Is REST all about just exposing an HTTP endpoint?
REST is an abbreviation that stands for Representational State Transfer. A lot of complex words but stick with me.
REST is a specification that suggests how a client should demand/request information from the server and how the server should respond; it does not enforce anything.
Everything is a Resource
In REST, everything is a resource. Any actionable entity in your application eg: book, student, customer, or order is a resource for REST. The client can demand action on a resource like get, create, delete, or update.
REST does not put any restriction on how the data is stored in your application, but it allows clients to specify how it wants the data from the server eg: XML, JSON, CSV, etc. So long as the server supports the representation the server would respond in the demanded format.
Underlying Protocol for REST
REST does not enforce any restriction on the underlying protocol to be used. All it cares about is that we have a defined way to act on a resource. So, we can implement REST over HTTP or even hardware like USB.
Why REST over HTTP?
The most common implementation of REST is over HTTP and it gels very well together. Why so?
HTTP has verbs like GET, POST, DELETE, and PUT and these become actions on our resource. The resource is specified by the URL of the HTTP request. For example, to get a student’s details whose
id = 1 we fire
We are representing the student with
id = 1 using the URL
/students/1 and are specifying action
GET using the HTTP verb
GET. Similarly to update the student with
id = 1 we could
Here we see how REST is resource-oriented and we have a way to specify the action to be taken on it.
One very important reason why HTTP is so commonly used in implementation is the availability of existing tooling. We can reuse the existing set of tools to get the job done, which includes.
- using existing HTTP Clients like Postman, cURL, Requests
- use caches like Ngnix, HA Proxy, and Varnish to boost performance
- use monitoring tools like Distributed Tracing
- use load balancers to uniformly distribute the load
- use SSL to get out-of-the-box security
Downsides of doing REST over HTTP
- all clients would have to serialize and deserialize the HTTP body
- all clients would have to repetitively handle failures and retries
- some web servers might not support verbs like PUT, DELETE
- HTTP payloads are JSON and hence huge
- HTTP would not support switching underlying protocols