REST API Design Development Management

Learn the REST API Concepts, Design best practices, Security practices, Swagger 2.0/OAI, Hands on API Management
REST API Design Development Management
File Size :
1.41 GB
Total length :
7h 34m



Rajeev Sakhuja


Last update




REST API Design Development Management

What you’ll learn

Design and Develop RESTful API by applying the best practices & REST constraints
Create practices for API security, versioning, lifecycle management, documentation and other important aspects
Write specifications in Swagger2.0/OAI specifications in YAML format
Create an API management strategy for your enterprise
Leverage some of the common API management platforms for building API proxies (APIGEE, IBM API Connect, Mulesoft Anypoint)

REST API Design Development Management


Any one modern programming language such as Java or Node JS or Go or PHP
Familiarity with web application architecture
Idea on XML or JSON formats
Understanding of the concept of service


PS: This COURSE does NOT focus on Coding of REST API – Focus is on Designing  using proven patterns. Please do NOT enroll if your objective/Goal is just to learn “Coding” part of the REST API.How was this course created?Author (Raj) has worked with many large organizations for building their Digital Strategy in which API was a central theme. Over the years author recognized certain patterns and practices that led to successful API initiatives. Intrigued by his findings author did thorough research of 100’s other successful API providers (examples: Facebook, Expedia, Capital One …) and that resulted in a collection of Best practices and Design patterns that are covered in this course.This course covers all the important aspects related to design, development and management of API. The best practices, design patterns, challenges, suggestions & options discussed in this course are either:Created by analyzing how the popular API providers such as Facebook, Twitter, Capital One etc are building and managing their APITaken from personal experiences of the authorCourse is divided into 6 Parts:1. Setting the stage – Discusses a case study (ACME travels) used through the course + provides information on tools used2. Evolution of  REST API – Lectures in this section will cover the foundational concepts + Why REST/JSON has become a defacto standard3. Designing the REST API (Covered in multiple sections)This is where students will learn the:Best PracticesImplementation patterns To demonstrate the implementation aspects, a set of NodeJS based API is also implemented for a fictitious enterprise ACME Travels.4. Securing the REST APIWhen an API is exposed by an enterprise to the public internet, it poses a risk to the enterprise as hackers may use the vulnerabilities in the API to launch attacks against the enterprise. There are multiple types of such Functional attacks that the API provider must consider. You will learn about the common attacks and the best practices for protecting the API.5. Swagger 2.0 / Open API Initiative specificationsThis section will begin with the description of Collaborative specifications development process & benefits of adopting contract first approach. At the end of this section student will be able to write Swagger/OAI specifications for their own API. As part of the lectures, a complete specification will be created for ACME Vacations. 6. API ManagementAPI management  is the process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment. Lectures in this section cover the details of the following activities that an API provider carry out within the scope of API management.APIgee, IBM API Connect & Mulesoft platforms will be used for demonstrating the various API management aspects discussed in the lectures. Students are encouraged to try out these platforms on their own to get a good feel of what API management platforms bring to table. The three platforms offer a free trial version that can be used for testing.WHY REST API?Today Enterprises are using REST APIs for not just building mobile applications but also for:Creating new channels for partnershipBuilding new revenue streams & business modelsPromoting their brandsJust creating the API does not guarantee that the enterprise will be able to achieve the desired goals from API perspective. Adoption of API by developers depend on multiple aspects such as its utility, ease of use, performance, scalability, security. The API provider must apply best practices throughout the life cycle of an API.Who should take this course?This course is suited for any technologist interested in learning REST API from end to end perspective not just from the coding perspective. Though this course uses NodeJS for demonstrating the design best practices, it does not require students to have any prior experience wth NodeJS. To take this course the student is expected to know any one (or more) programming language; have understanding of web application architecture; to be familiar with the concept of services ; understands the data formats such as JSON or XMLPlease note that this course will NOT teach how to code REST API in NodeJS.


