I know I am that kind of user 😂

Client "Can you change your API? If a POST return 201 ours system crashes reading it"
Me "Your system WHAT?????"

When you start wiring your api and front end together...

The CEO at the company I work at has been telling our partners that our PIA is ready. It took me a week to figure out what the hell a PIA was but he actually meant API

Funny. Drunk, standing here waiting for my fries and thinking about rest api implementations. I'm weird.

That moment when you finished your first REST API 🎉

And you realise all it can do is useless ☹️

But then you realise, you can extend the functions easily with you new knowledge 🎊

Man, this emotional up an down is exhausting 😆

Oh God NO! Please tell me it is not normal for an Android app cumminacating with a rest API to send my login credentials in a fucking GET request!

I'm currently programming on the cms REST api for the privacy site (its finally getting somewhere by the way) and I just noticed that I'm programming way cleaner and WITH comments.

My subconcious is probably keeping the fact that the entirety of devRant will see my code in a not too far future 😅

Was programming on the privacy site REST api.

Needed a break and started searching for a good movie or documentary.

Found a documentary about big data/mass surveillance.

I now have loads of motivation for programming on this again as this showed me the importance of secure services/software.

Client: "Hey we want you to integrate your product with our system."
Me: "Oh, OK. Where's your API?"
Client: "Here! We even have an outdated .Net SDK, we use XML."
Me: "Ok.. how do we authenticate? What's your OAuth 2.0 endpoint?"
Client: "O auth what?"
Me: " You know, the current standard for REST API authentication and authorisation"
Client: " What's REST?"
*Hungs up*

So we hired a junior engineer. 1 year of experience, this is his second job.

First task: Send some data to a web service using its REST API. Let me know when you've finished.

Two hours later I go to check on him.
- "I'm trying to decode this weird format the server uses"
He was writing a JSON parser in Python from scratch.

:/

Marketing coworker: We MUST integrate with XYZ

Me: sure, they have a REST API and OAuth2. What part of our system do you want to integrate with XYZ?

coworker: Emmm... I don't know. Everything

Me: ...okay. What does XYZ even do?

coworker: Emmm... our customers use it, so we have to integrate with them.

Me: fine. I'm reading that XYZ has function ABC and PQR. Which one do our customers use?

coworker: ABC, definitely ABC

...

coworker: Our customers say nothing is working!

*looks into the problem*
Me: That's because they're using PQR and not ABC.

This kind of research is NOT my job, it's YOURS

.. when you're exhausted with trying to get your code to work.

FUCK!!! FUCK IT ALL. FUCK YOU AND YOUR CRAPPY BULLSHT UNDOCUMENTED AND OUTDATED API.

YOUR DATABASE SERVER BACK-END HAS TO BE THE ONE MANAGING THE DISPLAY DATA FOR ITS WEB AND MOBILE CLIENTS. NOT THE OTHER WAY AROUND, DAMN IT.

I'M NOT GONNA SIT HERE ALL DAY HARD-CODING ALL YOUR SERVER'S INADEQUACY.

MAKES ME WONDER DO YOU EVER USE DESIGN PATTERNS OR APPLY DESIGN PRINCIPLES? DRY AT LEAST? DON'T FUCKING REPEAT YOURSELF, DAMN IT.

I CAN'T WAIT TO LEAVE THIS PLACE FOR GOOD.

That moment when u created a project and quite some folks forked it and continued their own versions, but then you realised that you've made a little mistake back then so now your dumb code propagated across humanity.

¯\_( ͡° ͜ʖ ͡°)_/¯

!rant !!joke

What is written on a dead API's gravestone?

REST in peace.

Why in God's name would anyone use SOAP over Rest......

Because it makes you cleaner hahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahaha

You know what makes sense? Having a reCAPTCHA on a REST API.

Why on Earth would an API require me to provide input like this?

{"this": "{\"is\": \"not\"}", "how": "{\"json\": \"works\"}"}

😡

Puns for days

I'm working on the project with the weirdest combination of technologies ever:
Vue.js on the frontend, FORTRAN 77 on the backend. :D
(Plus a thin Spring MVC layer that converts the f77 routines into REST API)

Currently working on the privacy site CMS REST API.

For the curious ones, building a custom thingy on top of the Slim framework.

As for the ones wondering about security, I'm thinking out a content filtering (as in, security/database compatibility) right now.

Once data enters the API, it will first go through the filtering system which will check filter based on data type, string length and so on and so on.

If that all checks out, it will be send into the data handling library which basically performs all database interactions.

If everything goes like I want it to go (very highly unlikely), I'll have some of the api actions done by tonight.

But I've got the whole weekend reserved for the privacy site!

Most irritating thing I have to deal with when working on a project with a third-party:

{
status: 200,
message: "error"
}

I spent an hour arguing with the CTO, pushing for having all our new products' data in the database (wow) with an API I could hit to fetch said data (wow) prior to displaying it on our order page.

He never actually agreed with me, but he finally acquiesced and wrote the migrations, API, and entered my (rather contrived) placeholder data. (I've been waiting on the boss for details and copy for three days.)

Anyway, it's now live on QA. but. I don't know where QA is for this app, and it's been long enough that i'm kind of afraid to ask.

Does that sound strange?
well.

We have seven (nine?) live applications (three of which share a database), and none of their repos match their URLs, nor even their Heroku app names. (In some of these Heroku names, "db" is short for the app's namesake, while in the rest it's short for "database").

So, I honestly have no idea where "dbappdev" points to, and I don't have access to the DNS records to check. -.-

What's more: I opened "dbappdev" on Heroku and tested out his new API -- lo and behold! it returns nada. Not a single byte. (Given his history I expected a 500, so this is an improvement, I think. Still totally useless, however.)

And furthermore: he didn't push the code to github, so I cannot test (or fix) it locally.

just. UGH.

every day with this guy, i swear.

Replacing a legacy .Net monolith with a .Net monolith Rest API 🤦‍♂️

Yesterday I received the API documentation from an external company. Over half of the endpoints are either wrong or send invalid data and even the given test requests are fucking failing.
It's a nightmare. We have to finish a website until friday and that company did nothing for 2 months and now we have 2 days left.
The sheer incompetence is too damn high.
My boss said it would have been much better if we had implemented the API on our own. Damn right.

