LogoLogo
  • Technical Direction
  • Technical overview
    • Technical Implementation
    • API Design Guide
      • Data Definitions and Standards
      • Data Transfer Objects
      • Documentation
      • Environments
      • Error Handling
      • Example API Service
      • GraphQL Naming Conventions
      • Methods
      • Naming Conventions
      • Once Only Principle
      • Pagination
      • Resource Oriented Design
      • REST Request
      • REST Response
      • Security
      • Versioning
    • Ísland.is Public Web Data Flow
    • Code Reviews
    • Code Standards
    • Monorepo
    • Project Management
    • Teamwork
    • Architectural Decision Records
      • Use Markdown Architectural Decision Records
      • Use NX
      • Continuous Integration
      • CSS
      • Branching and Release Strategy
      • Error Tracking and Monitoring
      • What API Management Tool to Consider
      • Viskuausan Static Site Generator
      • Use OAuth 2.0 and OpenID Connect As Protocols for Authentication and Authorization
      • Unified Naming Strategy for Files and Directories
      • CMS
      • Open Source License
      • What Chart Library Should We Use Across Island.is?
      • What Feature Flag Service/application Should We Use at Island.is?
      • Logging, Monitoring and APM Platform
      • ADR Template
    • Log Management Policy
  • Products
    • Island.is Authentication Service
      • Terminology
      • Integration Options
      • Authentication Flows
      • Authorising API Endpoints
      • Session Lifecycle
      • Scopes and Tokens
      • Delegations
      • Configuration
      • Tools and Examples
      • Environments
      • Test IAS with Postman
    • Notifications / Hnipp
      • New Notification Setup Guide
      • Notifications service workflow overview
      • Email notifications
    • Pósthólfið
      • Security Checklist
      • Introduction
      • Skjalatilkynning API
      • Skjalaveita API
      • Sequence Diagram
      • Interfaces
    • Straumurinn (X-Road)
      • Architecture Guidelines for Service Providers and Consumers
      • Setting up an X-Road Security Server
        • Network Configuration
      • X-Road - Uppfærsla á öryggisþjónum
      • Straumurinn - Notkun og umsýsla
      • X-Road Central - current version
  • Development
    • Getting Started
    • Generating a New Project
    • Definition of done
    • Devops
      • Continuous Delivery
      • Database
      • Dockerizing
      • Environment Setup
      • Logging
      • Metrics
      • NextJS Custom Server
      • Observability
      • Operations Base Principles
      • Security
      • Service Configuration
      • Support
    • AWS Secrets
    • Feature Flags
    • Documentation Contributions
    • Defining Monorepo Boundaries With Tags
    • OpenAPI
    • Code Generation
    • Workspace Settings (Deprecated)
    • External Contributions
  • REFERENCE
    • Problems
      • 400 Validation Failed
      • 400 Attempt Failed
      • 403 Bad Subject
      • 400 500 Template API Error
    • Glossary
  • Misc
    • Guide: Adding a Payment Step to an Application
    • Guide: Enable Organisations to Make Requests to an Application
    • README Template
Powered by GitBook
On this page
  • Content
  • Changelog

Was this helpful?

  1. Technical overview

API Design Guide

PreviousTechnical ImplementationNextData Definitions and Standards

Last updated 1 year ago

Was this helpful?

This is the home of the API Design Guide published by Stafrænt Ísland as a best practice guide for API development. It should help synchronize the work between developers and make working together easier. The guide covers the relevant design principles and patterns to use so the consumer experience is enjoyable and consistent throughout APIs.

This guide is under constant review and updates will be made over time as new design patterns and styles are adopted.

All feedback is welcomed and encouraged to help make the guide better so please feel free to create pull requests.

Content

Changelog

Draft 4 - Published 2023-06-07

Draft 3 - Published 2022-08-16

  • Other small fixes.

Draft 2 - Published 2021-10-19

  • Changing pagination description

Draft 1 - Published 2020-08-31

  • Initial relase

Updated usage of to use 204 instead of 404 when resources are not found or not accessible to the user.

Update to describe arrays in query parameters and how to handle sensitive data in query and path parameters.

Update to use verbs instead of nouns for method names with POST.

Improving .

Adding description of Content Types in .

Making hasPreviousPage and startCursor optional in .

Adding OWASP and IAS reference in .

Documentation
REST Response
Pagination
Security
Once-Only
Resource Oriented Design
Naming Conventions
GraphQL Naming Conventions
Data Definitions
Data transfer objects
Pagination
Methods
REST Request
REST Response
Errors
Documentation
Versioning
Security
Environments
Example Service
Design flow
Resource
PageInfo
Pagination Query parameters
Monorepo library
Case styles
Input objects naming conventions
Query naming conventions
Mutation naming conventions
Integrating naming conventions into shared api
Custom Methods (RPC)
Methods mapping to HTTP verbs
Custom methods (RPC)
General
Resources
Fields
REST Requests
Query parameters
Path parameters
Response Body
HTTP status codes
General
GET
POST
PUT
PATCH
DELETE
Version changes
URLs
Increment version numbers
Deprecating API versions
Describe error handling
Provide feedback mechanism
Example
Setup example
Development
Test
Sandbox
Production
Text encoding
JSON
National identifier
Language and currency
Date and time
Timestamp data