Section 1: Setting the stage

Lecture 1 Introduction to the Author and the Course

Lecture 2 Summary decks download link for the course

Lecture 3 ACME Travels – Case study

Lecture 4 Tools for Design, Development,Testing and Management or REST API

Lecture 5 Crash course on MongoDB Atlas Offering

Section 2: Evolution of RESTful services

Lecture 6 What is an API

Lecture 7 Evolution of REST/JSON API

Lecture 8 Introduction to RESTful API

Lecture 9 Private, Public and Partner API

Lecture 10 Example REST API Walkthrough

Lecture 11 API Value Chain

Section 3: REST API Architectural Constraints

Lecture 12 Introduction to REST Architecture Constraints

Lecture 13 REST API Architectural Constraint – Client Server

Lecture 14 REST API Architectural Constraint – Uniform Interface

Lecture 15 REST API Architectural Constraint – Statelessness

Lecture 16 REST API Architectural Constraint – Caching

Lecture 17 REST API Architectural Constraint – Layered System

Lecture 18 REST API Architectural Constraint – Code On Demand

Lecture 19 Richardson Maturity Model for REST API

Lecture 20 WebApp versus REST API Architecture

Section 4: Desigining REST API

Lecture 21 API Endpoint URL

Lecture 22 Practices for Resource Names, Actions & Associations

Lecture 23 Walk through: Setup the API URI for ACME API

Lecture 24 HTTP API Request flow and HTTP Status Code

Lecture 25 Implementing REST API CRUD operations

Lecture 26 API Data Format Setup

Lecture 27 Setup the Demo/Test environment

Lecture 28 Walkthrough: Creating a Vacations API in Node JS

Section 5: REST API Error Handling Patterns

Lecture 29 REST API Error Handling Practices

Lecture 30 Application Error Handling Patterns

Lecture 31 Walkthrough: Implementation of error handling for POST API

Section 6: REST API Handling Change – Versioning Patterns

Lecture 32 Handling changes to API

Lecture 33 Versioning the API

Lecture 34 Walk through : ACME API Versioning

Section 7: REST API Cache Control Patterns

Lecture 35 API Caching (1 of 2) Concepts & Design decisions

Lecture 36 API Caching (2 of 2) Cache Control Directive

Lecture 37 Walk Through : API Caching using Cache-Control Directives

Section 8: REST API Response Data Handling Patterns

Lecture 38 Building support for Partial Responses

Lecture 39 Walk through : Setup Partial Response Support in ACME API

Lecture 40 Building support for Pagination

Lecture 41 Walk through : Building support for Pagination in ACME API

Section 9: REST API Security

Lecture 42 REST API Security – Introduction

Lecture 43 Securing API with Basic Authentication

Lecture 44 Securing API with Tokens & JWT

Lecture 45 Securing API with API Key & Secret

Lecture 46 API Authorization using OAuth2.0

Lecture 47 API Security – Functional Attack

Section 10: REST API Specifications using Swagger 2.0 / OAI

Lecture 48 Requirements Analysis Process & Intro to REST Specifications

Lecture 49 Swagger/OAI Specifications Walkthrough

Lecture 50 Swagger/OAI Specifications, Part 1 of 3

Lecture 51 Swagger/OAI Specifications, Part 2 of 3

Lecture 52 Swagger/OAI Specifications, Part 3 of 3

Section 11: API Management

Lecture 53 Introduction to API Management

Lecture 54 API Lifecycle & Developer Productivity

Lecture 55 API Developer Portal

Lecture 56 API Security Management

Lecture 57 API Traffic Management

Lecture 58 API Analytics

Lecture 59 API Product and API Monetization

Section 12: Good Bye & All the Best

Lecture 60 Good bye

Technologists interested in learning where, when and how RESTful services should be used in application,Developers of web, mobile, IoT applications looking to build RESTful services on the backend,Solution architects interested in learning how they can leverage “API Management Platforms” such as Apigee/Mulesoft/IBM API Connect,IT Leads aspiring to become architects,This course will NOT teach the student how to code Node JS. Use of NodeJS is to demonstrate the implementation of concepts discussed in the lectures.,This course is NOT for students looking to learn just the coding of REST API

Course Information:

Udemy | English | 7h 34m | 1.41 GB
Created by: Rajeev Sakhuja

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top