Just found this piece of code from one of my coworkers:

restMethod() {
try {
// some complicated logic
} catch (WebApplicationException e) {
throw e;
}
}

Why?!

And btw: Hi fellow devRant ppl! 👋

I swear I'm going to kill someone if I ever see another "create REST API with Express in 10 minutes" tutorial.

So yesterday I deployed a build on our release environment and i had added a new rest api end-point which I needed to test.. A heads up though, its written in java spring and the entire flow consisted of too many calls/returns from various other java & python services.. Also to make things worse, the entire deployment is a really cumbersome process as you need to copy the build from one box to another..

After like almost 4-5 hours of debugging, adding logs left right & center, crazy upload speeds (yaa this is sarcastic) and frustation at its peak, I found the issue..

There was an if condition that was checking for equality between an enum constant & an enum in a request aaaannnnnddd

*Drum roll

THE CONSTANT ENUM BELONGED TO THE WRONG PACKAGE HENCE ALWAYS EVALUATING TO FALSE... ALSO, BOTH THE ENUMS IN THE DIFFERENT PACKAGES ARE IDENTICAL... FUCCKKKKKKK MY LIFE

😑🔫

PM: hows the android app going?
Android Dev: gradle downloading... blocked by network admin.

PM: anyway how is the iOS app going?
iOS Dev: cocoapods downloading... blocked by network admin.

PM: ... i guess the only thing running now is the web admin right?
Laravel/VueJS Dev: composer nodejs/npm/yarn downloading... blocked by network admin.

PM: team lets retest the api endponts
Team: Postman downloading... blocked by network admin.
Team: -_- Insomnia REST Client downloading... blocked by network admin.

PM: code study?
Team: even visual studio code/android studio/xcode is blocked. :(

.... sad dev life

anyone here with the same problem?

You know what's more irritating than working with a partner who doesn't understand how to properly build an API?

Working with one who fully understands the best practices but doesn't give a shit to implement them until something breaks.

FUCK THE RECRUITERS WHO ASK US TO MAKE AN ENTIRE PROJECT AS A CODE TEST.

Oh you need to scrape this website and then store the data in some DB. Apply sentimental analysis on the data set. On the UI, the user should be able to search the fields that were scraped from the website. Upon clicking it should consume a REST API which you have to create as well. Oh and also deploy it somewhere... Oh I almost forgot, make the UI look good. If you could submit it in one week, we will move towards further rounds if we find you fit enough.

YOU KNOW WHAT, FUCK YOU!

I can apply to 10 others companies in one week and get hired in half the effort than making this whole project for you which you are going to use it on your website YOU SADIST MOTHERFUCK

I CURSE YOUR COMPANY WITH THE ETERNITY OF JS CALLBACK HELL 😡😤😣

Wanted to get the privacy site cms REST API ready for programming again but hadn't put it on gitlab yet.

After some nervous searching I found it again 😅

This weekend I hope to get very far :)

Pro Tip: if you're building a developer REST API, don't forget to add a sample response to each endpoint. I don't want to have to test each one when I'm building my integration, I'd rather build my model in one go with the documentation displayed on a second monitor.

Using 10% React with the rest in Jquery. Importing a giant legacy CSS blob in a newly made SCSS file. Two thirds of the API documentation in docblocks, the rest in Markdown files. Half of the repositories in Github, the other half in Bitbucket. The root of every project littered with ymls and jsons and readmes of stupidly named tools no one has ever heard of.

Fuck your partial refactoring, fuck your little experiments, fuck all this half work. I'm so done with this shit. 😡

I think I ranted about this before but fuck it.

The love/hate relation I have with security in programming is funny. I am working as a cyber security engineer currently but I do loads of programming as well. Security is the most important factor for me while programming and I'd rather ship an application with less features than with more possibly vulnerable features.

But, sometimes I find it rather annoying when I want to write a new application (a web application where 90 percent of the application is the REST API), writing security checks takes up most of the time.

I'm working on a new (quick/fun) application right now and I've been at this for.... 3 hours I think and the first very simple functionality has finally been built, which took like 10 minutes. The rest of the 3 hours has been securing the application! And yes, I'm using a framework (my own) which has already loads of security features built-in but I need more and more specific security with this API.

Well, let's continue with securing this fucker!

Is it me or all REST api use json today ?
And xml is kinda dead ?

I always feel awful when I see an xml rest api.

I can't complain about clients on devRant because I make a REST API and some of my clients use devRant. Oh wait.

My company just got a new developer to work on a legacy PHP app.

My boss was boasting about how this guy has more years of professional experience than me ( I have 9 months of experience and he has been working for 4 years on PHP).
Today was one week since he started and I had him set up a REST API, I had to explain to him what json_encode does and how http requests work.

*Creates a rest api that runs on localhost:8080*
*Creates React front end that runs on localhost:3000*
*Sends a GET request to api*
*Cross-Origin Request Blocked: The Same Origin Policy...*

Thats my fucking dev environment and its my local fucking host! Let me just send a fucking request to my own fucking machine you piece of shit! Why the fuck they didn't add an exclusion to fucking localhost?!?

I created a REST API for a customer that one of their customers should use. I sent some documentation and code samples to the "developer". He didn't understand why he should send css to the API. He obviously couldn't tell json from css...

Fuck me in the ass, but do it harder then this api just so I can feel some love 😖

it's one of those days where you have to migrate from soap to rest, only the rest api doesn't have the same structure or search parameters as the soap api, so there's this entire fucking application sending requests at a brick wall, and expecting a purple throbbing 12 inch cock of xml to be pushed into an multi dimensional array and pushed through to the views to derange the mess, only you have to create that fucking 12 inch cock from several 2 inch dipsticks that have a different hierarchy, different field names, and merge the shit together with a glue gun...

good thing it's only an unexpected prod problem... right? 🤷‍♂️

Ah, the woes of a Monday on the legacy app adventures.

Sleep rant time!

As per usual, I got home late and tired, but wanted to keep on with learning to use Electron for a personal project. I setup everything, created the project and began to tinker with it.

One issue, the script I made was not loading, I spent like 30 minutes wondering why, reading docs (it was 12:40AM). When I was about to give in, I opened the index.html file and guess what? I IMPORTED THE SCRIPT AS A FUCKING STYLESHEET.

