We may earn an affiliate commission when you visit our partners.
Course image
Rajeev Sakhuja

PS: 

  • This COURSE does NOT focus on Coding of REST API - Focus is on Designing  using proven patterns.

  • Please do NOT enroll if your objective/Goal is just to learn "Coding" part of the REST API.

How was this course created?

Read more

PS: 

  • This COURSE does NOT focus on Coding of REST API - Focus is on Designing  using proven patterns.

  • Please do NOT enroll if your objective/Goal is just to learn "Coding" part of the REST API.

How was this course created?

Author (Raj) has worked with many large organizations for building their Digital Strategy in which API was a central theme. Over the years author recognized certain patterns and practices that led to successful API initiatives. Intrigued by his findings author did thorough research of 100's other successful API providers (examples: Facebook, Expedia, Capital One ...) and that resulted in a collection of Best practices and Design patterns that are covered in this course.

This course covers all the important aspects related to design, development and management of API. The best practices, design patterns, challenges, suggestions & options discussed in this course are either:

  • Created by analyzing how the popular API providers such as Facebook, Twitter, Capital One etc are building and managing their API

  • Taken from personal experiences of the author

Course is divided into 6 Parts:

1. Setting the stage - Discusses a case study (ACME travels) used through the course + provides information on tools used

2. Evolution of  REST API - Lectures in this section will cover the foundational concepts + Why REST/JSON has become a defacto standard

3. Designing the REST API (Covered in multiple sections)

This is where students will learn the:

  • Best Practices

  • Implementation patterns

To demonstrate the implementation aspects, a set of NodeJS based API is also implemented for a fictitious enterprise ACME Travels.

4. Securing the REST API

When an API is exposed by an enterprise to the public internet, it poses a risk to the enterprise as hackers may use the vulnerabilities in the API to launch attacks against the enterprise. There are multiple types of such Functional attacks that the API provider must consider. You will learn about the common attacks and the best practices for protecting the API.

5. Swagger 2.0 / Open API Initiative specifications

This section will begin with the description of Collaborative specifications development process & benefits of adopting contract first approach. At the end of this section student will be able to write Swagger/OAI specifications for their own API. As part of the lectures, a complete specification will be created for ACME Vacations. 

6. API Management

API management  is the process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment. Lectures in this section cover the details of the following activities that an API provider carry out within the scope of API management.

APIgee, IBM API Connect & Mulesoft platforms will be used for demonstrating the various API management aspects discussed in the lectures. Students are encouraged to try out these platforms on their own to get a good feel of what API management platforms bring to table. The three platforms offer a free trial version that can be used for testing.

WHY REST API?

Today Enterprises are using REST APIs for not just building mobile applications but also for:

  • Creating new channels for partnership

  • Building new revenue streams & business models

  • Promoting their brands

Just creating the API does not guarantee that the enterprise will be able to achieve the desired goals from API perspective. Adoption of API by developers depend on multiple aspects such as its utility, ease of use, performance, scalability, security. The API provider must apply best practices throughout the life cycle of an API.

Who should take this course?

This course is suited for any technologist interested in learning REST API from end to end perspective not just from the coding perspective. Though this course uses NodeJS for demonstrating the design best practices, it does not require students to have any prior experience wth NodeJS. 

To take this course the student is expected to know any one (or more) programming language; have understanding of web application architecture; to be familiar with the concept of services ; understands the data formats such as JSON or XML

Please note that this course will NOT teach how to code REST API in NodeJS.

Enroll now

Here's a deal for you

We found an offer that may be relevant to this course.
Save money when you learn. All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.

What's inside

Learning objectives

  • Design and develop restful api by applying the best practices & rest constraints
  • Create practices for api security, versioning, lifecycle management, documentation and other important aspects
  • Write specifications in swagger2.0/oai specifications in yaml format
  • Create an api management strategy for your enterprise
  • Leverage some of the common api management platforms for building api proxies (apigee, ibm api connect, mulesoft anypoint)

Syllabus

Setting the stage
  • Quick introduction to the course

  • Tips on how to get the most out of this course

Provides link for summary decks download.

