PS:
How was this course created?
Author (Raj) has worked with many large organizations for building their Digital Strategy in which APIwas a central theme. Over the years author recognized certain patterns and practices that led to successful API initiatives. Intrigued by his findings author did thorough research of 100's other successful API providers (examples: Facebook, Expedia, Capital One ...) and that resulted in a collection of Best practices and Design patterns that are covered in this course.
This course covers all the important aspects related to design, development and management of API.The best practices, design patterns, challenges,suggestions &options discussed in this course are either:
Created by analyzing how the popular APIproviders such as Facebook, Twitter, Capital One etc are building and managing their API
Taken from personal experiences of the author
Course is divided into 6 Parts:
1. Setting the stage - Discusses a case study (ACMEtravels) used through the course + provides information on tools used
2. Evolution of REST API- Lectures in this section will cover thefoundational concepts + Why REST/JSONhas become a defacto standard
3. Designing the REST API (Covered in multiple sections)
This is where students will learn the:
Best Practices
Implementation patterns
To demonstrate the implementation aspects, a set ofNodeJSbased APIis also implemented for a fictitious enterprise ACMETravels.
4. Securing the REST API
When an APIis exposed by an enterprise to the public internet, it poses a risk to the enterprise as hackers may use the vulnerabilities in the APIto launch attacks against the enterprise. There are multiple types of such Functional attacks that the APIprovider must consider. You will learn about the common attacks and the best practices for protecting the API.
5. Swagger 2.0 / Open APIInitiative specifications
This section will begin with the description ofCollaborative specifications development process & benefits of adopting contract first approach. At the end of this section student will be able to write Swagger/OAIspecifications for their own API. As part of the lectures, a complete specification will be created forACMEVacations.
6. APIManagement
APImanagementis the process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment. Lectures in this section cover the details of the following activities that an APIprovider carry out within the scope of API management.
APIgee, IBMAPIConnect &Mulesoft platforms will be used for demonstrating the various APImanagement aspects discussed in the lectures. Students are encouraged to try out these platforms on their ownto get a good feel of what APImanagement platforms bring to table. The three platforms offer a free trial version that can be used for testing.
WHYRESTAPI?
Today Enterprises are using RESTAPIsfor not just building mobile applications but also for:
Just creating the APIdoes not guarantee that the enterprise will be able to achieve the desired goals from APIperspective. Adoption of APIby developers depend on multiple aspectssuch as its utility, ease of use, performance, scalability, security. The APIprovider must apply best practices throughout the life cycle of an API.
Who should take this course?
This course is suited for any technologist interested in learning RESTAPIfrom end to end perspective not just fromthe coding perspective. Though this course uses NodeJSfor demonstrating the design best practices, it does not require students to have any prior experience wth NodeJS.
To take this course the student is expected to know any one (or more) programming language;haveunderstanding of web application architecture; to befamiliarwith the concept of services ; understands the data formats such as JSONor XML
Please note that this course will NOTteachhow to code RESTAPIin NodeJS.