I laughed like 2 minutes, then shut the lid of my laptop and went to sleep and thought "Oh, so silly"

Was going to get some REST but her API was wide open:

PUT my/boner/inside/her
413 Request Entity Too Large

Fuck.

boss: I sent you a wsdl file.

me: I saw it. But you sent me a json for a rest api request.

boss: You want me to teach you what a wsdl is?

So we have an API that my team is supposed send messages to in a fire and forget kind of style.

We are dependent on it. If it fails there is some annoying manual labor involved to clean that mess up. (If it even can be cleaned up, as sometimes it is also time-sensitive.)

Yet once in a while, that endpoint just crashes by letting the request vanish. No response, no error, nothing, it is just gone.

Digging through the log files of that API nothing pops up. Yet then I realize the size of the log files. About ~30GB on good old plain text log files.

It turns out that that API has taken the LOG EVERYTHING approach so much too heart that it logs to the point of its own death.

Is circular logging such a bleeding edge technology? It's not like there are external solutions for it like loggly or kibana. But oh, one might have to pay for them. Just dump it to the disk :/

This is again a combination of developers thinking "I don't need to care about space! It's cheap!" and managers thinking "100 GB should be enough for that server cluster. Let's restrict its HDD to 100GB, save some money!"

And then, here I stand trying to keep my sanity :/

Why the fuck does your API have to send 401 when the server is down.

Just spent an hour thinking something was wrong with my auth wrapper.

This company wanted a "sample of your feed output in CSV format". So I threw together some documentation for our REST API. My project manager forwarded a link to their project manager who forwarded it to their backend team who forwarded it to their contactor who is doing the front end. I've half a mind to just put an extra field in the API responses: {
"comment": "If you're reading this, you're the person I've been trying to through to. Email me "
}

The GitHub graphql API is pretty neat, mostly because it's a great example of a product where graphql has advantages over REST. As a code reviewer for repos with hundreds of simultaneous PRs, I use it to filter through branches for stuff that needs my attention the most.

NewRelic's NRQL API is also quite nice, as it provides an unusual but very direct interface into the underlying application metrics.

I'm also a big fan of launchlibrary, purely because I love spaceflight, and their API is an extremely rich and actively maintained resource. This makes it a great data source for playing around with plotting & statistics libraries — when I'm learning new languages or tools, I prefer to make something "real" rather than following a tutorial, and I often use launchlibrary as a fun and useful data backend.

I have discovered a fresh hell

Some guy I’ve never met or heard of in the office lobbed a comment at one of my *approved and merged* pull requests. He doesn’t say anything specific, only that my REST urls are not in line with naming convention. That’s all he says, and I’ve already walked the URL consumers through the code and given them the URLS.

I’m really annoyed that this guy won’t just say what he has in mind, but fine whatever this is a professional environment and developers are not known for being a diplomatic people. Let it go and get your work done!

I do some googling and find an obvious change that needs to happen- I implement it, open a new pull request and inform my URL consumers of the change.

This rando still isn’t satisfied and still won’t say what needs to change. I am on round 3 of this wonderful cycle and this guy is acting all fuckin HAUGHTY about it. “Here is a list of conventions I found googling, you should read them even if it takes 4 hours because it will benefit your career”

Sure dog you’re probably right on that one but we are in a professional environment and at this point you are holding up production so you can wave your dick around! Just SAY WHAT YOU MEAN SO WE CAN MAKE THE CHANGES AND GET OUR WORK DONE

So, I was getting started with express middlewares and installed Postman. I saw this. I literally cracked up laughing so hard at this.

Spent the last days trying to reach paypal tech support, hung on the phone across the globe, with people at paypal CS, who weren't even familiar with their own terminology, read tons of VERY 'straightforward' documentation and it kept me up two nights straight.

ALL because I REFUSED to believe that it is like I understood it between the lines that I read.

Today I got my answer. You can create Billing Plans (rules on which you'll base your subscriptions, i.e. amount, intervals, duration..) ONLY over the rest api, and only when a customer purchases a first subscription, you're able to EDIT the plan on Paypal dashboard!

What fuckery is that!? You have a edit form, but you can not provide a create form?! TY paypal for making me build a whole billing plan manager for usually a one time transaction per website.

I AM SENDING YOU MY PHONE BILL.

TFW you realize the data you wrote an HTML scraper to get is available in a REST API.

Woops!

That moment when you've tried everything and nothing works and the only logical thing left to do is post a question on stackoverflow;
&wait;
&obviously rant on devRant while you wait;

Today I built an ASP.NET Core 2.0 Rest-Api within a docker-container.

Then I ran a docker-container with the compiled ASP.NET Core 2.0 app behind a nginx router.

It was purely magic!

:)

Amazon API ... seriously...this thing is documented over 3 different pdfs in 3 different locations with 3 different requestpattern, 2 different answerpattern and requestthrottling per minute and per hour takes the rest...and then you just do basic stuff e.g. request all orders that were refunded by amazon... who the hell designed this mess?

A vendor gave us what is turning out to be a very stable storage appliance/software, so we're happy for that. But even so, disks fail. So we need an automated way to identify, troubleshoot, isolate, and begin ticketing against disk failures. Vendor promised us a nice REST API. That was six months ago. The temporary process of SSHing(as root) to every single appliance(60-200 per site, dozens of sites) to run vendor storage audit commands remains our go-to means of automation.

Well, today will be a day of trying to make my frontend angular website communicate with my backend symfony rest api. But after work also have to go to college and learn about ER models.
I KNEW MY ER MODELS LONG AGO.

This picture from one of my favorite series shows perfectly what today will be like.

Me trying to learn React & Angular

!rant
Question time for you very few Salesforce devs out there, yea I know there’s some.

Seeing as Google is not my friend today, I’m trying to get SOQL to return null valued fields back to a rest api, something this hunk of shit won’t do, and short of looping back through all the records and injecting these fields back in, I’m at a loss... any advise is welcome 🤯

Just received a test for a job I'm interviewing for. I was interviewing for a C++ position. Practice test: Create an REST API using SpringBoot, Spring Data, document with Swagger and implement continuous integration testing.

To be fair, I also mentioned I'm fluent in Java. But I've never touched SpringBoot or done any backend webdev, since my intention was to never get near it.

