apaas.dev
30 May 2022
SEO Title
Design
Overview
REST allows us to create services and applications that can be used by any device or client who understands HTTP.
- Best Practices for Designing a Pragmatic RESTful API [spanish version].
- Ideal REST API Design.
- StackOverflow best REST API Design.
- Heroku API Reference.
- API Terms Glossary.
- HTTP API Design by Heroku.
- Learn REST: A RESTful Tutorial.
- RAPIS: A REST API Standard for the 21th century.
- IBM Watson REST API Guidelines.
- Microsoft REST API Guidelines.
- Zalando RESTful API and Event Scheme Guidelines
- gov.uk API technical and data standards
Status Code
When you are using a REST design you have to provide the HTTP status code that are the more appropriated to respond to the request.
- HTTP Status code table in RESTAPITutorial.
- httpstatuses.com
- Status code definition in W3C.
- HTTP Status Code Guides
Authentication
- Auth Boss – Learn about different authentication methodologies on the web.
- Authentication Cheat Sheet.
- The Problem With API Authentication in Express.
- Web Authentication Methods Explained.
JWT
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties.
- 10 Things You Should Know about Tokens.
- Cookies vs Tokens.
- JWT Draft in IETF.
- JWT.io.
- Using JSON Web Tokens as API Keys.
- Why Meteor doesn't use session cookies.
- Guide on API authentication and authorization.
Authorization
OAuth
An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications
Caching
- Caching best practices & max-age gotchas.
- Increasing Application Performance with HTTP Cache Headers.
- Using Cloudflare with your API.
Security
- Helmet, help secure Express/Connect apps with various HTTP headers.
- APISecurityBestPractices.
- Node Security Project.
- Node.js Security Checklist.
Format
- HAL – Simple format that gives a consistent and easy way to hyperlink between resources in your API (see: HATEOAS).
- Hydra – Vocabulary for Hypermedia-Driven Web APIs (W3C).
- JSend – Simple specification that lays down some rules for how JSON responses from web servers should be formatted.
- JSON API – Standard for building APIs in JSON.
- JSON-LD – Standard for describing Linked Data and hypermedia relations in JSON (W3C).
- OData – Open protocol to allow the creation and consumption of queryable and interoperable RESTful APIs. Quite complex.
- RAML – Simple and succinct way to describe RESTful API.
- Schema.org – Collection of schemas describing common data models.
Discover
Need a API for your projects?
Curated list
- Awesome APIs Directory – A public list of APIs from round the web.
- public apis – A collective list of public JSON APIs for use in web development.
Directory
- apis.io – API Search service to help discover APIs on the web.
- ProgrammableWeb.
Testing
Querying
- Firecamp – Protocol agnostic API testing client which help you test and manage RestAPIs, GraphQL, Websocket and many more.
- httpie – Command line HTTP client, far more dev-friendly than
curl. - HttpMaster – GUI tool for testing REST APIs and services. Windows OS only.
- jq – Command line JSON processor, to use in combination with a command-line HTTP client like cURL.
- Insomina – A Fancy HTTP REST Client.
- resty – Little command line REST client that you can use in pipelines (bash or zsh).
- TestMace – A modern powerful crossplatform tool for working with API and creating automated API tests.
Mocking
- Beeceptor - Beeceptor helps intercepting API calls and mocking them selectively. Creates an endpoint for wrapping original API and routes requests.
- FakeRest – Patch XMLHttpRequest to fake a REST API client-side.
- JSON Placeholder – Free online REST service that you can use whenever you need some fake data.
- json-server – Get a full fake REST API with zero coding in less than 30 seconds.
- Mocky.io – Free online service to create fake HTTP responses.
- FakeQL – Mainly focused on GraphQL, but can mock RESTful APIs, as well.
- PIPL API – Free and public API that generates random and fake people's data in JSON
- API Mocha - Free online service providing fake REST API endpoints, create customizable responses and download rules as a Postman collection.
Response
- httpstat.us – A super simple service for generating different HTTP codes.
- httpbin – httpbin(1): HTTP Request & Response Service.
- badssl – Testing clients against bad SSL configs.
Documentation
One of the most important part of your API is have a good documentation and updated with the code.
Free
Services
Logging
- PM2 by keymetrics.
- morgan for expressjs.
- Moesif API Analytics. Log and Understand API Traffic.
Modeling and SaaS
Based in DDD (Domain Driven Development). Generates automatically API's in different languages.
- Alteranatives to API Plug – 9 alternative and related products to api plug.
- Apiary – Collaborative design, instant API mock, generated documentation, integrated code samples, debugging and automated testing.
- wrapAPI, Build an API on top of any website.
- import.io, turn web pages into Data.
- RAML, RESTful API Modeling Language.
- Runscope – Automated API Monitoring & Testing.
- swagger.io.
Libraries
Used it to improve your workflow
- hello.js – A client-side Javascript SDK for authenticating with OAuth2.
- nock – HTTP Server mocking for Node.js
- node-ratelimiter – Rate limiter for Node.js backed by Redis.
- node-uuid – Simple and fast generation of UUIDS.
- Supertest – Super-agent driven library for testing HTTP servers.
Frameworks
Designed specifically for building RESTful API's Quickly.
Gateways
Manage API infrastructure concerns such as authentication/authorization, rate limiting, scaling, analytics, etc.
Open Source / Self-hosted
原文:https://github.com/Kikobeats/awesome-api
- 登录 发表评论