Representational state transfer

Representational state transfer (REST) is a style of software architecture for distributed hypermedia systems such as the World Wide Web. The term representational state transfer was introduced and defined in 2000 by Roy Fielding in his doctoral dissertation.^[1][2] Fielding is one of the principal authors of the Hypertext Transfer Protocol (HTTP) specification versions 1.0 and 1.1.^[3][4]

Conforming to the REST constraints is referred to as being "RESTful".^[5]

History

The REST architectural style was developed in parallel with HTTP/1.1, based on the existing design of HTTP/1.0.^[6] The largest implementation of a system conforming to the REST architectural style is the World Wide Web. REST exemplifies how the Web's architecture emerged by characterizing and constraining the macro-interactions of the four components of the Web, namely origin servers, gateways, proxies and clients, without imposing limitations on the individual participants. As such, REST essentially governs the proper behavior of participants.

Concept

REST-style architectures consist of clients and servers. Clients initiate requests to servers; servers process requests and return appropriate responses. Requests and responses are built around the transfer of representations of resources. A resource can be essentially any coherent and meaningful concept that may be addressed. A representation of a resource is typically a document that captures the current or intended state of a resource.

The client begins sending requests when it is ready to make the transition to a new state. While one or more requests are outstanding, the client is considered to be in transition. The representation of each application state contains links that may be used next time the client chooses to initiate a new state transition.^[7]

The name "Representational State Transfer" is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through the application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. Fielding's PhD thesis, section 6.1

REST was initially described in the context of HTTP, but is not limited to that protocol. RESTful architectures can be based on other Application Layer protocols if they already provide a rich and uniform vocabulary for applications based on the transfer of meaningful representational state. RESTful applications maximize the use of the pre-existing, well-defined interface and other built-in capabilities provided by the chosen network protocol, and minimize the addition of new application-specific features on top of it.

HTTP examples

HTTP, for example, has a very rich vocabulary in terms of verbs (or "methods"), URIs, Internet media types, request and response codes, etc. REST uses these existing features of the HTTP protocol, and thus allows existing layered proxy and gateway components to perform additional functions on the network such as HTTP caching and security enforcement.

SOAP RPC contrast

SOAP RPC over HTTP, on the other hand, encourages each application designer to define a new and arbitrary vocabulary of nouns and verbs (for example getUsers(), savePurchaseOrder(...)), usually overlaid onto the HTTP POST verb. This disregards many of HTTP's existing capabilities such as authentication, caching and content type negotiation, and may leave the application designer re-inventing many of these features within the new vocabulary.^[8] Examples of doing so may include the addition of methods such as getNewUsersSince(Date date), savePurchaseOrder(string customerLogon, string password, ...).

Constraints

The REST architectural style describes the following six constraints applied to the architecture, while leaving the implementation of the individual components free to design:

Client–server

A uniform interface separates clients from servers. This separation of concerns means that, for example, clients are not concerned with data storage, which remains internal to each server, so that the portability of client code is improved. Servers are not concerned with the user interface or user state, so that servers can be simpler and more scalable. Servers and clients may also be replaced and developed independently, as long as the interface is not altered.

Stateless

The client–server communication is further constrained by no client context being stored on the server between requests. Each request from any client contains all of the information necessary to service the request, and any session state is held in the client. The server can be stateful; this constraint merely requires that server-side state be addressable by URL as a resource. This not only makes servers more visible for monitoring, but also makes them more reliable in the face of partial network failures as well as further enhancing their scalability.

Cacheable

As on the World Wide Web, clients can cache responses. Responses must therefore, implicitly or explicitly, define themselves as cacheable, or not, to prevent clients reusing stale or inappropriate data in response to further requests. Well-managed caching partially or completely eliminates some client–server interactions, further improving scalability and performance.

Layered system

A client cannot ordinarily tell whether it is connected directly to the end server, or to an intermediary along the way. Intermediary servers may improve system scalability by enabling load-balancing and by providing shared caches. They may also enforce security policies.

Code on demand (optional)

Servers are able to temporarily extend or customize the functionality of a client by transferring logic to it that it can execute. Examples of this may include compiled components such as Java applets and client-side scripts such as JavaScript.

Uniform interface

The uniform interface between clients and servers, discussed below, simplifies and decouples the architecture, which enables each part to evolve independently. The four guiding principles of this interface are detailed below.

The only optional constraint of REST architecture is code on demand. If a service violates any other constraint, it cannot strictly be referred to as RESTful.

Complying with these constraints, and thus conforming to the REST architectural style, will enable any kind of distributed hypermedia system to have desirable emergent properties, such as performance, scalability, simplicity, modifiability, visibility, portability and reliability.

Guiding principles of the interface

The uniform interface that any REST interface must provide is considered fundamental to the design of any REST service.^[9]

Identification of resources

Individual resources are identified in requests, for example using URIs in web-based REST systems. The resources themselves are conceptually separate from the representations that are returned to the client. For example, the server does not send its database, but rather, perhaps, some HTML, XML or JSON that represents some database records expressed, for instance, in Finnish and encoded in UTF-8, depending on the details of the request and the server implementation.