Deadline: Sunday. Game on...

I have seen try/catch staments and rest api calls on a class constructor! OMG

"Our company encourages cryptocurrency big data agile machine learning, empowerment diversity, celebrate wellness and synergy, unpack creative cloud real-time front-end bleeding edge cross-platform modular success-driven development of digital signage, powered by an unparalleled REST API backend, driven by a neural network tail recursion AI on our cloud based big data linux servers which output real time data to our Wordpress template interactive dynamic website TypeScript applet, with deep learning tensor flow capabilities.

Don't get what the fuck I just said? Udemy offers countless courses on python based buzzwords. Be the first out of 13 people to sell your soul and private information, and you'll get the first three minutes of the course free!"

You build a system to integrate into an API to save the client hours of data-entry per day and reducing the number of fields needed to be filled manually by 75% and querying for the rest of the data and filling in the blanks. It took weeks of building and researching and bug fixing and when you're finally done the client looks at you unimpressed.

The same client gets a small piece of js that gets users location(by ip address) and uses it to customize a hello message on the home page and they think 'yer a wizard, Harry!' and jump for joy over the "cool factor" of this simple hack.

People are so obsessed with apis nowadays that I was thinking about writing a rest api to get the amount of fucks that i want to give to the client whenever they ask for some change requests or improvements..

FUCK YES.

FIGURED OUT THE SHITTY MICROSOFT GRAPH REST HTTP SHIT API THINGY I'M ECSTATIC

Currently working on my first real REST api and I've arrived at the authentication part.

I'm not sure how to do this one, the client will have to login using username/password but then, what's the most conventional way of authentication logged in users through a REST api? (no oauth (yet))

This should be usable for anything like ajax requests to calls from the backend to curl requests.

Looking forward to ideas!

You know you're talking to a sales guy:

"What's the URL for your API?"
"Um, I don't think we have one."

Making an API REST endpoint in laravel, adding this just for the fun XD

Daily activity, just try new nodejs rest api framework fastify, anyone already using it ?

{ “dow”: “10000001,10000002” }

Me: So what does this mean in the JSON response and why isn’t it a JSON collection?
Dynamics guys: that represents the days of the week. Because that is how it comes out of Microsoft Dynamics.

I’m thinking that they are either bad rest API programmers MS is bad at JSON. I can’t see the code so I don’t know which. No fixes because budget.

So... About a month ago 2 interns started a project from scratch at my company. My boss gave them a project to follow as an example (more for the api and database side).

Wednesday they ended the internship and I've began to help fix the rest of the kinks that were left to be fixed. Friday we were finishing up the app and api to send to the client for tests. The database was created with 4 tables that were equal in structure... Imagine that you need a table for orders and they have status like pending, cancelled, finished and accepted. What they've done was they created 4 tables, one for each status....

Why the hell would you do this???

Job description: designing and building microservices and API contracts for enterprise use. Deep understanding of api/rest design, AWS, etc.

Interview: in this weird IDE while I stare over you, go through and parse this multi-dimensional primitive array using recursion.

...Wtf does this have to do with the role?

Made my first Node.js Todo list today! Got myself a new front end design tool, Bootstrap Studio (50% off). Learned about REST, using Node as an API and MongoDB and Angular! Had a lot of fun learning and I would recommend it to anyone that's a Node.js beginner. I want to do a video tutorial series on Node.js, is that a good idea?

Big companies are crazy.. Half a million euro for a REST API.. Is that normal?!

Me: I should make REST API docs
Also me:

Not only Synology's REST API documentation is outdated, but I have to deal with this.

Let alone the fact that login in a GET request where username and password are passed as query string in URL.

How many times will you say hi to me when we're passing on the stairs for nth time? How many 👋 will you send me in one day at almost regular intervals? I'm not a fucking rest api. You don't have to generate a fucking oauth token every time you pass me some information. I have a fucking state and it's getting distracted by too much human interaction

That joy feeling when you are finally rewriting the backend and frontend with GraphQL instead using the fuckin old undocumented REST API who was written by fuckin amateur ex-coworker.

I started programming when I was 14, because I was deeply enrooted in MMORPG hacking communities. It gave me an escape from real life, and I felt empowered by the skill to create something from nothing. My first language was Lazarus FPC, followed by VB.NET, C#, C++ ( managed and unmanaged non CLR ). As time went on, I found more ways to turn my "hacks" into software, and finally I began selling subscriptions which required me writing an authentication system.

After weeks of research, I began writing my own REST API in PHP using MySQL as my database. At this point I had an IPB forum up and running for a year, but with my newly acquired knowledge I was able to couple my API with my forum software. To properly distribute my API i had to learn NGINX to route my API to a subdomain.

Soon after I began writing my own portal for my authentication system, at which point I had become entirely enveloped in Web Development. I was 17 when I dropped my forum, I'm now 21 and freelancing web app consulting, day job as a QA automation developer.

!Rant

TLDR: What's your favorite REST API Documentation tool?

I'm about to start developing a really large REST API. I have never really had need to document my previous API's since they were small, self explanatory and had only me using them. Aside from this one being too large for me to keep track of there is also a remote team that will need to integrate with it.

Basically I need write exceptional documentation while using as little time as possible. I love postman and am planning to use it for documentation since I currently use it to test during development anyway but I have seen some really neat looking tools like swagger and apiary so I figured I would check for some other suggestions.

What is your current / preferred REST API documentation method?

In a meeting yesterday working through our WebAPI coding standards, starting from File -> New project..etc..etc.. and ironing out some of the left-or-right decisions so we can have a consistent coding style, working in a meeting room with an overhead projector and sharing keyboard around with one another.

