Creating and Validating JSON Web Tokens (JWT) in Node.js
In this blog article, we covered what a JSONWeb Token (JWT) is, how to create a JWT, and how to verify a JWT.
In this blog article, we covered what a JSONWeb Token (JWT) is, how to create a JWT, and how to verify a JWT.
The API architecture is made up of four different layers: the Interaction Layer, Integrational Layer, Application Layer, and Information Management Layer (databases).
When building and maintaining APIs there are a lot of different terminology that you need to be aware of. This isn’t a complete list, but it’s enough to make you dangerous.
Apex classes and methods can be exposed to external applications as REST based endpoints.
This means that there’s a very easy way to have an external application make a direct call into Salesforce to do a specific action.
Handling no results in a collection endpoint and at a singular resource can be a bit of a tricky situation.
With REST there’s no standard, but there are some standards associated with REST such as oAuth and OpenAPI.
Optimization can mean a lot of things like simplifying a process, reducing data and even speeding up response time.
An API often has three different ways we can optimize it.
HTTP defines a set of different request methods. There are request methods like GET, POST, PUT, DELETE, and others.
Because it’s allowed doesn’t mean it’s right though.
Sorting is determining the order of items when a list of items is returned from a particular endpoint. The best practice is to really keep things simple and consistent.
Application Programming Interfaces and dates are just as difficult.
Timezone issues crop up because dates and datetimes are just strings in JSON, there’s nothing to necessarily say that this is a date in this format.
Designing by software is a contract – like a legal or business contract. When we design software by contract it means we are designing against a specific specification for each software component.
The REST API will be alive for many years to come because many companies set up integrations and forget about them until there’s a problem. It is still one of the dominant types of application integrations: REST API, SOAP, and more recently GraphQL.
HATEOAS stands for Hypertext As The Engine of Application State. The theory is that by embedding enough information in our API responses it will be easier to use the API without needing to consult documentation.
When designing a REST API we need to really think of the different challenges that can occur. While many of these challenges are related to ignoring the REST API Constraints, there are definitely other issues that will pop up as you work.
Security is essential for REST APIs because our organizations depend on them.
Each resource in the REST architecture is identified by it’s Uniform Resource Identifier (URI)
These tips are based on providing a uniform interface REST constraint.
JSON is a great format for exchanging data, it’s used in almost all REST Apis for receiving and sending data.
A cheat sheet covering RESTful concepts for design and development.
The cheatsheet is one page and covers versioning, designing consistent URIs, HTTP methods, HTTP status codes, error handling and authentication/authorization.
REST APIs function primarily through the use of resources that are located at a certain URI.
Versioning is one of the most critical parts of API design. Versioning allows us to potentially make breaking changes at some point in the future.