Michael Bissell
  • Twitter
  • LinkedIn
  • Contact me

Conveniences and Path Variables

Filters can be programmatically applied to path variables. For example, we may have a top-level collection called /agreements which can be filtered by the participating agencies in the /agreement object. I may restrict that list of items with a filter like 

     /agreements?agencyCode=456
In order to restrict a member of Agency 456 from only being able to see their own things, we can create a convenience, or an alias, from

     /agencies/456/agreements
to
     /agreements?agencyCode=456
This allows us to restrict access to users based on the with simple pattern matching at the API frontend. If a person is only allowed to see things in /agencies/456/* they will not be able to rewrite their request to /agencies/123/* -- the front end security will block them before they even get to the actual API.

Main Nav

  • Michael's Resume
  • Presentations and Voice
  • The API Contract
  • Contact me


The API Contract

  • The API Contract
  • Default Formats
  • General API Management
  • Error Standards
  • Response Codes
  • Collections
  • Filters
  • Cherry Picking
  • Conveniences
  • Change Logs

Blog

© Michael Bissell. All rights reserved.