Then we hit the routing 'rules' in the WebApiConfig, "api/{controller}/{id}"…

DevMgr: "Do we need the 'api' prefix? It seems redundant."
Ralph: "Yes it's needed. Prefixing the controllers with 'api' is industry best practice. Otherwise, how is anyone to know it's a web api"
Prancer: "Yea, it's part of the REST standard."
Me: "I don't think so. That is only part of the Asp.Net routing rule. We can put anything we want or take anything out."
DevMgr: "Yea, it looks silly. All the new services are going to be business process specific."
Ralph: "That's how everyone does it. It's kind of the point of why REST services are called WebApi"
Prancer: "What's the point of doing any of this work if we're not going to follow industry standards."
Me: "I understand if the service is part of larger web site, but we're developing standalone services. Prefixing routes with 'api' is redundant. I mean who are these 'everyone' you're talking about?"
<ralph rolls his eyes>
Ralph: "Lets see …uhhh… Netflix?. They're kinda a big deal."
Me: "Like I said, it's an integral part of their site and the services they provide. That's fine. I'm talking about the 12 other 3rd party services we integrate with. None of them have 'api' on any of their routes."
Prancer: "We're talking about serious web services."
Me: "Last time I checked, UPS is a big and serious service."
Ralph: "Their services are a fracking joke" – he didn't say fracking.
Me: "Our payroll system, our billing system, billion dollar companies, didn't have '/api' prefix anywhere. Heck, even that free faxing service we used for a while was a dead-simple routing path."
<I take the keyboard away from Ralph, remove the 'api' from the route.>
Me: "There. Done. Now, lets talk about error handling.."

Rest of the meeting Ralph and Prancer don't say much of anything, arms crossed…I swear Ralph looked like he was going to cry.
This morning I catch my boss…
Me: "What did you think of the meeting? I thought Ralph was going to take a swing at me when I took the keyboard away from him."
DevMgr: "Oh yes…I almost laughed out loud….blows my freaking mind how worked up people get about crap that doesn't matter. Api..or not…who the frack cares. Just make it consistent"
Me: "Exactly…I didn't care either way, but I enjoyed calling out that nonsense."
DevMgr: "Yes..waaay too much."

If I didn't call them on their BS and the 'standard' allowed to continue, I can bet my paycheck when the subject comes up in a few months (another mgr asks 'isn't this api prefix redundant?') Ralph and Prancer will be the first to say "Yea, its stupid. We fought really hard to remove it from the standard...its not our fault...its <insert scapegoat> fault."

Please stop calling calling rest to any json over http api. That's not rest, rest has its specifics details to be called rest.

The world: we found a cure for AIDS.
Hacker news: I don't see a RESTful api endpoint for that, so it's useless.

This is the story of the API documentation.
Which btw I couldn't find on the producent's website anywhere. I had the pdf shared with me by a coworker.

I knew the api was fucked up the moment I looked at endpoint documentation.

GET params? WHERE, ORDERBY etc. Literally make a SQL select in a GET request.

Returned stuff? The whole thing. Not some DTO, you literally get everything you can get.
Eg if you get IP in your response, you get it in several formats: dotted form, as hex, and as int. In 3 different json fields.

Oh, and regarding IP - one would imagine you can use masks or prefixes for subnets, right? Nope. The only param you can use there is the subnet size. So you have to calculate the power of 2 every time you want to make a request.

That's from the endpoint documentation. But what about some general info on the API, before all that?

As I was looking for something, I decided to read that intro and general info about the API.

Okay, so there was a change log between API versions. "removed [endpoint which sounds like correct REST design], please use [this generic thing with SQL-like GETs]"... Several of them.

And there was also this sentence which said that the API is not restful, "it's REST-like". <facepalm>

If it was a bad attempt at REST API, I would let it go. But this sentence clearly showed they knew they did everything wrong. And the changelog showed they didn't stop there, they were actively making it worse.

Just spent over 5 hours trying to figure out Microsoft’s OneDrive REST api. Basically my first time trying to do POSTs n’ stuff. I got very very close, but the server kept throwing 400 error codes. Eventually I had to give up and ask Stack Overflow. Going to bed now at 2:20am. No worse feeling then not being able to solve a problem you’re dedicated on solving. :/

Let's do a REST API interface for our webapplication that is incomplete at funcional level!!!

Let's assist people and companies that can't understand what arguments must be passed, even if we don't know too!!!

This is AGILE!!!!

Dear API vendor,

Please get off your arse and learn about REST, OpenAPI, JSON Schema, XSD and basic documentation so that I don't have to guess how to use your shitty, inconsistent, RPC over HTTP service.

With Love,

Platypus

A "partner" company has created a "REST" API we use on an online shop we developed to send all shop-related requests to.
At least once a month, something fails on their end and the customer calls us every time, expecting that we did something wrong, but it has never been us.
These "partners" do exactly zero testing, are extremely slow in solving API bugs, have almost no logging and have no monitoring on the API at all.
Today at noon, suddenly no customers were able to order anything anymore for 4 hours.

How the fuck can you run a business so unbelievably brainless that this keeps repeating monthly?
Time they fire all their "devs" and everyone in charge of the company and operations. TERMINATE.

Api with no documentation and obscure endpoints

Since a few days I have my first dev job in a small it company. At my first day I directly stared to implement a rest api for managing dns servers.

Today I completed the prototype and all works well. What a feeling :)

I just wasted 4 hours debugging a wordpress plugin because the API was returning only the first element of a list. I posted it on support forums, downloaded the plugin's source code and tried to manually find the cause, and I was about to post an issue on the plugin's github page.

It turns out that I forgot I had '$[0]' in my insomnia json filter.... I should probably look for a different job.

Does anyone know how to post a rant via their api. Trying to make a custom devRant app.

Microsoft APIs documentation, best API documentation ever!

I don't use soap, I use ajax while at rest.

Anyone here has an idea of a project to do in Java and Spring (REST stuff) ?
I'm out of ideas :/ and I really want something to build in Java and keep me busy for a while.

Build my own LAMP stack API with REST and GraphQl endpoints

If you're not going to update your API documentation please just delete it. I spent two hours trying to use the example only to discover SECRET REST PARAMETERS that solved my problem.

If it weren't for the hero bitching in the comments about the missing documentation I would never have gotten this to work.

Does devRant have some REST API like twitter?

So company x decides that they're depreciating their REST API v1 in favor of v2 which came out like 2 months ago. But I figure: "I'm okay because I use their official Python module". Well v1 went offline two days ago and they still have not updated their own library to work with v2.

Hate leaving work feeling useless for only writing 5 lines of working code today.

4 hours of meetings, an hour of calls, 2 hours to find 2 annoying bugs and the rest waiting for an api throttle limit so I can test again.

Hoping tomorrow is better!

