What is a RESTful API (REST API) and How Does it Work

Article Safiul Tarek

RESTful API:

REpresentational State Transfer (REST), means every URL represents some objects. It transfers the state of a thing client to server or server to client by representation.

In a sentence REST API is a way to communicate between client and server.

Rest is an architectural style that defines a set of constraints to be used for creating web services. REST API is a way of accessing the web services in a simple and flexible way without having any processing.

REST technology is generally preferred to the more robust Simple Object Access Protocol (SOAP) technology because REST uses the least bandwidth, simple and flexible making it more suitable for internet usage. It’s used to fetch or give some information from a web service. All communication is done via REST API used only HTTP requests.

One of the key advantages of REST APIs is that they provide a great deal of flexibility. Data is not tied to resources or methods, so REST can handle multiple types of calls, return different data formats, and even change structurally with the correct implementation of hypermedia. This flexibility allows developers to build an API that meets your needs while also meeting the needs of very diverse customers.

6 constraints of RESTful API:


1.Uniform interface
2.Client-server
3.Stateless
4.Cacheable 
6.Code on demand (optional)
5.Layered system

Difference Between API and REST API –

API is basically a set of functions and procedures that allow one application to access the features of other applications, REST is an architectural style for networking applications on the web. It is limited to client-server based applications. REST is a set of rules or guidelines to build a web API. There are many ways to build a web API, and REST is a standard way that will help in building it faster and also for third-parties to understand it better. Generally, the comparison between APIs is done between REST and SOAP. SOAP is more complex as it offers less freedom and dictates a lot of standards for implementation. Therefore, the REST API is the preferred style.

Examples of REST APIs:

Instagram API permits your applications to retrieve user tags, photos, accounts, and much more. Twitter also provides a REST API which a developer can query to source the latest tweets, or provide a search query that will return the results in JSON format.

GitHub also offers a super REST API that you can utilize to perform actions such as following GitHub issues, tracking user activity, and creating repositories from your app.

Advantages of REST:

A primary benefit of using REST, both from a client and server's perspective, is REST-based interactions happen using constructs that are familiar to anyone who is accustomed to using the internet's HTTP.

An example of this arrangement is REST-based interactions all communicate their status using standard HTTP status codes. So, a 404 means a requested resource wasn't found; a 401 code means the request wasn't authorized; a 200 code means everything is OK, and 500 means there was an unrecoverable application error on the server.

Disadvantages of REST:

The benefit of REST using HTTP constructs also creates restrictions, however. Many of the limitations of HTTP likewise turn into shortcomings of the REST architectural style. For example, HTTP does not store state-based information between request-response cycles, which means REST-based applications must be stateless and any state management tasks must be performed by the client.

  1. The biggest problem with REST APIs is the nature of multiple endpoints.
  2. These require clients to do multiple round-trips to get their data.
  3. REST is lightweight architecture but it is not suitable to handle a complex environment.
  4. REST requests (especially GET) are not suitable for large amounts of data.
  5. In a REST API, there is no client request language.clients do not have control over what data server will return.
  6. Over-fetching of information is a waste of network and memory resources for both the client and server.

Working

A Restful System consists of a :
  • Client who requests for the resources.
  • Server who has the resources.

A request is sent from client to server in the form of a web URL such as HTTP GET or POST or PUT or DELETE. After that a response comes back from the server in the form of a resource that can be anything like HTML, XML, Image or JSON. But now JSON is the most popular format being used in Web Services.

In HTTP there are five methods which are commonly used in a REST based Architecture i.e., POST, GET, PUT, PATCH, and DELETE. These correspond to create, read, update, and delete (or CRUD) operations respectively. There are other methods which are less frequently used like OPTIONS and HEAD.


HTTP Verb

CRUD

Entire Collection (e.g. /customers)

Specific Item (e.g. /customers/{id})

POST

Create

201 (Created), 'Location' header with link to /customers/{id} containing new ID.

404 (Not Found), 409 (Conflict) if the resource already exists.

GET

Read

200 (OK), list of customers. Use pagination, sorting, and filtering to navigate big lists.

200 (OK), single customer. 404 (Not Found), if ID not found or invalid.

PUT

Update/Replace

405 (Method Not Allowed), unless you want to update/replace every resource in the entire collection.

200 (OK) or 204 (No Content). 404 (Not Found), if ID not found or invalid

PATCH

Update/Modify

405 (Method Not Allowed), unless you want to modify the collection itself.

200 (OK) or 204 (No Content). 404 (Not Found), if ID not found or invalid.

DELETE

Delete

405 (Method Not Allowed), unless you want to delete the whole collection—not often desirable.

200 (OK). 404 (Not Found), if ID not found or invalid.


  1. GET: The HTTP GET method is used to read (or retrieve) a representation of a resource. In the safe path, GET returns a representation in XML or JSON and an HTTP response code of 200 (OK). In an error case, it most often returns a 404 (NOT FOUND) or 400 (BAD REQUEST).
  2. POST: The POST verb is most often utilized to create new resources. In particular, it’s used to create subordinate resources. That is, subordinate to some other (e.g. parent) resource. On successful creation, return HTTP status 201, returning a Location header with a link to the newly-created resource with the 201 HTTP status. NOTE: POST is neither safe nor idempotent.
  3. PUT: It is used for updating the capabilities. However, PUT can also be used to create a resource in the case where the resource ID is chosen by the client instead of by the server. In other words, if the PUT is to a URI that contains the value of a non-existent resource ID. On successful update, return 200 (or 204 if not returning any content in the body) from a PUT. If using PUT for create, return HTTP status 201 on successful creation. PUT is not a safe operation but it’s idempotent.
  4. PATCH: It is used for modify capabilities. The PATCH request only needs to contain the changes to the resource, not the complete resource. This resembles PUT, but the body contains a set of instructions describing how a resource currently residing on the server should be modified to produce a new version. This means that the PATCH body should not just be a modified part of the resource but in some kind of patch language like JSON Patch or XML Patch. PATCH is neither safe nor idempotent.
  5. DELETE: It is used to delete a resource identified by a URI. On successful deletion, return HTTP status 200 (OK) along with a response body.

In simple words, A REST API is a web service API which uses URIs and HTTP protocol and JSON for data format. The reason for using REST APIs over others is due to its simplicity in development with limited resources and fewer security requirements, browser compatibility, scalability, all of which are desired for web services.