book

Learning API Styles

by Lukasz Dynowski, Marcin Dulak

July 2025

Intermediate to advanced

414 pages

10h 22m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Quizzes

Foreword
Preface
Why We Wrote This BookWho Should Read This BookWhat’s in This BookWhat’s Not in This BookWeather Forecast ServiceConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgmentsAcknowledgments from Lukasz DynowskiAcknowledgments from Marcin Dulak
1. API Concepts
What Is an API?Network-Based APIsConcepts of API CommunicationMessageTransmission ModesSynchronous and Asynchronous Communication TypesHistory of APIsWhy APIs?What Are API Styles?API as a ProductAPI LifecyclePlanningDesignImplementationTestingDeploymentMaintenanceRetirementAPI Governance, Management, and PlatformFuture of APIsSummary
2. API Design Patterns
Examples of API Design PatternsAPI LanguageAPI NamingEvolving APIsAPI VersioningEncodingFilteringCounting and SortingPaginationLong-Running TasksRequest DeduplicationRequest RetryRate LimitingCachingDeletionAPI SecurityOWASP Top 10 API SecurityExamples of API Security PatternsEncryption, Authentication, and AuthorizationSanitization and ValidationScraping MitigationAPI Design Best PracticesSummary
3. Network
Network ProtocolsSocket APITCP/IP and the OSI ModelImplementing TCP ECHO ServiceNetwork Lab SetupTCP ECHO ServiceTCP ECHO ServerTCP ECHO Client with NetcatTCP ECHO Client with ScapySecurityTCP ECHO Client with OpenSSLExercisesSummary
4. Web Protocols
What Is Hypertext?HTTP Lab SetupHTTP/0.9HTTP and HTML in ActionHTTP/1.0HTTP Message Headers and BodyHTTP in a BrowserHow DNS Affects Browser ConnectionsParallel TCP Connections in a BrowserLimitations of TCPTCP Head-of-Line BlockingTCP Slow Start and Congestion AvoidanceHTTP/1.1HTTP Connection PersistenceHTTP/2HTTP/2 Frames and StreamsHTTP/3QUIC 1-RTT Connection EstablishmentExercisesSummary
5. REST
HTTP, Resource, and URIClient-Server CommunicationOrigins of RESTAPI Maturity ModelsRESTful, RESTless, or RESTIs Being RESTless Good Enough?ImplementationAPI EndpointsAPI VersioningCRUDPaginationRate LimitingCachingSecurityJSON Web TokenTransport Layer SecurityDocumentationOpenAPI SpecificationThree Approaches to API SpecificationTrade-OffsWhen to Use RESTExercisesSummary
6. GraphQL
Problems with RESTThinking in GraphsOrigins of GraphQLGraphQL Versus RESTGraphQL ConstructsHow GraphQL WorksImplementationGraphiQLExecuting MutationsCRUDReadCreate, Update, DeleteSecurityAttacking GraphQLAuthenticationDocumentationTrade-OffsWhen to Use GraphQLExercisesSummary
7. Web Feeds
What Is a Web Feed?Why Web Feeds?Evolution of Web FeedsWhat Is Atom Feed?ImplementationReading FeedsSecurityTrade-OffsExercisesSummary
8. gRPC
Remote Procedure CallOrigins of gRPCProtobuf SerializationCode GenerationgRPC ECHO Server and ClientThe Four RPC TypesProtobuf Wire FormatImplementationgRPC Atom Feed Enricher ServiceSecurityDocumentationTrade-OffsWhen to Use gRPCExercisesSummary

9. Webhooks
What Are Webhooks?Origins of WebhooksIncoming and Outgoing WebhooksIntegration and Data FlowImplementationSecurityDocumentationTrade-OffsWhen to Use WebhooksExercisesSummary
10. WebSocket
WebSocket and WebSocket APIWebSocket Opening HandshakeImplementationWebSocket ECHO Client and ServerWebSocket ProtocolWebSocket Weather Alert ServerWebSocket Weather Alert ClientSecurityOrigin ValidationTrusted Host SecurityJSON Web TokenTransport Layer SecurityDocumentationTrade-OffsWhen to Use WebSocketExercisesSummary
11. Messaging
What Is Messaging?What Is a Queue?Messaging PatternsWork Queue PatternPublish-Subscribe PatternRouting PatternTopics PatternRequest-Response PatternImplementationWork QueueSecurityUnencrypted Messages in TransitMessages Encrypted in TransitAuthentication and AuthorizationDocumentationAsyncAPI SpecificationAsyncAPI DocumentationMessage VersioningTrade-OffsWhen to Use MessagingExercisesSummary
Index
About the Authors

Content preview from Learning API Styles

Chapter 4. Web Protocols

In the previous chapter, you used TCP/IP to send and receive a sequence of bytes representing a text. This idea is the base of the Hypertext Transfer Protocol (HTTP), the most widely used protocol on the web today.

This chapter describes HTTP and its purpose and evolution. You’ll programmatically explore the protocol variations, using network analysis tools like netcat, tcpdump, iperf, curl, nghttp2, tshark, or Wireshark. We believe that the chronological introduction of the HTTP versions allows for a more gentle explanation of HTTP features, which otherwise could be overwhelming. Demonstrations of HTTP and the related QUIC protocol at the network packet level will prepare you for the higher-level topics of network-based APIs, with a focus on APIs that use HTTP. The discussion in this chapter focuses on the features of HTTP from the perspective of web API clients, including web browsers.

What Is Hypertext?

The term hypertext was introduced by Ted Holm Nelson in 1965:¹

Let me introduce the word hypertext to mean a body of written or pictorial material interconnected in such a complex way that it could not conveniently be presented or represented on paper.

Ted Holm Nelson, 1965

However, this isn’t the only meaning of hypertext.² Today’s web focuses more on the information-linking aspect of hypertext than on the information representation.³

Note

Hypermedia is a term similar to hypertext, indicating it isn’t limited to text only.

To understand hypertext, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781098153984Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design