Read more

ACME Travels is a fictitious company that is going through a crisis as they did not keep up to speed with the technology. Their CTO has a vision to create an API driven organization.

This quick lecture describes the ACME case study that will be used in discussions of various concepts discussed in this course. All APIs created in the course are for ACME travels.

In this course multiple tools will be used. This quick lecture describes the tools that will be used in this course. Students are not expected to have any prior experience with any of the tools discussed

In this lecture students will learn about the free MongoDB sandbox environment offered by http://mlab.com

Samples in this course will use the MongoDB instance on mlab.com

Evolution of RESTful services

Walkthrough of a scenario to explain what an API is.

Students will learn about the 

  • Issues with using XML/RPC for mobile applications
  • History of RESTful API
  • How so many organizations are leveraging REST API 

Students will learn the core concepts of RESTful API. At end of the lecture they would understand the following terms:

  • Representational state
  • Resources
  • State transfer

Also covers the demonstration of a publicly available REST API from Walmart.

Checks students understanding of general concepts of API

Students will learn about the three types of APIs.

In this lecture students will learn about the API exposed by TicketMaster.

Student will learn about:

  • the API value chain
  • "common sense" design principles :)
Students will learn the REST architecture constraints, guidelines & best practices for designing the REST API

Just using the JSON+HTTP does not automatically make the API RESTful. In this student will get a overview of the REST constraints described by Roy Fielding in his dissertation paper.

Student will learn about the benefit of following the "Client-Server" constraint which is considered the foundation for the RESTful API.

Student will learn about the constraint#2 Uniform Interface + the 4 guiding principles that are part of the Uniform Interface constraint.

Student will learn about the "Statelessness" constraint. 

In this lecture student will learn 

  • about the HTTP Caching headers
  • how the HTTP Cache-Control can be used to achieve better performance
  • how the caching strategy counterbalances the "performance" hit due to "statelessness"

Student how "Layered System" architecture enables a incremental evolutionary approach.

This lecture describes the (optional) REST constraint referred to as the "Code on Demand"

At the end of this lecture the Student will be able to evaluate the maturity level of an organization from the perspective of adoption of RESTful architecture & practices. 

Test student's knowledge of REST architectural constraints.

WebApp versus REST API Architecture
Desigining REST API

Students will learn about the structure of the API Endpoint URL

Student will learn about:

  • Conventions used for "Base URL"
  • resource naming for REST API. Examples of how Facebook/Walmart ... are naming their resources
Walk through: Setup the API URI for ACME API
HTTP API Request flow and HTTP Status Code

Describes how to implement the API CRUD operations. Covers the use of HTTP verbs, status codes and how to implement the support for multiple data formats.

API Data Format Setup

You will be seeing the API(s) in actions. This lecture will provide you the steps to setup the local environment.

In this lecture students will learn how to create a simple API in Node. At the end of the lecture students are expected to be able to extend the vacations API to add more operations.

This quiz will test the student's understanding of how to implement basic operations & error handling for REST API.

Will teach students the error handling patterns

Students will how to implement error handling in REST API

Application Error Handling Patterns

Walk through of the code for demonstrating the error handling for REST API

Code available at https://www.github.com/acloudfan

Test student's knowledge of designing the error handling for their API

Versioning is an important aspect of REST API - students will learn about the API versioning strategy and implementation patterns

Students will learn about common changes required for API after they have been released. Also included is a discussion on practices for handling API changes. 

  • Breaking  change & how to handle it
  • Non-breaking change

Student will learn the  common version strategies for the REST API. Also understand the API lifeservice from version perspective.

Walk through : ACME API Versioning
Caching may be implemented at multiple levels. Lectures discuss the caching patterns.

Students will learn 

  • the benefits of Caching
  • practices around what to cache and the design decisions

Student will lear how to use the HTTP cache control directive

API implementations can use the HTTP header Cache-Control to take advantage of the HTTP protocol built in support for caching. In this lecture students will learn the various directives (instructions) they can use for building API with cache support. 

