Your database is in demand. Everyone needs access – core applications, customer utilities, mobile apps, business-to-business interfaces, reporting/dashboard tools – but you need to lock it down.
You can’t have any old waif or stray sticking their nose in and poking around.
So you need an API, a standard interface to the outside world and its many languages and protocols. I’m here to convince you that investing in a RESTful API will prove a smart choice in the long run. But you already know that because you use REST every day on the WWW.
The simplicity and power of HTTP
HTTP was designed to be the universal language of machines. If every piece of data has a unique location (its URL), then you can use HTTP to get, create, update or delete that piece of data. And if the machine in question doesn’t know about that data it can redirect you to another machine that might.
This simple but powerful concept has the potential to revolutionise the consumption of data by computers. This universal language could supplant the multitude of communication methods currently in use simplifying messaging APIs for everyone. So how have the machines harnessed this power? They left it for the humans to implement, who quickly forgot about the machines and used HTTP to search for funny videos and pictures of cute animals. Stupid humans.
What is a RESTful API?
RESTful is an architectural style more than a strict set of standards. A human-readable URL provides access to each resource via HTTP, and HTTP Methods indicate the action to perform on that resource. In this way loose coupling between the server and its clients takes place.
For example, consider a RESTful interface to a shipment tracking application.
For basic actions, the interface is simple and clean. From there you can get as complicated as you desire; REST is much more than CRUD.
For example, you want to allow users to cancel a shipment? Well, there is no HTTP Method called CANCEL, but you can open up some bespoke actions for your service. Why not allow users to POST a cancellation request object?
What if you want to give your customers access to the delivery documents that are held by one of your delivery partners? Allow users to send a GET request, which redirects to the delivery document stored on either your server or the delivery partners.
Tapping into HTTP
So the RESTful API is simple and extensible. It might even placate those whiny programmers who complain about bloated solutions and complexity and over-engineering. But what about the more complicated considerations, such as security, authentication, performance, scalability?
This is where HTTP comes into its own. As REST uses HTTP as its transport protocol you get some free goodies:
- Security: if you’re not already using https for your web layer then you probably should be
- Authentication: cookie based authentication is proven and trusted (well it’s good enough for your bank…)
- Performance: HTTP performs well for the billions of web pages requested each day, and as REST deals in objects, the message sizes are even smaller
- Scalability: HTTP cache controlling mechanisms are robust and widely implemented. Not to mention that REST is a statelessprotocol which helps scalability considerably.
But what about SOAP?
Indeed, SOAP is the big hitter in the enterprise API arena. It has strict standards, defines APIs using formal contracts, is transport protocol agnostic, allows for stateful operations and provides fault tolerance. Its major drawback is that it is a heavyweight solution; there will be an investment required for training your developers to understand the clunky XML schemas required, and even when they do development times will be big. SOAP is a complex beast, and while it has been put to good use in the Enterprise Service Bus model it will turn off most consumers from your APIs.
OK, so where do I start?
I cannot honestly claim that HTTP and REST are going to become the Universal machine language dreamt of by their inventors. But it is clear that no-one in their right mind is going to use SOAP for web development. REST, on the other hand, is perfect for this, as evidenced by the strong REST support available in modern JavaScript libraries, and the adoption of REST by internet giants such as Netflix and Amazon.
Introducing a RESTful API to your backend will give your web apps a boost by providing a clean interface, helping your web developers become more productive while making your applications friendly to other service providers you may wish to collaborate with in the future.
Posted by Paul on 27th October 2014.