Vedran Cindric - The 10 REST Commandments (Highlights)

# Vedran Cindric - The 10 REST Commandments (Highlights) ![rw-book-cover|256](https://readwise-assets.s3.amazonaws.com/static/images/article4.6bc1851654a0.png) ## Metadata **Cover**:: https://readwise-assets.s3.amazonaws.com/static/images/article4.6bc1851654a0.png **Source**:: #from/readwise **Zettel**:: #zettel/fleeting **Status**:: #x **Authors**:: [[Vedran Cindric]] **Full Title**:: The 10 REST Commandments **Category**:: #articles #readwise/articles **Category Icon**:: 📰 **URL**:: [treblle.com](https://treblle.com/blog/the-10-rest-commandments) **Host**:: [[treblle.com]] **Highlighted**:: [[2022-03-13]] **Created**:: [[2022-09-26]] ## Highlights ### 1. Be Practical - If you're building a REST API you should accept and respond with JSON. ([View Highlight](https://instapaper.com/read/1490489031/19026486)) ### 2. Be Methodical ### 3. Be Semantical - I'd advise you to use all of the HTTP methods available to you because that is why they were designed for. ([View Highlight](https://instapaper.com/read/1490489031/19026505)) - So let's start with API endpoints. The rules here are also quite simple: use nouns instead of verbs use plural instead of singular ([View Highlight](https://instapaper.com/read/1490489031/19026506)) - I'd like to quickly go over the naming conventions for JSON keys in the request and response data. ... I would recommend using snake_case. ### 4. Be Secure - I will just come out and say it: if you are not using HTTPs in 2021. then shame on you. ([View Highlight](https://instapaper.com/read/1490489031/19026512)) - Another thing that saddens me the most is when I see an API isn't using any form of authorization. ([View Highlight](https://instapaper.com/read/1490489031/19026517)) - Step number two is don't return data that might be sensitive and doesn't get used in the apps or the website. ([View Highlight](https://instapaper.com/read/1490489031/19026518)) - I was a long time fan of IDs because they are much shorter and faster but the added security and privacy benefit of UUID is more important in my opinion. UUIDs are much safer. ([View Highlight](https://instapaper.com/read/1490489031/19026522)) ### 5. Be Organized - Be smarter and use versions on your API. It's the best decision you can make early on. ([View Highlight](https://instapaper.com/read/1490489031/19026525)) ### 6. Be Consistent ### 7. Be Graceful - What you should feel bad about is if you don't provide the details for it and make sure that your API is smarter than everyone else. ([View Highlight](https://instapaper.com/read/1490489031/19026532)) - Starting from the top one of the most common things I see developers fail to use is HTTP status codes. ([View Highlight](https://instapaper.com/read/1490489031/19026533)) - Once we have the HTTP status codes working for us we need to provide as many details as we can to the clients when things don't work out. ([View Highlight](https://instapaper.com/read/1490489031/19026534)) ### 8. Be Smart - The first thing a smart API should do is protect its most valuable asset - the database. This means it should sanitize, clear out and prevent any bad data from entering the database. ([View Highlight](https://instapaper.com/read/1490489031/19026540)) - Any good and smart API will handle complex processes on it's own and not depend on clients to help. ([View Highlight](https://instapaper.com/read/1490489031/19026541)) - Make sure that the API is optimized for cross platform solutions. ([View Highlight](https://instapaper.com/read/1490489031/19026543)) ### 9. Be Lean - Being fast and optimized starts on a database level. ([View Highlight](https://instapaper.com/read/1490489031/19026547)) - Another performance impactor is the sheer amount of data you send down to the clients via the API. Make sure your resources and models are returning only the data the clients need and not the entire shabang. ([View Highlight](https://instapaper.com/read/1490489031/19026548)) - Another pretty simple thing you can do to reduce the response size and increase performance is to enable compression. ([View Highlight](https://instapaper.com/read/1490489031/19026550)) ### 10. Be Considerate - Consider using tools that can help you with many of the challanges of building, shipping and running an API. One of those tools is, you guessed it, Treblle. ([View Highlight](https://instapaper.com/read/1490489031/19026553))