One way to secure your serverless application is to implement token-based authentication, which helps to ensure that only authorized users can access your app
In this blog article, we covered what a JSONWeb Token (JWT) is, how to create a JWT, and how to verify a JWT.
The API architecture is made up of four different layers: the Interaction Layer, Integrational Layer, Application Layer, and Information Management Layer (databases).
REST and SOAP are different ways of transmitting data between two different systems via an API. REST is a set of architectural principles. SOAP is a protocol maintained by the World Wide Web Consortium.
When building and maintaining APIs there are a lot of different terminology that you need to be aware of. This isn't a complete list, but it's enough to make you dangerous.
Apex classes and methods can be exposed to external applications as REST based endpoints. This means that there's a very easy way to have an external application make a direct call into Salesforce to do a specific action.
Handling no results in a collection endpoint and at a singular resource can be a bit of a tricky situation.
With REST there's no standard, but there are some standards associated with REST such as oAuth and OpenAPI.
Optimization can mean a lot of things like simplifying a process, reducing data and even speeding up response time. An API often has three different ways we can optimize it.
HTTP defines a set of different request methods. There are request methods like GET, POST, PUT, DELETE, and others. Because it's allowed doesn't mean it's right though.
When large lists of records are exposed through an API, we need a mechanism to control how many records are returned. In the article, we explore the three main methods of paging.
Sorting is determining the order of items when a list of items is returned from a particular endpoint. The best practice is to really keep things simple and consistent.
The parameters and the way the parameters are transmitted can be different in each implementation. API parameters can be split into four different groups
Designing by software is a contract - like a legal or business contract. When we design software by contract it means we are designing against a specific specification for each software component.
The REST API will be alive for many years to come because many companies set up integrations and forget about them until there's a problem. It is still one of the dominant types of application integrations: REST API, SOAP, and more recently GraphQL.
HATEOAS stands for Hypertext As The Engine of Application State. The theory is that by embedding enough information in our API responses it will be easier to use the API without needing to consult documentation.
When designing a REST API we need to really think of the different challenges that can occur. While many of these challenges are related to ignoring the REST API Constraints, there are definitely other issues that will pop up as you work.
Security is essential for REST APIs because our organizations depend on them.
GraphQL is gaining traction in the software development world because it offers an alternative to the traditional REST architecture. Here's why I don't think it's ready for common use.