API Integration

Reading

Explain the different between a query string parameter and a path parameter.
- Query String Parameter allows you to filter for specifics, while a path parameter identifies a specific resource or resources.
What would our API URL with a path id parameter be given the following information:
- Domain: http://our-site.com
  - http://our-site.com
- v3
  - http://our-site.com/v3
- model name: stuff
  - http://our-site.com/v3/stuff
- id: things
  - http://our-site.com/v3/stuff/things
We have created a dynamic API with an “interface”. Describe how that interface works to a non-technical friend.
- A dynamic API is an application, running on a web server, that performs actions fora user, and delivers to the user some data (typically JSON data). As opposed to a static API is simply a collection of JSON text files that live on a content delivery network (CDN).

Describe how you would use middleware to implement basic and bearer auth.
- Sign In (Basic Auth) The Basic Authentication processes is initiated by invoking a POST on your /oauth route with a Basic Authorization header. The Basic Auth Middleware should at this point validate the user account in our database, and return an object with a re-authentication/bearer token and the user object or an error object
Describe the handshake necessary to implement OAuth.
- OAuth (3rd Party) to be used on the /oauth route only i.e. app.get(‘/oauth’, OAuth, (req, res) => { … }) Handles the handshake process from a 3rd party OAuth system
Describe how Role Based Access Control works to a non-technical friend.
- Role-based Access Control allows one to turn access to information on and off based on the position one has within an organization. This helps manage liability and streamline onboarding and off-boarding. For instance, a human resources employee will need a different level of access to employee files than a front line worker might.