Manipulation of resources through these representations

When a client holds a representation of a resource, including any metadata attached, it has enough information to modify or delete the resource on the server, provided it has permission to do so.

Self-descriptive messages

Each message includes enough information to describe how to process the message. For example, which parser to invoke may be specified by an Internet media type (previously known as a MIME type). Responses also explicitly indicate their cacheability.^[1]

Hypermedia as the engine of application state

Clients make state transitions only through actions that are dynamically identified within hypermedia by the server (e.g. by hyperlinks within hypertext). Except for simple fixed entry points to the application, a client does not assume that any particular actions will be available for any particular resources beyond those described in representations previously received from the server.

Key goals

Key goals of REST include:

• Scalability of component interactions
• Generality of interfaces
• Independent deployment of components
• Intermediary components to reduce latency, enforce security and encapsulate legacy systems

REST has been applied to describe the desired web architecture, to help identify existing problems, to compare alternative solutions, and to ensure that protocol extensions would not violate the core constraints that make the Web successful.

Fielding describes REST's effect on scalability thus:

REST's client–server separation of concerns simplifies component implementation, reduces the complexity of connector semantics, improves the effectiveness of performance tuning, and increases the scalability of pure server components. Layered system constraints allow intermediaries—proxies, gateways, and firewalls—to be introduced at various points in the communication without changing the interfaces between components, thus allowing them to assist in communication translation or improve performance via large-scale, shared caching. REST enables intermediate processing by constraining messages to be self-descriptive: interaction is stateless between requests, standard methods and media types are used to indicate semantics and exchange information, and responses explicitly indicate cacheability.^[10]

Central principle

An important concept in REST is the existence of resources (sources of specific information), each of which is referenced with a global identifier (e.g., a URI in HTTP). In order to manipulate these resources, components of the network (user agents and origin servers) communicate via a standardized interface (e.g., HTTP) and exchange representations of these resources (the actual documents conveying the information). For example, a resource that represents a circle may accept and return a representation that specifies a center point and radius, formatted in SVG, but may also accept and return a representation that specifies any three distinct points along the curve (since this also uniquely identifies a circle) as a comma-separated list.

Any number of connectors (e.g., clients, servers, caches, tunnels, etc.) can mediate the request, but each does so without "seeing past" its own request (referred to as "layering," another constraint of REST and a common principle in many other parts of information and networking architecture). Thus, an application can interact with a resource by knowing two things: the identifier of the resource and the action required—it does not need to know whether there are caches, proxies, gateways, firewalls, tunnels, or anything else between it and the server actually holding the information. The application does, however, need to understand the format of the information (representation) returned, which is typically an HTML, XML or JSON document of some kind, although it may be an image, plain text, or any other content.

RESTful web services

A RESTful web service (also called a RESTful web API) is a simple web service implemented using HTTP and the principles of REST. It is a collection of resources, with four defined aspects:

• the base URI for the web service, such as http://example.com/resources/
• the Internet media type of the data supported by the web service. This is often JSON, XML or YAML but can be any other valid Internet media type.
• the set of operations supported by the web service using HTTP methods (e.g., GET, PUT, POST, or DELETE).
• The API must be hypertext driven.^[11]

The following table shows how the HTTP methods are typically used to implement a web service.

The PUT and DELETE methods are idempotent methods. The GET method is a safe method, meaning that calling it produces no side-effects (this also implies idempotence).

Unlike SOAP-based web services, there is no "official" standard for RESTful web services.^[13] This is because REST is an architecture, unlike SOAP, which is a protocol. Even though REST is not a standard, a RESTful implementation such as the Web can use standards like HTTP, URI, XML, etc.

Public implementations

REST can be found in a number of places on the public Web:

• The Atom Publishing Protocol for publishing to blogs is considered a canonical RESTful protocol.
• Sun Microsystems' Cloud API is a good example of resource media type documentation.
• The Open Services for Lifecycle Collaboration (OSLC) initiative is establishing a RESTful approach to integrating software development artifacts.
• CouchDB is a document-oriented database written in Erlang that provides a RESTful JSON API that can be accessed from any environment that allows HTTP requests.
• MySQL Cluster is a write-scalable auto-sharded database also accessible through a native REST/JSON interface as an Apache module.
• Microsoft's Canonical REST Entity Service.
• Nuxeo, an open source document manager, implements a Content Automation interface via a REST API

• Sones GraphDB is a graph-oriented database written in C# that provides a RESTful interface
• Amazon AWS implements RESTful APIs as one option to interact between client and server.
  • Amazon.com's S3 is their only truly REST offering;

