permissions and hypermedia and discoverable apis

Toward the end of the day today, Alex and I were discussing permissions, usability, and keeping the API dry. The problem is that you have permissions that are part of your app (duh) and these permissions are not the same for every user (duh). Well usability dictates that we should hide unusable actions and unviewable pages (duh). But we want to have a nicely organized API that restfully describes resources. We also want to use that API code for our web tier and we don’t want to have some /classes and /permissions http requests for every web page we render. 

Then I finally realized the connection between hypermedia and discoverable restful apis. All the times I’ve read descriptions of discoverable urls in Apis, all I can hear is “Soap! Wisdl! Auto generated code!” And then I lose interest because that’s not my style. What I miss, though, is that HTML pages have this capability built into them. This is great as it allows links between pages forming the whole web thing, but it also gives a pretty intuitive declaration of your permissions model. So including (or specifically excluding the proper API end points do provide all that discoverability stuff, but it also just lets you w express your permissions model in as intuitive a fashion as you can in your HTML code.


About joeldart

I am a 34 year old software developer living in Indianapolis, IN.
This entry was posted in Uncategorized. Bookmark the permalink.

1 Response to permissions and hypermedia and discoverable apis

  1. Pingback: Scott Banwart's Blog › Distributed Weekly 196

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s