-
Path parameters describe where an item is located, query parameters are used to filter the results of a query
-
http://our-site.com/api/v3/stuff/things -
We send a request to a specific url. The url tells the server where we are looking and what we want to effect and the request tells the server what we want to do.
-
Middleware is a function that sits between the server receiving a request and processing the request. For basic auth, that function will be checking if the username and password are valid. For bearer auth, the function will be verifying the token that was sent with the request.
-
OAuth handshake:
-
The User Shows Intent
-
The Consumer Gets Permission from the Provider
-
The User Is Redirected to the Service Provider
-
The User Gives Permission for the Consumer to the Provider
-
The Consumer Obtains an Access Token
-
The Consumer Accesses the Protected Resource
-
-
RBAC restricts a user's access to a system based on their role rather than allowing/denying access on a user-by-user basis. When a user tries to perform an action, the app looks at the role(s) a user has and then checks if that role has permission to perform the action the user requested.