Designing a Beautiful REST+JSON API

Track: Web
Skill Level: Intermediate
Room: Room A402-403
Time Slot: Tue 2/16, 4:00 PM
Tags: java , http , jwts , authentication , security , rest apis

Designing a really clean and intuitive REST + JSON API is no small feat. You have to worry about resources, collections of resources, pagination, query parameters, references to other resources, which HTTP Methods to use, HTTP Caching, security, and more! And you have to make sure it lasts and doesn’t break clients as you add features over time. Further, while there are many references on creating REST APIs with XML, there are much fewer references for REST + JSON.

In this presentation, Les Hazlewood - Stormpath CTO and Apache Shiro PMC Chair - will share all of the golden nuggets learned while designing, implementing and supporting JSON-based REST APIs, using examples from a clean real-world REST+JSON API built with Java technologies. He will cover:

  • JSON-based data formats in a RESTful API
  • References to other JSON-based resources (aka ‘linking’).
  • Resource collections and pagination
  • How to map (and how not to map) HTTP methods to Resource CRUD
  • Resource partial updates
  • Supporting HTTP Method Overloading for clients that don’t support HTTP PUT and DELETE
  • API versioning strategies
  • Meaningful Error responses
  • Many-to-many resource relationships
  • HTTP Caching and Optimistic concurrency control.
  • Authentication and Security
Les Hazlewood

Les Hazlewood is CTO and co-founder of Stormpath Inc. He is also the PMC Chair for the Apache Shiro Java security framework, and a leading expert in application and API security and REST API design. Prior to forming Stormpath, he held senior architectural positions at Bloomberg and Delta Airlines. Les has been actively involved in Open Source for more than 15 years and has worked on projects like the Spring Framework, JBoss, and Apache Shiro. Les has a BS in Computer Science from Georgia Tech, and practices Kendo and enjoys traveling when he’s not coding.