We are switching to an infinite scroll mode for our app. I told the backend dev in my project (we're just 2 people) I need an API to get more than one post at once.
He told me to use a loop to call the old URL 15 times.
...Not sure if stupid or just too lazy

I just learned the concept of this thing called REST API and now here's GraphQL showing up on me face. Mother fucking web development hell. BRB. KMS

Not have privileges in prod database, so i have to create a simple 'hidden API func' in the backend of apps that i develop, so it can receive raw query and give response for the results, the REST API is (/getReport). Still Works :/

My eyes hurt everytime our backend guy gives me a new REST API to implement in our app and always the formatting of the json is something like this. Like why can't you just fucking format it properly so I won't have to look at my code and feel disappointed for writing such ugly code. All because your lazy ass didn't care to understand the fundamentals of how json objects and arrays work !!! It's been a month since I've joined this company and I'm tired of explaining why we should use the status code for failure checking and not this stupid pass/fail status flag. I don't even remember how many times I've brought it up but everytime I get reasons like "Dude, you know what our server is never going to go down or fail so it doesn't even matter". And at that point I feel like I shouldn't even argue with him anymore.

What idiot uses 0 for a success response!!! Integrating with a 3rd party I found a bug in our code that uses the default value for an int when the external server can't be reached.

As it happens 0 is the default integer in most languages so no surprise when our system accepted the 3rd party as a success when it blew up 😒

Converting 1.5 million lined web app to a rest API....realizing it would be so much easier to just re-develop the web application....at least we're finally starting to move away from coldfusion and heading to node!

Call with Customer for an upcoming software project (tone interpreted through rage)

them: "yeah we want to launch by end of march but our sales people would like to have a demo version asap, incl. structure of the forums and yaddayadda"

me: "earliest at end of feb"
them: "why do you need so long bro?"

me saying: "chill, we'll send you screenshots"

me (not saying): "because you ordered an azure based Active Directory as loginprovider at another company and our own white lable software needs to integrate that and we've never spoke about a demo version you mofos?"
me (also not saying): "and yet another partner that is working on the hardware component still hasn't logged into the API I crafted because he didn't knew how to send parameters to a REST API?"

That moment when you have to exchange data with another system using XML-Files serval hundred MBs in size instead of a proper REST API (ノಠ益ಠ)ノ彡┻━┻

Why doesn't Twitter have a public API without authentication for simple stuff, such as reading tweets. One can do that without logging in on the website, why shouldn't code be able to do it.

Public REST (-inspired) API. Should I skip numeric IDs because it's easy for consumers to snoop around?

Example:

POST api/foo
201 Created api/foo/69

Uh, I'll get 68 just because I can. Hopefully it returns Unauthorized, unless we some kind of bug.

Is it just security by obscurity if I use, like, guids or something instead of sequental IDs?

My current project: PHP microframework that makes building REST API kinda 'easy'

But I've read some articles online that building APIs using PHP is a really bad idea. I guess I just wasted my time. Lol. I hate myself.

When the whole api is using just GET requests, even when updating

Android, the development side.

First it was cool to put stuff together and then i wanted to actually use the phone hardware and realized that the api is terrible and abstracted away in the worst way possible.

Like every java dev would make something like new Camera().photo("penis.jpg") and let the gc take care of the rest but nooooooooo you need persisted objects and datastreams and special permission checks.

Bug on trouble ticket system:

"I get a Nullpointer when i call this REST API *stacktrace*"

- It's not a Nullpointer
- It's a problem on your client http
- *Copy message exception, paste on google, first result is the solution"

And he's a DEV!!!!!

Have you worked with GraphQL? Saw it for the first time and it looks like a pretty good tool for working with APIs, to me. I am excited to read your opinions about GraphQL.

So this is my first experience of shitty code written by colleague

God, for REST API she used ?id=<int>
Not only that,
if the route was /cms

she used GET method for /cms/get/?id= to get single record and
/cms/getAll again in GET method to get all records

Damn

REST apis. More than you think it is.

Just because you can access a resource by a uri, doesn't mean you have a good api.

Hypermedia that shit and let websites reuse your links from api responses, then we are getting somewhere.

Also, Fucking api versioning.. Learned the hard way that /v1/ doesn't mean Shit in most cases

In Django code, looking at a class for caching REST calls. The cache is using Redis via Django's cache layer. In order to store different sets of parameters, each endpoint gets a "master" cache, that lists the other Redis keys, so they can be deleted when evicting the cache. Something isn't right, though. The cache has steadily increased in size and slowed down since 2014 even though many events clear the whole thing!

... And then it hit me. Nothing empties the list of cache keys. Nothing. So it has been growing endlessly since 2014. And everytime it grows, cache eviction gets a little more expensive, network traffic increases a little more, and cache evictions get a little slower.

Fixing this bug took things that were taking routinely an entire minute to complete and made them take a couple seconds.

I hate discussions about how to name resources in a REST api. It’s not like there will ever exist a client that magically knows your conventions. At some point, you need to hardcode an URL in a client/browser. That’s fine, just keep it simple.

This has been a great source of bike-shedding in my job recently.

And don’t even get me started on HATEAOS...

Rest API not working since yesterday

:( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :( :(

A few weeks back we ported our PHP Rest API into a couple of Go micro-services.

Incredibly _satisfying_ job.

Requests went from 20+ seconds to ~100-300ms.

There was still one bottle-neck, though, because we had to use most of the old cluster-fork of a database (because no way I'll be able to fix all that in a week).

And ooh, next we're thinking of switching to gRPC. Man, we have the best jobs.

I am developing a REST api for my android app using laravel.I want to implement web to mobile chat like Facebook's messenger.Any suggestions?

APIs, APIs, APIs... I feel like building an API for everything which goes over the wire is a must-have today! Yes it makes sense for decoupling purpose, access control etc (all the things we learned from OOP design principle books when we were in school) but come on, REST API for internal database access when there is something like SQL over JDBC/ODBC/WhateverBC ?? So I have to study the REST API documentation for applying simple where-statements but in API manner...

I'm faszinated by some dev's ability to write legacy code.
Not maintaining but plainly creating code so horrible, that it can be considered legacy.

I wrote a new API for a silly Application because the old one had hardly anything to do with rest. At all. And despite the code being only 2 years old, it was still unmaintainable.

