I want to share with you a small some useful resources on REST API design.
Designing a Beautiful REST+JSON API – In this presentation, Les Hazlewood (@lhazlewood) - Stormpath CTO and Apache Shiro PMC Chair - will share all of the golden nuggets learned while designing, implementing and supporting JSON-based REST APIs, using examples from a clean real-world REST+JSON API built with Java technologies.
- JSON-based data formats in a RESTful API
- References to other JSON-based resources (aka ‘linking’)
- Resource collections and pagination
- How to map (and how not to map) HTTP methods to Resource CRUD
- Resource partial updates
- Supporting HTTP Method Overloading for clients that don’t support HTTP PUT and DELETE
- API versioning strategies
- Meaningful Error responses
- Many-to-many resource relationships
- HTTP Caching and Optimistic concurrency control
- Authentication and Security
https://opensource.zalando.com/restful-api-guidelines/ – «Zalando RESTful API and Event Scheme Guidelines» (highly recommended)
http://en.wikipedia.org/wiki/Hash-based_message_authentication_code – keyed-hash message authentication code (HMAC)
http://broadcast.oreilly.com/2009/12/principles-for-standardized-rest-authentication.html – Query Authentication consists in signing each RESTful request via some additional parameters on the URI.