Menu
I've seen URIs that support magic ids for the authenticated user like below:
GET /user/me - list my profile GET /user/me/photos - list my photos where the ones below use the actual user id
GET /user/742924 GET /user/742924/photos The problem I see is that the same resource id points to a different resource depending on the authenticated user.
Is this going against any REST principles?
817
Each REST API resource can be accessed by using a Uniform Resource Identifier (URI). The URI must contain the correct connection information to successfully call the API. The connection information consists of the host name where the web management service is running, and the port number that the service is using.
Last Updated October 27, 2022. This REST API is used to retrieve all the users of CA NIM SM.
Using /me to name a resource that corresponds to the authenticated user is perfectly fine from a REST perspective. According to Roy Thomas Fielding's dissertation, any information that can be named can be a resource:
5.2.1.1 Resources and Resource Identifiers
The key abstraction of information in REST is a resource. Any information that can be named can be a resource: a document or image, a temporal service (e.g. "today's weather in Los Angeles"), a collection of other resources, a non-virtual object (e.g. a person), and so on. In other words, any concept that might be the target of an author's hypertext reference must fit within the definition of a resource. A resource is a conceptual mapping to a set of entities, not the entity that corresponds to the mapping at any particular point in time. [...]
When using /me, you have a locator for the authenticated user and it will always identify the concept of an authenticated user, regardless of which user is authenticated.
83
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