This lecture demonstrates the use of the HTTP caching header from the Node JS API.

Checks students knowledge of general concepts of caching and Cache-Control directives.

Lecture in this section will discuss the response handling patterns

Its common for many popular API providers (Facebook, LinkedIn, Pinterest...) to support partial response in their APIs. In this lecture student will learn the benefits of supporting partial responses and they will see a demo of building API with support for partial responses (ACME Hotels API)

Students will see the implementation of partial response pattern

In this lecture students will learn common ways in which Pagination support may be implemented in an API. At the end of this lecture they would learn how to build pagination in  a MongoDB/Node application using the limit/skip functions

Walk through : Building support for Pagination in ACME API

Checks students understanding of how to design API with support for partial responses and pagination

REST API Security

Student will learn about security aspects related to  API:

  • Authentication
  • Authorization
  • Functional attacks

Basic authentication is the simplest form of authentication that may be applied to the API. Student will learns concepts and then understand how to code Basic Auth in Node JS code.

Tests the student on their understanding of Basic authentication

Student will learn:

  • What are tokens?
  • Jason Web Token (JWT) standard
  • Securing Node REST API with JWT

Checks student's understanding of Token based authentication and JWT

The API Key/Secret is the most common way the API providers protect the API. In this lecture student will learn about:

  • implementation of the key/secret
  • practices for the implementation of the key/secret
  • technical considerations for implementing key/secret base auth

Tests students understanding of concept of client key & secret 

Student will learn the concepts of OAuth2.0. 

In this lecture, student will also learn how Spotify (Streaming music) has implemented the OAuth2 for their public API.

Tests student's understanding of concepts of API authorization and OAuth 2.0

Hackers are always looking for threats/vulnerabilities in publicly available API. Student will learn abut common types of attack. In the lecture the student will also see a demonstration of a "SQLInjection" attack.

REST API Specifications using Swagger 2.0 / OAI

In this lecture student will learn:

  • contract first approach
  • collaborative specifications development process
  • different REST API specifications standard
  • introduction to Swagger/OAI standard

Checks student's knowledge of basic concepts of REST API specifications

In this lecture student will get an overview of he Swagger/OAI + YAML specifications. Also discuss the various editor options for Swagger/OIA

Tests the student on their knowledge of Swagger

Students will learn:

  • structure of the Swagger/OAI specs document
  • about the tools for Swagger/OAI document editing
  • to create the Swagger/OAI specifications in YAML format

Checks student's understanding of the specifications format

Student will learn how to define the following in Swagger/OAI specs:

  • Request/response schema
  • Security definitions
  • Parameters
Structure & Elements of Swagger/OAI specifications (2/3)

Student will learn how to create Paths/Operations in the Swagger/OAI specifications. Walkthrough of the developer documentation generated from the specifications.

Checks student's understanding of the Paths/Resources

API Management

In this lecture student will learn about the 

  • Activities that fall under the scope of API management
  • Common API management infrastructure setup (Agent & Proxy model)

In this lecture student will learn about the practices for managing the API "Lifecycle" that has 5 stages. 

How API developer productivity is enhanced by way of adoption of the API management platforms.

Demonstration of specification import process on the "Mulesoft" and "IBM API Connect" platform

Generate the API proxy on "Apigee" platform using the vacation specification generated in previous section. Apply policies to control the behavior of the API.

Student will learn about the essential features of the API developer portal. At the end of the lecture will be in a position to decide whether to build or buy a portal for their API.

At end of the lecture student will see how easily an off the shelf developer portal (Mulesoft) can easily be customized.

Students will learn about:

  • security best practices
  • the need for the minimal security (key) for the API
  • how API management based solution can be used for key authentication (demo on Apigee)

Student will learn 

  • why an API provider MUST carry out traffic management
  • about types of traffic management policies (Quota, Spike arrest, Rate limiting)

    Lecture also includes demo of the traffic policies in action on Apigee platform.



API Analytics is an important aspect of API management. There are multiple types of analytics collected on the API platform. Student will learn abut the common analytics collected on API platforms and how it can be leveraged by the developers.

