REST API Design, Development & Management

Learn the REST API Concepts, Design best practices, Security practices, Swagger 2.0/OAI, Hands on API Management

REST API Design, Development & Management

Learn the REST API Concepts, Design best practices, Security practices, Swagger 2.0/OAI, Hands on API Management


How was this course created?

Author (Raj) has worked with many large organizations for building their Digital Strategy in which API was a central theme. Over the years author recognized certain patterns and practices that led to successful API initiatives. Intrigued by his findings author did thorough research of 100's other successful API providers (examples: Facebook, Expedia, Capital One ...) and that resulted in a collection of Best practices and Design patterns that are covered in this course.

This course covers all the important aspects related to design, development and management of API. The best practices, design patterns, challenges, suggestions & options discussed in this course are either:

  • Created by analyzing how the popular API providers such as Facebook, Twitter, Capital One etc are building and managing their API
  • Taken from personal experiences of the author

Course is divided into 6 Parts:

1. Setting the stage - Discusses a case study (ACME travels) used through the course + provides information on tools used

2. Evolution of REST API - Lectures in this section will cover the foundational concepts + Why REST/JSON has become a defacto standard

3. Designing the REST API (Covered in multiple sections)

This is where students will learn the:

  • Best Practices
  • Implementation patterns

To demonstrate the implementation aspects, a set of NodeJS based API is also implemented for a fictitious enterprise ACME Travels.

4. Securing the REST API

When an API is exposed by an enterprise to the public internet, it poses a risk to the enterprise as hackers may use the vulnerabilities in the API to launch attacks against the enterprise. There are multiple types of such Functional attacks that the API provider must consider. You will learn about the common attacks and the best practices for protecting the API.

5. Swagger 2.0 / Open API Initiative specifications

This section will begin with the description of Collaborative specifications development process & benefits of adopting contract first approach. At the end of this section student will be able to write Swagger/OAI specifications for their own API. As part of the lectures, a complete specification will be created for ACME Vacations.

6. API Management

API management is the process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment. Lectures in this section cover the details of the following activities that an API provider carry out within the scope of API management.

APIgee, IBM API Connect & Mulesoft platforms will be used for demonstrating the various API management aspects discussed in the lectures. Students are encouraged to try out these platforms on their own to get a good feel of what API management platforms bring to table. The three platforms offer a free trial version that can be used for testing.

WHY REST API?

Today Enterprises are using REST APIs for not just building mobile applications but also for:

  • Creating new channels for partnership
  • Building new revenue streams & business models
  • Promoting their brands

Just creating the API does not guarantee that the enterprise will be able to achieve the desired goals from API perspective. Adoption of API by developers depend on multiple aspects such as its utility, ease of use, performance, scalability, security. The API provider must apply best practices throughout the life cycle of an API.

Who should take this course?

This course is suited for any technologist interested in learning REST API from end to end perspective not just from the coding perspective. Though this course uses NodeJS for demonstrating the design best practices, it does not require students to have any prior experience wth NodeJS.

To take this course the student is expected to know any one (or more) programming language; have understanding of web application architecture; to be familiar with the concept of services ; understands the data formats such as JSON or XML

Please note that this course will NOT teach how to code REST API in NodeJS.


Your Instructor


Rajeev Sakhuja
Rajeev Sakhuja

Seasoned hands-on Information Technology consultant with over 20 years of experience in applications development, consulting, infrastructure management & Strategy development @ Background Fortune 500 companies.

11xAWS Certified.

Author of multiple courses on Blockchain, REST API, Domain Driven Design and other technologies.

Linked In Profile




Course Curriculum


  REST API Handling Change - Versioning Patterns
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!