├── .travis.yml
└── README.md


/.travis.yml:
--------------------------------------------------------------------------------
1 | language: ruby
2 | rvm:
3 |   - 2.2
4 | before_script:
5 |   - gem install awesome_bot
6 | script:
7 |   - awesome_bot README.md --allow-redirect
8 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Awesome API [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) [![Build Status](https://img.shields.io/travis/Kikobeats/awesome-api/master.svg?style=flat-square)](https://travis-ci.org/Kikobeats/awesome-api)
  2 | 
  3 | > A curated list of awesome resources for design and implement RESTful APIs.
  4 | 
  5 | ## Design
  6 | 
  7 | ### Overview
  8 | 
  9 | > REST allows us to create services and applications that can be used by any device or client who understands HTTP.
 10 | 
 11 | * [Best Practices for Designing a Pragmatic RESTful API](http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api) [[spanish version](https://elbauldelprogramador.com/buenas-practicas-para-el-diseno-de-una-api-restful-pragmatica/)].
 12 | * [Ideal REST API Design](https://betimdrenica.wordpress.com/2015/03/09/ideal-rest-api-design/).
 13 | * [StackOverflow best REST API Design](https://stackoverflow.blog/2020/03/02/best-practices-for-rest-api-design/).
 14 | * [Heroku API Reference](https://devcenter.heroku.com/articles/platform-api-reference).
 15 | * [API Terms Glossary](https://github.com/Mashape/apiglossary).
 16 | * [HTTP API Design by Heroku](https://github.com/interagent/http-api-design).
 17 | * [Learn REST: A RESTful Tutorial](http://www.restapitutorial.com).
 18 | * [RAPIS: A REST API Standard for the 21th century](https://github.com/lambda2/rapis).
 19 | * [IBM Watson REST API Guidelines](https://github.com/watson-developer-cloud/api-guidelines).
 20 | * [Microsoft REST API Guidelines](https://github.com/Microsoft/api-guidelines).
 21 | * [Zalando RESTful API and Event Scheme Guidelines](http://zalando.github.io/restful-api-guidelines/)
 22 | * [gov.uk API technical and data standards](https://www.gov.uk/guidance/gds-api-technical-and-data-standards)
 23 | * [How to (and how not to) design REST APIs](https://github.com/stickfigure/blog/wiki/How-to-%28and-how-not-to%29-design-REST-APIs)
 24 | 
 25 | ### Status Code
 26 | 
 27 | > When you are using a REST design you have to provide the HTTP status code that are the more appropriated to respond to the request.
 28 | 
 29 | * [HTTP Status code table in RESTAPITutorial](http://www.restapitutorial.com/httpstatuscodes.html).
 30 | * [httpstatuses.com](https://httpstatuses.com/)
 31 | * [Status code definition in W3C](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html).
 32 | * [HTTP Status Code Guides](https://tryhexadecimal.com/guides/http/)
 33 | 
 34 | ### Authentication
 35 | 
 36 | * [Auth Boss](https://github.com/teesloane/Auth-Boss) – Learn about different authentication methodologies on the web.
 37 | * [Authentication Cheat Sheet](https://www.owasp.org/index.php/Authentication_Cheat_Sheet).
 38 | * [The Problem With API Authentication in Express](https://stormpath.com/blog/the-problem-with-api-authentication-in-express/).
 39 | * [Web Authentication Methods Explained](https://blog.risingstack.com/web-authentication-methods-explained/).
 40 | 
 41 | #### JWT
 42 | 
 43 | > JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties.
 44 | 
 45 | * [10 Things You Should Know about Tokens](https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/).
 46 | * [Cookies vs Tokens](https://auth0.com/blog/2014/01/07/angularjs-authentication-with-cookies-vs-token/).
 47 | * [JWT Draft in IETF](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token).
 48 | * [JWT.io](http://jwt.io/).
 49 | * [Using JSON Web Tokens as API Keys](https://auth0.com/blog/2014/12/02/using-json-web-tokens-as-api-keys/).
 50 | * [Why Meteor doesn't use session cookies](http://info.meteor.com/blog/session-cookies).
 51 | * [Guide on API authentication and authorization](https://www.moesif.com/blog/technical/restful-apis/Authorization-on-RESTful-APIs/).
 52 | 
 53 | ### Authorization
 54 | 
 55 | #### OAuth
 56 | 
 57 | > An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications
 58 | 
 59 | * [The OAuth Bible by Mashape](https://github.com/Kong/mashape-oauth/blob/master/FLOWS.md).
