StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POUnderstanding REST: Verbs, error codes, and authentication
primarykey
Id
2001773
data
AcceptedAnswerId
2022938
AnswerCount
10
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2010-01-04T19:55:36.773
FavoriteCount
488
LastActivityDate
2017-09-23T12:08:47.487
LastEditDate
2016-08-05T21:05:33.150
LastEditorUserId
3691530
OwnerUserId
187606
ParentId
0
PostTypeId
1
Score
567
ViewCount
123588
LastEditorDisplayName
text
Body
I am looking for a way to wrap APIs around default functions in my PHP-based web applications, databases and CMSs. I have looked around and found several "skeleton" frameworks. In addition to the answers in my question, there is <a href="http://tonic.sourceforge.net/" rel="noreferrer">Tonic</a>, a REST framework I like because it is very lightweight. I like REST the best for its simplicity, and would like to create an API architecture based on it. I'm trying to get my head around the basic principles and have not fully understood it yet. Therefore, a number of questions. 1. Am I understanding it right? Say I have a resource "users". I could set up a number of URIs like so: <pre><code>/api/users when called with GET, lists users /api/users when called with POST, creates user record /api/users/1 when called with GET, shows user record when called with PUT, updates user record when called with DELETE, deletes user record </code></pre> is this a correct representation of a RESTful architecture so far? 2. I need more verbs Create, Update and Delete may be enough in theory, but in practice I will have the need for a lot more verbs. I realize these are things that could be embedded in an update request, but they are specific actions that can have specific return codes and I wouldn't want to throw them all into one action. Some that come to mind in the user example are: <pre><code>activate_login deactivate_login change_password add_credit </code></pre> how would I express actions such as those in a RESTful URL architecture? My instinct would be to do a GET call to a URL like <pre><code>/api/users/1/activate_login </code></pre> and expect a status code back. That deviates from the idea of using HTTP verbs, though. What do you think? 3. How to return error messages and codes A great part of REST's beauty stems from its use of standard HTTP methods. On an error, I emit a header with a 3xx,4xx or 5xx error status code. For a detailed error description, I can use the body (right?). So far so good. But what would be the way to transmit a proprietary error code that is more detailed in describing what went wrong (e.g. "failed to connect to database", or "database login wrong")? If I put it into the body along with the message, I have to parse it out afterwards. Is there a standard header for this kind of thing? 4. How to do authentication <ul> <li>What would a API key based authentication following REST principles look like?</li> <li>Are there strong points against using sessions when authenticating a REST client, other than that it's a blatant violation of the REST principle? :) (only half kidding here, session based authentication would play well with my existing infrastructure.)</li> </ul>
Tags
<web-services><rest>
Title
Understanding REST: Verbs, error codes, and authentication
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USPekka 웃
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
3. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POUnderstanding REST: Verbs, error codes, and authentication
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POUnderstanding REST: Verbs, error codes, and authentication
 UserUserId
 USrichsage
 VoteTypeVoteTypeId
 VTFavorite
3. VO
 singulars
 PostPostId
 POUnderstanding REST: Verbs, error codes, and authentication
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. CO@Daniel, thanks for the edit. "I more verbs" was an intentional pun, but I'm leaving it as is, it's easier to read now. :)
 singulars
 PostPostId
 POUnderstanding REST: Verbs, error codes, and authentication
 UserUserId
 USPekka 웃

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.