book

Learning API Styles

by Lukasz Dynowski, Marcin Dulak

July 2025

Intermediate to advanced

414 pages

10h 22m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

Includes

Includes Quizzes

Why We Wrote This BookWho Should Read This BookWhat’s in This BookWhat’s Not in This BookWeather Forecast ServiceConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgmentsAcknowledgments from Lukasz DynowskiAcknowledgments from Marcin Dulak
What Is an API?Network-Based APIsConcepts of API CommunicationMessageTransmission ModesSynchronous and Asynchronous Communication TypesHistory of APIsWhy APIs?What Are API Styles?API as a ProductAPI LifecyclePlanningDesignImplementationTestingDeploymentMaintenanceRetirementAPI Governance, Management, and PlatformFuture of APIsSummary
Examples of API Design PatternsAPI LanguageAPI NamingEvolving APIsAPI VersioningEncodingFilteringCounting and SortingPaginationLong-Running TasksRequest DeduplicationRequest RetryRate LimitingCachingDeletionAPI SecurityOWASP Top 10 API SecurityExamples of API Security PatternsEncryption, Authentication, and AuthorizationSanitization and ValidationScraping MitigationAPI Design Best PracticesSummary
Network ProtocolsSocket APITCP/IP and the OSI ModelImplementing TCP ECHO ServiceNetwork Lab SetupTCP ECHO ServiceTCP ECHO ServerTCP ECHO Client with NetcatTCP ECHO Client with ScapySecurityTCP ECHO Client with OpenSSLExercisesSummary
What Is Hypertext?HTTP Lab SetupHTTP/0.9HTTP and HTML in ActionHTTP/1.0HTTP Message Headers and BodyHTTP in a BrowserHow DNS Affects Browser ConnectionsParallel TCP Connections in a BrowserLimitations of TCPTCP Head-of-Line BlockingTCP Slow Start and Congestion AvoidanceHTTP/1.1HTTP Connection PersistenceHTTP/2HTTP/2 Frames and StreamsHTTP/3QUIC 1-RTT Connection EstablishmentExercisesSummary
HTTP, Resource, and URIClient-Server CommunicationOrigins of RESTAPI Maturity ModelsRESTful, RESTless, or RESTIs Being RESTless Good Enough?ImplementationAPI EndpointsAPI VersioningCRUDPaginationRate LimitingCachingSecurityJSON Web TokenTransport Layer SecurityDocumentationOpenAPI SpecificationThree Approaches to API SpecificationTrade-OffsWhen to Use RESTExercisesSummary
Problems with RESTThinking in GraphsOrigins of GraphQLGraphQL Versus RESTGraphQL ConstructsHow GraphQL WorksImplementationGraphiQLExecuting MutationsCRUDReadCreate, Update, DeleteSecurityAttacking GraphQLAuthenticationDocumentationTrade-OffsWhen to Use GraphQLExercisesSummary
What Is a Web Feed?Why Web Feeds?Evolution of Web FeedsWhat Is Atom Feed?ImplementationReading FeedsSecurityTrade-OffsExercisesSummary
Remote Procedure CallOrigins of gRPCProtobuf SerializationCode GenerationgRPC ECHO Server and ClientThe Four RPC TypesProtobuf Wire FormatImplementationgRPC Atom Feed Enricher ServiceSecurityDocumentationTrade-OffsWhen to Use gRPCExercisesSummary

What Are Webhooks?Origins of WebhooksIncoming and Outgoing WebhooksIntegration and Data FlowImplementationSecurityDocumentationTrade-OffsWhen to Use WebhooksExercisesSummary
WebSocket and WebSocket APIWebSocket Opening HandshakeImplementationWebSocket ECHO Client and ServerWebSocket ProtocolWebSocket Weather Alert ServerWebSocket Weather Alert ClientSecurityOrigin ValidationTrusted Host SecurityJSON Web TokenTransport Layer SecurityDocumentationTrade-OffsWhen to Use WebSocketExercisesSummary
What Is Messaging?What Is a Queue?Messaging PatternsWork Queue PatternPublish-Subscribe PatternRouting PatternTopics PatternRequest-Response PatternImplementationWork QueueSecurityUnencrypted Messages in TransitMessages Encrypted in TransitAuthentication and AuthorizationDocumentationAsyncAPI SpecificationAsyncAPI DocumentationMessage VersioningTrade-OffsWhen to Use MessagingExercisesSummary

Content preview from Learning API Styles

Chapter 5. REST

Representational State Transfer (REST) is the most popular network-based API.¹ The REST architectural style² was formulated in 2000 by Roy Fielding in his Ph.D. dissertation “Architectural Styles and the Design of Network-Based Software Architectures”, as an approach to create internet-scale network-based applications.

This chapter goes through the origins, implementation, testing, security, documentation, and trade-offs of REST APIs. You’ll implement a REST API by using the Django REST Framework (DRF), for the Weather Forecast Service (WFS), introduced in “Weather Forecast Service”.

HTTP, Resource, and URI

In practice, the architectural goals of REST translate into three main components: HTTP, a resource, and a URI.

HTTP is the blood vessel of the internet, and the majority of API styles described in this book use HTTP to exchange messages. It’s supported by clients such as web browsers, command-line tools like curl, and libraries for various programming languages. HTTP is an application layer protocol that can be text-based or binary.³ You can find more details about HTTP in Chapter 4.

In REST, any information that can be named can be a resource—for example, a document, an image, a numerical value of zero, or even a person (a human being, a nonvirtual named entity not accessible via the internet).⁴ A resource is anything that can be a target of a hypertext reference.⁵

A resource can be static or dynamic. A static resource is immutable, like an image served from ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9781098153984Errata Page

Learning API Styles

by Lukasz Dynowski, Marcin Dulak

Chapter 5. REST

HTTP, Resource, and URI

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

API Design Patterns

Design and Build Great Web APIs

Designing APIs with Swagger and OpenAPI

Learning TypeScript

Publisher Resources

Chapter 5. REST

HTTP, Resource, and URI

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

API Design Patterns

Design and Build Great Web APIs

Designing APIs with Swagger and OpenAPI

Learning TypeScript

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.