Now that I'm finish with this task, i got the next generation of the angular Frontend.
A guy wrote a completely new version of the frontend in angular5.
Only untyped variables, no documentation, no tests at all, no idea whats going on where,....

I thought my job was to adjust a few URL's and change some DTO's, but now i have to refactor everything again...
And the pain continues.....

I'm working on a Web API for retrieving informarion of some sort (can't speak as it is a work in progress😝).
Before starting to work on this project all the experience I had was Desktop (C#, VB) and some SQL but now I'm learning so much more: REST, Asp.net core, nosql, GraphQL and more.
Even if I can't finish this project, still what I'm learning is even more valuable

RESTful API Question

Let's say when a user do an action, I need to insert a record into a table and then update a record in different table.

Should I write two API routes (PUT, POST) or one route (POST) ?

Fuck api docs which are blatantly wrong. Wasted several hours on building an API client with pagination according to the api docs.

Turns out the actual implementation did not follow its own spec / api doc and returns values without pagination. And some objects are not objects but arrays.

I mean, next time I build an API client, I'll just fire a dozen requests on the endpoint, see what it wants and see what I get and maybe guess right what it actually does.

Devs: How should we design the UI?
Design & Marketing: We were thinking something like the Ferrari website (or app that has nothing to do with our industry)

Devs: How about we add <feature that all of our competitors have>? We're falling quite behind on that and its hindering us from connecting with their REST API.
Marketing: Nah that's too complicated, and our customers haven't requested it. How about we add some animal animations over there instead?

Developed a very simple REST api with pure php. Eventually "api/users/" worked but "api/users" was 301 moved!!.. it was a big problem

I always end up building my own wrapper using the REST API rather than using the already existing SDKs to just avoid going through the docs!

Golang - should I use gin or should I not? Beginner here…..
It’s for a huge e-commerce rest api btw

> be me, associate dev
> slack mid-level dev 40 lines of code
> I have never written a REST api before
> his response is "lol"

Whoever uses "status" as boolean in responses to indicate whether error happened (true) or not (false)??????!!

Been using nodejs for a rest API. It may be the old fart in me, but I'm regretting using it instead of a normal static typed language. I hope something changes my mind soon, or I'll go through a case of sunken cost fallacy.

I been using digital ocean to host my server for a project, but they seem to get shutdown because of DoS behaviour. I have no idea why. The server is doing some soap and rest communication and controlling a database.
To be fair the password was poor, but it was meant to be a fast way for four people to work on it at the same time.
But after the first shutdown, we rebuild the server and work on functions. Finish the work and went home. But in the server 9 hours of uptime with 2 of them unsupervised it was detected as DoS behaving server.
💻🔪

So I'm having a discussion with frontend devs now and I'm curious how you folks are doing this:

suppose you have a rest api at BE and some js framework in FE consuming it. Where do you format display info at: BE or FE? Info like human-readable timestamps [according to user's TZ], i18n, displaynames with appropr. lengths, etc..

Is this a job for FE or BE in your oppinions?

[imo it's view's job to be responsible for view-speciffic matters, while BE should provide all required info for FE to do it's formatting et al.]

Trying to integrate with sales force API via oath2 has made me lose all confidence in myself as a programmer.

WHY THE FUCK DO YOU FUCKING RETARDS USE TWO DIFFERENT AUTHENTICATION METHODS FOR THE PAYMENT AND THE CHECKOUT API AND DON'T EVEN DOCUMENT THIS SHIT PROPERLY!! 🖕

Not a rant, but maybe someone can help me on this one.

I am currently working on an app that will hopefully go live by the end of the year. Up to now, the webserver and database (for the REST API) is running on an old linux machine. However, as my ISP is not really reliable I want to move this stuff somewhere else. Has someone experience with the varios hosting providers? Currently I am a little bit overwhelmed by all the different solutions out there.

Ideally I would want something that doesn't cost very much now, but also scales with more users.

To make it more concrete, it's basically about neo4j + REST API in Python

Can somehow recommend anything? I really appreciate it, as I am currently a little bit lost on this.

Thanks for reading this!

Gububububu
If I catch the guy who decided to change cowboy library API, I will make him butter toast as a job for the rest of his life. I AM COMING FOR YOU JOSÉ

This morning me and my colleague had huge debate about using GraphQL or REST. While I was in total favour of GraphQL, that guy was more on REST side because he read some random articles on dev.to and medium and was highly motivated to use REST instead of GraphQL.

The problem is, some people write anything on blogging websites without even doing a proper research.

Since, I have worked on GraphQL, I knew it's pros and cons very clearly and what are the things that can be done to solve them.

The guys said that we can't do native caching in GraphQL at which the lava from my head just got burst out.
I showed him the official GraphQL docs where it was clearly mentioned that we can do caching in GraphQL.
Poor guy couldn't say anything after that.

P.s: We are still going to use old school REST APIs but I am happy that I could prove my point. I'll use GraphQL in my side projects anyway, loss for him if he's not exploring something new.

Name a shittier API to hook into than Magento's REST API.

Protip: You can't.

[bit of context]
Building 3rd party integrations via their REST API and keep unearthing "WTF?!" architectural design moments. For example: Pulling down products tells you if it has a configurable parent (product to store all master options, etc)... but fuck me if I want to know what the sku of that parent is, or any other means of accessing it!

How the fuck M2 is such a major eCommerce platform is beyond me. WooCommerce in comparison however: Beautiful API, Beautiful documentation, a couple of limitations, no big deal. I love WooCommerce.

M2 makes me question why the hell I became a dev sometimes.

Many months into the project, we discovered that the client doesn't have a REST API for the data we needed from their side available at all - it's a legacy SOAP service.

I somehow got our Node.JS backend to do SOAP calls and use the XML results.

I'm not sure if I should feel proud or dirty at this point.

Time it took me to write REST API and DB objects = 20 mins

Time it took me to to write a shitty Python 15-line script that parses a text file with regex's = 2 hours after I asked Stackoverflow

Don't even know what to say.

So tired of explaining other stupid developers that POST is not more secure than GET in a ReST api. I have heard many times if you use GET you will be hacked :|

Trello has an explicable REST API documentation. I like it.

Who in their right mind would do this / think of this....

Salesforce has the option use their API. Either via SOAP or Rest. At my work we currently use SOAP and I wanted to rewrite that to Rest. Fine, you would say.