Students will learn about the good practice that states "Treat your API like a product if you would like to sell it like a product". 

Also the student will understand the

  • concept of monetization
  • various monetization models
  • technology considerations from the realization perspective
Good bye message + some tips on the next steps
Good bye

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Comprehensive study of REST API design, development, and management
Explores best practices and design patterns used by popular API providers like Facebook and Twitter
Taught by Rajeev Sakhuja, an industry expert with experience in building digital strategies for large organizations
Suitable for technologists with a basic understanding of web application architecture and data formats like JSON or XML
Covers practical aspects of API design using NodeJS-based API implementation
Provides guidance on API security, versioning, and management strategies

Save this course

Save REST API Design, Development & Management to your list so you can find it easily later:
Save

Reviews summary

Well-designed rest apis

Learners describe this course as a comprehensive learning experience on designing, developing, and managing RESTful APIs. Students say the course is a great starting point for both beginners and experienced developers. One of the best qualities of the course, according to learners, is its comprehensive coverage of the subject matter. The course is said to provide a wide range of information, from the basics of REST APIs to more advanced topics such as security and API management. The course also provides step-by-step instructions and hands-on examples, which learners say makes it easy to follow and understand. The instructor is described as knowledgeable and engaging, and the course materials are said to be well-organized and well-presented. Overall, learners say this is a high-quality course that they would recommend to anyone interested in learning more about REST APIs.
The course offers hands-on exercises and sample code, making it practical and easier to apply what you learn.
"The course provides hands-on examples and sample code for students to practice and apply their learnings."
"The hands-on examples are helpful for reinforcing the concepts."
The instructor explains the concepts clearly and provides detailed explanations, making the course easy to understand.
"The instructor is knowledgeable and engaging."
"The course materials are said to be well-organized and well-presented."
The materials for this course are logically and sequentially organized, helping you grasp the concepts easily.
"The course is well-organized and easy to follow."
"The step-by-step approach makes it easy for beginners to learn."
"The course is structured, clear, and well-presented, covering the complete domain of REST API development."
This course covers a wide range of topics related to REST APIs, making it a comprehensive learning resource.
"The course covers REST API fundamentals, design patterns, and best practices."
"The course covers how to add authentication and authorization to APIs, which is crucial for securing your API."
"The course emphasizes the importance of monitoring and provides guidance on how to monitor your API for optimal performance."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in REST API Design, Development & Management with these activities:
Review Course Materials and Notes
Strengthens understanding by reviewing course concepts and assignments.
Show steps
  • Review lecture notes and slides.
  • Summarize key concepts and design principles.
  • Identify areas for further exploration.
Explore API Security Best Practices
Enhances understanding of essential security measures for RESTful APIs.
Show steps
  • Learn about common API vulnerabilities.
  • Explore industry-standard authentication and authorization mechanisms.
  • Implement security measures in API code.
Practice RESTful API Development
Helps develop familiarity with RESTful API development through repetitive exercises.
Show steps
  • Create a mock endpoint using a programming language of your choice.
  • Implement CRUD operations for the endpoint.
  • Handle edge cases and error scenarios.
  • Explore different HTTP request methods and responses.
Two other activities
Expand to see all activities and additional details
Show all five activities
Participate in API Design Discussions
Encourages collaboration and exchange of ideas on RESTful API design.
Show steps
  • Join online forums or discussion groups.
  • Participate in discussions and ask questions.
  • Share knowledge and insights with other developers.
Design and Implement a RESTful API
Applies learned concepts by designing and implementing a comprehensive RESTful API.
Show steps
  • Define API requirements and use cases.
  • Design and document API endpoints and data models.
  • Implement API functionality using a preferred programming language.
  • Test and deploy the API.

