but needs additional information
What is an API Key?
Method of authn/authz where the API provider issues a long string appended to the url or as a header in the request. It is simple to implement and language/framework agnostic.
Drawbacks :URLS aren’t secret, difficult to update/rotate if compromised.
What is OAuth?
OAuth 2.0 is an authorization framework. Uses access token to establish what actions are permitted. OpenID Connect is a special instance of OAuth2.0.
How does API versioning work?
Using the accept header: Establish the markup or notation, Establish the media type and Establish the version of the media type and resource.
Using the URL: API version is clear and explicit, nothing is lost with copy/paste.