Their Rest API uses oAuth, nothing fancy you would think. But those motherfuckers, per default have the option enabled that the refresh tokens you get via the necessary API calls are being marked expired the moment the API gives them to you... Then why the hell give them in the first place.

It took me 2 hours of my life to figure out, why in godsname all my refresh tokens were marked as expired. Fuck you Salesforce, I want those 2 hours back! God fucking damn it... I really fed up with this type of bullshit!!

Bitex - Python-based REST API framework for cryptocurrency exchanges

Installing phpBB 3.0.5 (from 2009) because of reasons.
This thing has no rest API, if I want to automate it I have to implement my own .. fun :)

Missing endpoint documentation... At least they have a sense of humor :p

Stop shoving Django admin down everyones throat as a client facing solution every time we need any admin functionality.

It’s great at first but then you have to dick around customising it when you could build the same thing with any modern frontend framework and REST API easily.

Not to mention Django admin couples the models to the view it provides you (inlining particular models given their relationships)

So I'm getting brought into a team for our backend services of our administration application, and they're explicitly using Flask (Python library) for their exposed API in their application and data tiers.

As I'm familiarizing myself with their code, utilities, and dependencies, I notice they're stacking 7-8 decorators on their routes from their in-house utility module.. After further investigation, I realized half of them were entirely unnecessary, and they were proofing payload responses three times for the same JSON format.

The fact that we're using Python instead of Node or GoLang for our REST services is pain enough, but these god damn in house utilities are killing me.

"The API will be ready soon", but it comes in late and nothing like the agreed upon spec.

What do you guys think about backend developers who design&implement POST requests with URL parameters? Is this even legal? 🙄

I've been developing Android apps since about 2 years. I learned completely on my own by watching videos and referring websites. Till now I haven't worked on any Big or complex app but now I want sharpen my skills in Android app development,so if anybody needs any sort of Android work to be done I'll be happy to help and there by sharpen my skills..

Soon I’ll be unemployed (on purpose) and will spend some time on my own project ideas.
Pretty much each of them will require an API..

Already started with the first one using python + flask, but I’m planning to do each of them in a different language..

What do you propose? What’s the most fun and the most interesting technology in your opinion?

I’m senior in Java and advanced in JS, / Node so it won’t be any of those and I’m also not a fan of PHP :)

Currently we have to make a new REST API at work. I want to have a clear and functional API (with HAL JSON, that is given). But my colleagues don’t like this, because they don’t like the design (the look and feel) of the HAL JSON responses. They just want an easy API with a nice design, so they want to ignore half of the HAL JSON specification. But a REST API don’t has to be easy and don’t need a fancy design, REST APIs are not for humans but for computers! How can I explain this to them?

The frontend developers in my company are the reason why I have anxiety. Here are few things that grinds my knees:
1) for a long time in projects, they deleted the auth token from their storage without integrating the logout api. They thought why use an API for that. :)
2) most of them had no clue that form fields could accept javascript as inputs and work as XSS vulnerabilities. This actually happened with a client, he got so fucking pissed.
3) One of them asked me to convert a PATCH request to DELETE cos fuck REST and HTTP methods.

For fuck’s sake. I need to get out of this place.

Current directory:

upstream
potatoecode

find ./upstream -maxdepth 1 -type d -ls >> potatoecode/.gitignore

pushd potatoecode
git add .gitignore
git commit -m 'Updated gitignore" .gitignore
git rm -r --cached .
git add .
git commit -am "Purgatory"
popd

*watching with a big smile the burning CI*

--

Story of how I made some devs today very sad. They now have the joyful task to think of a better way to code than to create a nightmare blob of modified source code from upstream - where upstream has ...

- a rest API
- an extension / plugin system
- an system to even modify db schema via an API.

But nooooo.... That would be too good.

Instead one just creates an potatohead of upstream source code with modifications without any version tracking or stuff like that.

Sometimes I really wonder if the devs at our company are masochists and want to be punished....

Rest is always good. Even if you are taking it after lunch or calling an API😝

Wish me luck, I'm returning back to Uni after a months long hiatus. Algorithms, Node and rest API awaits me 😓

Hey guys, is graphQl worth learning? Rest API is so easy to work with...

I think the most excited I've been about my code was when I wrote my first own library to communicate to Google spreadsheets via their rest API.
I didn't find any working modules in perl for that so I wrote my own. Still using it every now and again! 😁

Making REST APIs for Cobol!
Json to fixed block data structures are a bit tricky...

Is logout useless on a Rest API that uses JWT token?

Discuss

When I was working on my dissertation project. I was implementing a video sharing platform. Using Dropwizard for REST. I wrote the entire endpoint for uploading a video in one session. I was just taking a stab at how i thought it could work. Tested it in Postman expecting to get some kind of error.
And it worked first time.

Dear AWS, your Elasticsearch service is a bogus pile of shit-engorged horse fly larvae. Not only do you give no useful visibility into what's happening with the cluster (making diagnosis a sadistic guessing game), you lock down the fucking settings API, making it impossible to debug!! But your excellent support is on it! I wonder if I'll hear back from them this week with another inane suggestion like "increase the node count". Meanwhile the rest of my system is limping along, sometimes getting data where it's supposed to be while I keep fake-smiling and reassuring management and customers that "I'm working on it". If you're going to offer a service either make sure it works or get the fuck out of my way. I'll be moving my cluster back to EC2 and you can go do a back flip off a skyscraper. I need a drink

I've decided that I want to make a REST API using Flask/Python. I've researched it for a few days, but can't seem to find anything close to a definitive answer: How should I structure the application?

I've found a lot of people talking about using Blueprints, and I'm leaning towards that, but I'm wondering if there aren't "better" frameworks for building a REST API? What do people here recommend that I look into?

About to checkout Gatling for load test to my REST api, any other suggestions?

So far their docs look straightforward to follow, requires scala but it doesn't look that complicated for that particular case.

Dotnet core devs, do you recommend another tool?

Does anyone know why websockets aren't used far and wide for APIs? I mean not like chat applications, but the typical webapp, say an online shop. For me it seems kinda wasteful to fire separate requests with tiny payloads all the time. I currently use moleculer and socketio for a quite big project with multiple websites and backend containers, and so far, i haven't found a disadvantage.
So what have i missed?