Files
api-guidelines/protocol/separate-concerns.md
apidesigner 48426a3565 Updates protocol/separate-concerns.md
Auto commit by GitBook Editor
2017-03-15 07:55:35 +00:00

49 lines
2.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Separate Concerns
Every API using HTTP/S API **MUST** clearly follow the concern separation of a HTTP message:
1. A _resource identifier_URI **MUST** be used to indicate **identity** only
1. _HTTP request method_ **MUST** be used to communicate the **action semantics** (intent and safety)
1. _HTTP response status_ code **MUST** be used to communicate the **information about the result** of the attempt to understand and satisfy the request
1. _HTTP message body_ **MUST** be used to transfer the **message content**
1. _HTTP message headers_ **MUST** be used to transfer the **metadata** about the message and its content
1. _URI query parameter_ **SHOULD NOT** be used to transfer metadata
#### Example 1
The rule
> A resource identifierURI **MUST** be used to indicate identity only
implies there **MUST NOT** be any information about the representation media type, version of resource or anything else in the URI.
For example, URIs `/greeting.json` or `/v2.1.3/greeting` are **illegal** as they are not used for identification of a resource only but they convey the information about representation format or version. URIs are not meant to carry any other information but the identifier of the resource.
#### Example 2
The rule
> HTTP message body MUST be used to transfer the message content
implies an HTTP GET request **MUST NOT** use HTTP message body to identify the resource. For example a request:
```
GET /greeting HTTP/1.1
Content-Type: application/json
...
{
"filter": "string"
"depth": 3
}
```
is **not acceptable** (ignoring the fact that HTTP GET method shouldn't have the body). To express identity use URI and query parameters instead e.g. `/greeting?filter=string&depth=3`.
---
> _Keep things simple while designing by separating the concerns between the different parts of the request and response cycle. Keeping simple rules here allows for greater focus on larger and harder problems._
>
> _Requests and responses will be made to address a particular resource or collection. Use the path to indicate identity, the body to transfer the contents and headers to communicate metadata. Query params may be used as a means to pass header information also in edge cases, but headers are preferred as they are more flexible and can convey more diverse information._
>
> _ [Heroku HTTP API Design Guide](https://geemus.gitbooks.io/http-api-design/content/en/foundations/separate-concerns.html)_