The web-api tag has no usage guidance.
-5
votes
0answers
16 views
Getting data for NFL in browser from API taking lot of time
I have fallen into a core trouble here, we are developing a web based application for the upcoming NFL seasons which is similar to http://www.draftsking.com/, We are using two API's for the player ...
0
votes
1answer
37 views
AngularJS and ASP MVC
We have started to implement AngularJS in our web-applications using ASP MVC.
I am wondering what approach to use for building application in the future.
Keep using our current stategy: Build the ...
3
votes
3answers
94 views
Designing CRUD part of an HTTP API
This question is in the context of web based applications. A web server
exposing an HTTP api for clients (e.g. running in a browser but not
necessarily). Usually the web server would be connected to ...
2
votes
1answer
69 views
Is it safe to include connection data in token?
When generating a ClaimIdentity for use by oAuth in generating a token, is it safe to include database information as a claim?
My application uses a different database depending on the specific ...
0
votes
1answer
60 views
What is better to return from the controller - a JsonResult or a string?
I have a WebAPI application and I have a controller method which is used to return a json result to the UI.
Now, I can either return a string (because the json is basically a string - and it works ...
0
votes
0answers
48 views
Asp.net MVC web application and iOS mobile app
I am currently writing a web application in ASP.NET MVC, so far it is mostly a simple CRUD web app. The database is hosted on the cloud and I am using Entity Framework to interact with it.
I know ...
1
vote
2answers
63 views
API with limits vs site crawling
I started working on a website,for tracking and rating watched anime/manga/etc. and recommendations, and it should also have an API, for providing the info about series and other things.
On similar ...
-2
votes
1answer
51 views
Is Open Data Protocol (odata) Being Widely Embraced by the Development Community? [closed]
EDIT: In case you aren't familiar with odata, here you go.
I am trying to determine whether it is worth learning this technology or if it is something that is not going to catch on.
The premise is ...
0
votes
1answer
123 views
When to implement WCF Rest Service and WebApi
I have gone through many articles to understand why we need WebApi's when we can create restful architecture using WCF rest services but could not find some solid reason. Can we use these ...
0
votes
0answers
41 views
Using REST to get/post/etc polymorphic types stored in Table-per-Type database
I've got a Table-per-Type database something similar to this:
public abstract class WorkItem
{
public int WorkItemId {get;set;}
}
public sealed class CancelingWorkItem : WorkItem
{
public ...
5
votes
3answers
127 views
REST API: Resource Ownership
Let's say there are Users and Pets. Each Pet has a single User as its owner, and a globally unique id. Endpoints could be
/users/1/pets/2
/pets/2
I feel like the first option could be unintuitive ...
5
votes
1answer
382 views
Token or ASP.NET Identity based security in ASP.NET Web API 2
Background
I have a Web API 2 project, without any extension of ASP.NET MVC or ASP.NET projects. The API will only be used to communicate between the server and Windows 8, Windows Phone 8.1 and iOS ...
4
votes
1answer
106 views
Risks of AJAX calls to ASMX
Currently working on an ajax call to an ASP web service (.asmx).
In a situation where I POST to the url/.asmx/WebMethod, am I exposing information of any kind?
In the 'WebMethod' I am running a ...
0
votes
1answer
53 views
REST API - Updating a Variable
If you are updating a variable in a RESTful API, for example person's weight, how should this be laid out?
What I have thought of:
PUT /person/1/weight?weight=150
PUT /person/1/weight
{"weight": ...
3
votes
2answers
137 views
Best practice to handle POST with array of objects if at least one object rise an Exception
I want to POST an array of objects and make an insertion in database concerning each of them. What is the best practice if one object is not conform and rise an Exception ? (cancel all transactions or ...
0
votes
1answer
43 views
API authentication with a single ID
A typical API authentication usually rely on a pair of API ID + SECRET, my question is: if the API ID is unique and randomly generated and is considered strong enough (e.g. SHA512), why a SECRET is ...
1
vote
1answer
84 views
Knowing when a SQL table is done updating before Querying
I am using a self hosted windows service WEB API as the layer between my Windows 8 App and a SQL Server Database because Windows 8 apps can't directly connect to SQL server like win forms or pretty ...
0
votes
0answers
329 views
Sharing authorization logic between ASP.NET MVC 4 and WebAPI 2 projects
Pretty similar to this question here the current application that we are working on has a separate MVC 4 and WebApi 2 projects, where the MVC project is processing the user request to the WebApi which ...
8
votes
2answers
398 views
Role-based REST API?
I'm building a REST API for which several users with different roles will have access to the resources it contains.
To keep the scope simple let's take the "student/teacher/class" domain:
GET ...
1
vote
1answer
75 views
Securing a Web Api for individual Users
We currently have a web app (.net MVC 5), user's login using their username and password and then we store an encrypted value in a cookie to authenticate them on future requests.
We are now in the ...
5
votes
2answers
172 views
Should I validate API output?
I'm working on a Web API to provide data to a third party per the specification they provided.
The process for each API call is essentially:
1. Extract data as XML
2. Deserialize data to DTO (POCO)
...
4
votes
5answers
651 views
why do people do REST API's instead of DBAL's?
At the past two companies I've been at REST API's exist for querying data via a web app. ie. instead of having the web app do SQL directly it calls a REST API and that does the SQL and returns the ...
1
vote
1answer
90 views
What is the idiomatic way in REST to handle field level permissions?
REST APIs conventionally expose resources addressed at the object level. While it's easy to do object level permissions using the appropriate HTTP responses, handling field level permissions is a bit ...
2
votes
0answers
57 views
Can an http service queue up work via a timer?
I'll preface this by saying that I'm not particularly familiar with writing http services.
To keep things simple, I'll use the metaphor of creating a collages from images selected by the user. The ...
3
votes
1answer
103 views
How does this kind of application and DDD relate?
In Domain-Driven Design the application is divided, as I understand, into four layers:
Presentation Layer
Application Layer
Domain Layer
Infrastructure Layer
I understand this well, for instance, ...
1
vote
0answers
188 views
Web Api design - Using Nouns vs verbs
I have this design situation at work. We have a internal Web-Api application and a Asp.Net Web forms application(UI). The web-application is calling Web-Api to update a Contractor.
public Class ...
1
vote
2answers
315 views
RESTful Backend - How coupled should my back end and front end be?
I'm creating a web application with a front end client written in angular as well as a back end that I'm writing in Django (there are reasons I picked the frameworks but they are irrelevant to my ...
3
votes
1answer
170 views
Web API Design advice
I am developing a Web API as services layer for a ASP.NET web forms application.
There are two controllers ContractorController (gives details about the contractor) and PaymentsController (gives ...
0
votes
0answers
72 views
Login Tokens Remote DataServer for use in a Javascript/HTML-PHP environment
I've asked this question on stackoverflow, but i think this is a more appropriate place for it.
I'm creating an app for iOS, Android and the Web. I created a separate Restful Data Service that is ...
0
votes
1answer
95 views
Asp.net Web Api Controller design
I am developing services using Asp.Net Web Api. I am debating on design of our controllers.
We have this common scenario where user will be presented with bunch of search field, once he enters the ...
1
vote
2answers
91 views
Retry method for generating unique code
In an app, a user can initiate the generation a six-digit alphanumeric code (actually done via Web API). The code needs to be checked against a remote database to ensure it is unique. Other than for ...
0
votes
0answers
123 views
adding model specific CRUD operation web api endpoints
Are there are any major design flaws / smells in creating a web api as described below
The models I have
public class CourseModel {
public String Name {get; set;}
public ...
1
vote
0answers
30 views
Posting different-shaped json documents to the same resource in an API
Is it a good idea to create an API in such a way that clients can post different shaped JSON documents to the same Resource? Let me give you an example and and explanation to why I am asking this.
I ...
2
votes
1answer
202 views
Should a web app for a service access its data via its own API or directly?
I'm building a service that will consist of mobile and desktop apps, which will require me to build my own RESTful web API to easily keep the data for the service in sync. I am also building a web ...
0
votes
1answer
188 views
Front-end or Back-end Implementation of API? [closed]
Lets say I want to implement an API from an external website, for example like Dribbble or Last.fm.
I'm fairly new to this new generation of front-end MVC's (angular, etc), and most example's I've ...
1
vote
1answer
62 views
Do the implementations of the Node interface in Web API violate Liskov Substitution Principle?
MDN article on Node interface states that
interfaces [that inherit from Node interface] may return null in particular cases where the methods and properties are not relevant. They may throw an ...
24
votes
3answers
2k views
RESTful API: HTTP verbs with shared or specific URLs?
While creating a RESTful API, should I use HTTP Verbs on the same URL (when it's possible) or should I create an specific URL per action?
For example:
GET /items # Read all items
GET ...
6
votes
2answers
6k views
Is performance the only reason not to use SignalR (websockets) entirely in lieu of a traditional REST API?
I have used SignalR to achieve real-time messaging functionality in several of my projects. It seems to work reliably and is very easy to learn to use.
The temptation, at least for me, is to abandon ...
3
votes
1answer
1k views
why Web API 2 has RouteConfig.cs file?
I m working on Web API project, and it is using WebApiConfig.cs file to defined routs for Web API.
Web API fold RouteConfig.cs file. I have googled and they say RouteConfig.cs is for MVC routing. It ...
2
votes
2answers
249 views
How to deal with multiple “entry points” for an action in a REST API?
Let's say we have two kinds of resources, user and group.
Every user can belong to multiple groups and each group can have many members.
Thus I can model my API like this
/
|_ /users/{id}
| |_ ...
7
votes
1answer
885 views
Why PATCH method is not idempotent?
I was wondering about this.
Suppose I have a user resource with id and name fields.
If I want to update a field I could just do a PATCH request to the resource like this
PATCH /users/42
{"name": ...
1
vote
0answers
27 views
Run WebAPI on Azures free web site
Just a quick question. I see that Azure have an offering where you can host 10 websites for free?
Is it possible to use this to host some WebAPI projects instead of a conventional website? ...
1
vote
1answer
733 views
WCF vs Web API, Deeper details? [closed]
Before I continue, I just want to mention I have heavily researched and searched on this topic, but I need the opinion of people who have worked/and or have practical knowledge with regards to this ...
13
votes
4answers
7k views
Why is there no WSDL type support for Web Api?
So I am just getting started with .Net WebApi and one thing that I am noticing straight away is that there is no Contract defining how the Api looks and should be consumed (Request/Responses from each ...
0
votes
3answers
165 views
Why Microsoft’s Web API is named as ASP.Net Web API
ASP.Net is Active Server Pages using .Net Framework
Wikipedia says
It was first released in January 2002 with version 1.0 of the .NET Framework, and is the successor to Microsoft's Active Server ...
1
vote
1answer
182 views
Should I separate a web api from the webserver?
Lets say I'm building a site similar to this or Quora (or some arbitrary blog-like site). I need a real-time component that will be using web-sockets/long-polling to notify the user of new posts, ...
2
votes
1answer
242 views
How should data transfer between a client and a web API for normalized data be designed?
I want to design an API backed by some database (doesn't really matter which, but to make the discussion more interesting, let's say it's Mongo - explanation below) which sends data to a client.
The ...
2
votes
1answer
466 views
How to handle hidden folders on deployed website
Our security team at work did a security scan of our soon-to-be-deployed website and one of the items that was found was "Hidden Directory Detected". It shows up for 3 different folders, ...
0
votes
1answer
244 views
Single page app permissions represented through RESTful APIs
I'm trying to figure out the right way to handle permissions in a single page app that talks directly to several RESTful APIs, that implement HATEOAS.
As an example:
"As a user of my application I ...
1
vote
3answers
367 views
Commenting strategies in C# & asp.net web api
I've been working on a ASP.NET Web Api 2 project as a learning exercise, and I was wondering what the norm regarding commenting is.
I use the Repository / Service Pattern, and everything is very much ...
