You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The API must embrace RESTful design principles. It must be resource-based, and each resource representation must contain enough information to modify or delete the resource on the server, provided it has permission to do so.
38
36
@@ -48,20 +46,19 @@ The API must embrace RESTful design principles. It must be resource-based, and e
48
46
49
47
> You don't want to deal with complex pluralization (e.g., foot/feet, child/children, people/people). Keep it simple.
50
48
51
-
###2. Formatting
49
+
## 2. Formatting
52
50
53
51
- Dates must be returned in ISO 8601 format (YYYY-MM-DDTHH:MM:SSZ).
54
-
- Geographic coordinates must be returned in `[-]d.d, [-]d.d` format (e.g., 12.3456, -98.7654).
55
52
56
-
> TODO: more ?
53
+
- Geographic coordinates must be returned in `[-]d.d, [-]d.d` format (e.g., 12.3456, -98.7654).
57
54
58
-
###3. Security
55
+
## 3. Security
59
56
60
57
- The API must be served over SSL, using `https`. It must not redirect on non-SSL urls.
61
58
62
59
> Always using SSL guaranteed encrypted communications, and allow use of simple access tokens.
@@ -70,21 +67,21 @@ The API must embrace RESTful design principles. It must be resource-based, and e
70
67
| PATCH / PUT | Used for updating resources. |
71
68
| DELETE | Used for deleting resources. |
72
69
73
-
####Fallback header
70
+
### Fallback header
74
71
75
72
The HTTP client that doesn't support PUT, PATCH or DELETE requests must send a POST request with an `X-HTTP-Method-Override` header specifying the desired verb.
76
73
77
74
The server must correctly handle this header. When it is set, it take precedence over the original request method.
78
75
79
-
####Location header
76
+
### Location header
80
77
81
78
When a resource is created (with a `POST` request), the response must contain a `Location` header with the link of the new resource.
82
79
83
-
####Resource on update and create actions
80
+
### Resource on update and create actions
84
81
85
82
When a resource is created or modified (e.g., with a POST, PUT or PATCH request), the response must contain the created or updated respresentation of the resource.
86
83
87
-
###5. Status codes
84
+
## 5. Status codes
88
85
89
86
**The API must uses descriptive HTTP response codes to indicate the success or failure of request.**
90
87
@@ -113,7 +110,7 @@ The server must respond with the following status codes, according to the situat
113
110
| 503 Service Unavailable | The server is currently unable to handle the request. |
114
111
115
112
116
-
###6. Errors
113
+
## 6. Errors
117
114
118
115
- All errors in the 4xx must return a body containing a `error` key, containing the error code.
All non-standard HTTP headers must begin by a `X-`.
192
189
193
190
For example, for rate limiting, the `X-Rate-Limit-Limit`, `X-Rate-Limit-Remaining` and `X-Rate-Limit-Reset` headers should be used.
194
191
195
-
###9. Versioning
192
+
## 9. Versioning
196
193
197
194
The API must be versioned, and must not have breaking changes whitout version change.
198
195
@@ -221,7 +218,7 @@ X-Version: 3.1
221
218
}
222
219
```
223
220
224
-
###10. Pagination
221
+
## 10. Pagination
225
222
226
223
Requests for collections should be paginated, and return a limited number of results.
227
224
@@ -266,7 +263,7 @@ X-Total: 4
266
263
]
267
264
```
268
265
269
-
###11. Filtering
266
+
## 11. Filtering
270
267
271
268
The client should be able to filter resource collections using the `filter` parameter. In this case, only the fields matching the given filter(s) will be returned.
The client should be able to sort resource collections according to one or more fields using the `sort` parameter. The value for `sort` must represent sort fields.
If the server does not support sorting as specified in the query parameter `sort`, it must return a `400 Bad Request` status code.
341
338
342
-
###13. Searching
339
+
## 13. Searching
343
340
344
341
The client should be able to search on resource collections fields using the `search` parameter. In this case, only the fields matching the given search(s) will be returned.
A global search on a resource collection should be implemented using directly a value instead of a hash for the `search` parameter.
379
376
380
-
###14. Embedding
377
+
## 14. Embedding
381
378
382
379
The client should be able to include data related to (or referenced) from the resource being requested using the `embed` parameter. The value of the `embed` parameter must be a comma separated list of fields to be embedded. Dot-notation must be used to refer to sub-fields.
The client should be able to select only specific fields in the response using the `fields` parameter. In this case, only the requested fields will be returned.
If the server does not support selection as specified in the query parameter `fields`, it must return a `400 Bad Request` status code.
467
464
468
465
469
-
###16. Caching
466
+
## 16. Caching
470
467
471
468
Server should generate a [ETag header](http://en.wikipedia.org/wiki/HTTP_ETag) containing a hash or checksum of the representation. This value should change whenever the output representation changes.
472
469
473
-
###17. Asynchronous processing
470
+
## 17. Asynchronous processing
474
471
475
472
When a resource creation or update is asynchronously processed, the request should return a `202 Accepted` status code with a link in the `Content-Location` header which should redirect to the resource when the job processing is done.
0 commit comments