Framework implementations

• .NET Open-Source - OpenRasta, ServiceStack, RestSharp
• ColdFusion - ColdFusion on Wheels, Mach-II, Taffy
• Ext JS
• Grails JSON-REST-API plugin
• Java Jt Design Pattern Framework, Wink , Restlet, JBoss RESTEasy, Jersey, Apache CXF, NetKernel, Apache Sling, Restfulie, Play Framework, Spring Framework, Mule
• Microsoft's WCF Data Services, WCF Web Api
• Microsoft's ASP.NET MVC, [1]
• Perl Catalyst, Dancer, Mojolicious
• PHP DooPHP, FuelPHP, Symfony, Zend Framework, CakePHP, Kohana, Sapphire, CodeIginter, FRAPI, RECESS, Simple-REST
• Python Tastypie, django-piston, django-rest-framework, django-rest-interface django-restapi, web.py, lazr.restful
• REST microkernel and software platform NetKernel
• Ruby Ruby on Rails, Sinatra, Restfulie
• TurboGears2 provides a RestController
• ZEST - lightweight Struts-like Web framework
• ERRest - REST framework for Apple's WebObjects
• Mule light-weight integration platform with strong REST and SOAP capabilities
• Salesforce Force.com REST API

Outside the Web

Software that may interact with a number of different kinds of objects or devices can do so by virtue of a uniform, agreed interface.

CMIP

The Common Management Information Protocol (CMIP) was designed to allow the control of network resources by presenting their manageable characteristics as object attributes. The objects have parent-child relationships that are identified using distinguished names and attributes, which are read and modified by a set of CRUD operations. The notable non-restful aspect of CMIP is the M_ACTION operation although, wherever possible, designers of management information bases (MIBs) would typically endeavour to represent controllable and stateful aspects of network equipment through attributes.

Footnotes

1. ^ ^{a b} Chapter 5 of Fielding's dissertation is "Representational State Transfer (REST)".
2. ^ "Fielding discussing the definition of the REST term"
3. ^ RFC 1945
4. ^ RFC 2616
5. ^ Richardson, Leonard; Sam Ruby (2007). "Preface". RESTful web service. O'Reilly Media. ISBN 978-0-596-52926-0. http://books.google.com/books?id=XUaErakHsoAC&printsec=frontcover#v=onepage&q&f=false. Retrieved 18 January 2011. 
6. ^ Fielding discusses the development of the REST style
7. ^ Fielding talks about application states
8. ^ Scribner, Kenn; Seely, Scott (2009), Effective REST Services via .NET, Boston: Addison-Wesley, ISBN 978-0-321-61325-7 
9. ^ (Fielding 2000, §5.1.5)
10. ^ (Fielding 2000, §5.3.1)
11. ^ REST APIs must be hypertext driven by Roy Fielding
12. ^ Richardson, Leonard; Ruby, Sam (2007), RESTful Web Services, O'Reilly (published (May 8, 2007)), ISBN 0596529260 
13. ^ Elkstein, M. What is REST?. Retrieved on 2009-07-04.

See also

• Clean URLs
• Create, read, update and delete (CRUD)
• HATEOAS (Hypermedia as the Engine of Application State)
• Service-oriented architecture
• Waka (protocol)

References

• Fielding, Roy T.; Taylor, Richard N. (2002-05), "Principled Design of the Modern Web Architecture" (PDF), ACM Transactions on Internet Technology (TOIT) (New York: Association for Computing Machinery) 2 (2): 115–150, doi:10.1145/514183.514185, ISSN 1533-5399, http://www.ics.uci.edu/~taylor/documents/2002-REST-TOIT.pdf 
• Fielding, Roy Thomas (2000), Architectural Styles and the Design of Network-based Software Architectures, Doctoral dissertation, University of California, Irvine, http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm 
• Pautasso, Cesare; Zimmermann, Olaf; Leymann, Frank (2008-04), "RESTful Web Services vs. Big Web Services: Making the Right Architectural Decision", 17th International World Wide Web Conference (WWW2008) (Beijing, China), http://www.jopera.org/docs/publications/2008/restws 
• Richardson, Leonard; Ruby, Sam (2007-05), RESTful Web Services, O'Reilly, ISBN 978-0-596-52926-0, http://oreilly.com/catalog/9780596529260 

External links

• RESTful Web services: The basics
• InfoQ Explores: REST
• Illustration of a self-documenting RESTful API and creation of RESTful web services through an interactive demo
• Stefan Tilkov: A Brief Introduction to REST
• Stefan Tilkov: REST Anti-Patterns
• Martin Fowler describes the Richardson Maturity Model as a way of building up an understanding of RESTful APIs
• Gregor Roth: RESTful HTTP in practice
• The REST Dialogues
• How I Explained REST to My Wife: Simple explanation of what REST is and why it's important
• Oxygen REST API A Demo REST implementation
• REST for the Rest of Us
• REST vs. SOAP at Amazon - Why 85% of the users of Amazon use REST rather than SOAP
• http://drupal.org/project/services Work with data from Drupal where Drupal act as a REST server.
• restfuse and rest-assurred – Frameworks for Java to test REST services