API Integration
Explain the different between a query string parameter and a path parameter.
What would our API URL with a path id parameter be given the following information:
- Domain: http://our-site.com
- v3
- model name: stuff
- id: things
http://our-site.com/api/v3/stuff/things
We have created a dynamic API with an “interface”. Describe how that interface works to a non-technical friend.
A dynamic API is an application, running on a web server, that performs actions fora user, and delivers to the user some data (typically JSON data). As opposed to a static API is simply a collection of JSON text files that live on a content delivery network (CDN).
Review Auth Server Build
Describe how you would use middleware to implement basic and bearer auth.
Sign In (Basic Auth) The Basic Authentication processes is initiated by invoking a POST on your /oauth route with a Basic Authorization header. The Basic Auth Middleware should at this point validate the user account in our database, and return an object with a re-authentication/bearer token and the user object or an error object
Describe the handshake necessary to implement OAuth.
OAuth (3rd Party) to be used on the /oauth route only i.e. app.get(‘/oauth’, OAuth, (req, res) => { … }) Handles the handshake process from a 3rd party OAuth system
Describe how Role Based Access Control works to a non-technical friend.
Role-based Access Control allows one to turn access to information on and off based on the position one has within an oirganization. This helps manage liability and streamline onboaring and offboarding. For instance, a human resources employee will need a different level of access to employee files than a front line worker might.