Career center

Learners who complete REST API Design, Development & Management will develop knowledge and skills that may be useful to these careers:
Technical Product Manager
A Technical Product Manager works on the development and management of a technology-based product or software from concept to delivery, and is responsible for creating and maintaining the roadmap, and working with technical teams on its implementation. This course can help build a foundation for this role by teaching the fundamentals of REST API design, development, and management, which is essential for creating and maintaining a successful software product.
Software Architect
A Software Architect is responsible for designing, building, and maintaining the software architecture of a software system. This course can be helpful for those looking to enter this role as it teaches the fundamentals of REST API design, development, and management, including patterns and best practices. These skills are essential for designing and building scalable, reliable, and secure software systems.
Software Developer
A Software Developer designs, develops, and maintains software applications. This course can be helpful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge is essential for developing robust, scalable, and user-friendly software applications.
Systems Analyst
A Systems Analyst works with users and stakeholders to understand their needs and develop and implement software solutions. This course can be helpful for those looking to enter this role as it teaches the fundamentals of REST API design, development, and management. This knowledge is essential for designing, developing, and implementing scalable, reliable, and secure software solutions.
Data Architect
A Data Architect designs, develops, and maintains the data architecture of an organization. Although this course does not directly teach data architecture, it provides a foundation in API design, development, and management, which is essential for designing data architectures that are scalable, reliable, and secure.
Quality Assurance Analyst
A Quality Assurance Analyst is responsible for testing and evaluating software applications to ensure they meet quality standards. This course can help build a foundation for this role by teaching the fundamentals of REST API design, development, and management. This knowledge is essential for testing and evaluating the quality of software applications.
Technical Writer
A Technical Writer creates and maintains technical documentation for software applications and products. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding and documenting the technical aspects of software applications and products.
Product Owner
A Product Owner is responsible for managing the development of a software product or feature. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of software development and working with technical teams.
Business Analyst
A Business Analyst works with users and stakeholders to understand their needs and develop and implement software solutions. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of software solutions and working with technical teams.
IT Consultant
An IT Consultant helps organizations improve their use of technology. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of software and working with clients on software solutions.
UX Designer
A UX Designer is responsible for designing the user interface and experience of software applications and products. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of software development and designing user interfaces that are intuitive and user-friendly.
IT Manager
An IT Manager is responsible for managing the IT department of an organization. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of software and managing IT teams.
Network Engineer
A Network Engineer designs, implements, and maintains networks for organizations. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of networks and working with network teams.
Security Engineer
A Security Engineer designs, implements, and maintains security systems for organizations. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of security and working with security teams.
Database Administrator
A Database Administrator designs, implements, and maintains databases for organizations. This course may be useful for those looking to enter this role as it provides a foundation in REST API design, development, and management. This knowledge can help in understanding the technical aspects of databases and working with database teams.

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in REST API Design, Development & Management.
Provides a comprehensive guide to building and consuming RESTful web services. It covers a wide range of topics, from the basics of REST to advanced concepts such as security and performance.
Practical guide to designing and developing RESTful APIs. It provides a step-by-step approach to creating APIs that are both scalable and performant.
Practical guide to securing RESTful APIs. It covers a wide range of topics, from authentication to authorization to data protection.
Provides a comprehensive overview of the HTTP protocol. It covers topics such as the HTTP request and response cycle, HTTP status codes, and HTTP headers.
Is the seminal work on REST. It defines the REST architectural style and provides guidance on how to design and implement RESTful web services.
Provides a comprehensive overview of the principles and practices of designing data-intensive applications. It valuable resource for anyone who wants to learn more about how to build scalable, reliable, and maintainable systems.
Provides a comprehensive overview of web services. It covers topics such as the web services architecture, web services standards, and web services security.
Provides a comprehensive overview of the principles and practices of building microservices. It valuable resource for anyone who wants to learn more about how to build scalable, reliable, and maintainable systems.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to REST API Design, Development & Management.
Server-side Development with NodeJS
Most relevant
Build a CRUD Node.js and MongoDB employee management web...
Unit Testing for Typescript & NodeJs Developers with Jest
Node JS Curso Completo do Básico ao Avançado
Building a REST API with Python 3
REST APIs with Flask and Python in 2024
Web Scraping in Nodejs & JavaScript
Advanced Typescript programming with NodeJs and Webpack
Automating Power BI Admin
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser