1

I refer many document for trying making api Restful like below:

GET    /user
POST   /user
GET    /user/123
PUT    /user/123
DELETE /uesr/123

But Backend uses OAuth2 token to retrieve user id, it means that Server will know 123 after get token.

I thought it's not a great idea to put token directly in the id place:

GET     /user/aweakleknf11123232sadwanawndajkdnamdal

Is any better practice to the restful OAuth2 API?

Improve this question

1 Answer 1

Reset to default
1

While designing RESTful api don't think too much about how your url look, rather it is just representation of your resources. And moreover it is not good idea to expose domain model of your project if your api is public.

If you have gone through Facebook api design you can see that they refer user as 

/me?method=GET&format=json&access_token=...

They have abstracted the domain and just sharing self descriptive representation.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.