API Design Best Practices
The following are best practices when you are designing your APIs in
CA Live API Creator
We recommend the following best practices when you are designing your APIs in
CA Live API Creator:
- After you have created your API in API Creator, ensure that your API uses a short and meaningful URL fragment. This URL fragment is part of the URL for your API that API users call. For more information about how to define the URL fragment for your API, see API Properties.
- Specify your logic in API Creator instead of coding logic in your client. This approach centralizes your logic for re-use, including for non-UI clients, such as other systems. It also improves the performance by reducing the amount of data thatCA Live API Creatormust send to the client.
- By default API users can access your data using regular filters and sorts (regular filters and sorts are turned on and allowed). To minimize the possibility of SQL injections, when designing resources, consider disallowing API users to use regular filters and sorts and require that requests to your data use named filters and sort. For more information about:
- If your API does not require that API users specify their authentication token as a URL parameter, clear thePermit Authorization parameter in URLcheckbox (API setting). By default, API users can specify their authentication token as a URL parameter. For more information about this setting, see API Properties.
- Group related rules that you have created for your business logic into topics. For more information about how to add topics and associate rules to topics, see Manage Topics.
If you are connecting to an application database that has a large schema, do the following:
- Define schema filters that limit the scan to only those tables, views, stored procedures, and functions that your API requires. Filtering the schema reduces the time thatCA Live API Creatorneeds to scan the database metadata and update its cache. For more information about how to define schema filters, see Define Schema Filters.
- Create your API using theCode-firstapproach to creating APIs, which creates an empty API. Then add a data source by specifying the database connection credentials and schema filters. This approach to creating your API reduces the time that it takesCA Live API Creatorto scan a database with a large schema. For more information about how to create an API using theCode-firstapproach to creating APIs, see Creating APIs.