 60 | 
 61 | ## Caching
 62 | 
 63 | * [Caching best practices & max-age gotchas](https://jakearchibald.com/2016/caching-best-practices/).
 64 | * [Increasing Application Performance with HTTP Cache Headers](https://devcenter.heroku.com/articles/increasing-application-performance-with-http-cache-headers).
 65 | * [Using Cloudflare with your API](https://support.cloudflare.com/hc/en-us/articles/200504045-Using-Cloudflare-with-your-API).
 66 | 
 67 | ## Security
 68 | 
 69 | * [Helmet, help secure Express/Connect apps with various HTTP headers](https://www.npmjs.com/package/helmet).
 70 | * [APISecurityBestPractices](https://github.com/GitGuardian/APISecurityBestPractices).
 71 | * [Node Security Project](https://nodesecurity.io/).
 72 | * [Node.js Security Checklist](https://blog.risingstack.com/node-js-security-checklist/).
 73 | 
 74 | ## Format
 75 | 
 76 | * [HAL](http://stateless.co/hal_specification.html) – Simple format that gives a consistent and easy way to hyperlink between resources in your API (see: [HATEOAS](#hateoas)).
 77 | * [Hydra](http://www.hydra-cg.com/) – Vocabulary for Hypermedia-Driven Web APIs (W3C).
 78 | * [JSend](http://labs.omniti.com/labs/jsend) – Simple specification that lays down some rules for how JSON responses from web servers should be formatted.
 79 | * [JSON API](http://jsonapi.org/) – Standard for building APIs in JSON.
 80 | * [JSON-LD](http://json-ld.org/) – Standard for describing Linked Data and hypermedia relations in JSON (W3C).
 81 | * [OData](http://www.odata.org/) – Open protocol to allow the creation and consumption of queryable and interoperable RESTful APIs. Quite complex.
 82 | * [RAML](http://raml.org/) – Simple and succinct way to describe RESTful API.
 83 | * [Schema.org](http://schema.org) – Collection of schemas describing common data models.
 84 | 
 85 | ## Discover
 86 | 
 87 | > Need a API for your projects?
 88 | 
 89 | ### Curated list
 90 | 
 91 | * [Awesome APIs Directory](https://github.com/Abhishaker17/Awesome-APIs) – A public list of APIs from round the web.
 92 | * [public apis](https://github.com/toddmotto/public-apis) – A collective list of public JSON APIs for use in web development.
 93 | 
 94 | ### Directory
 95 | 
 96 | * [apis.io](http://apis.io) – API Search service to help discover APIs on the web.
 97 | * [ProgrammableWeb](https://www.programmableweb.com/apis/directory).
 98 | 
 99 | ## Testing
100 | 
101 | ### Querying
102 | 
103 | * [Firecamp](https://firecamp.io) – Protocol agnostic API testing client which help you test and manage RestAPIs, GraphQL, Websocket and many more.
104 | * [httpie](https://github.com/jkbrzt/httpie) – Command line HTTP client, far more dev-friendly than `curl`.
105 | * [HttpMaster](http://www.httpmaster.net) – GUI tool for testing REST APIs and services. Windows OS only.
106 | * [jq](https://github.com/stedolan/jq) – Command line JSON processor, to use in combination with a command-line HTTP client like cURL.
107 | * [Insomina](https://insomnia.rest/) – A Fancy HTTP REST Client.
108 | * [resty](https://github.com/micha/resty) – Little command line REST client that you can use in pipelines (bash or zsh).
109 | * [TestMace](https://testmace.com) – A modern powerful crossplatform tool for working with API and creating automated API tests.
110 | 
111 | ### Mocking
112 | 
113 | * [Beeceptor](https://beeceptor.com) - Beeceptor helps intercepting API calls and mocking them selectively. Creates an endpoint for wrapping original API and routes requests.
114 | * [FakeRest](https://github.com/marmelab/FakeRest) – Patch XMLHttpRequest to fake a REST API client-side.
115 | * [JSON Placeholder](http://jsonplaceholder.typicode.com/) – Free online REST service that you can use whenever you need some fake data.
116 | * [json-server](https://github.com/typicode/json-server) – Get a full fake REST API with zero coding in less than 30 seconds.
117 | * [Mocky.io](http://www.mocky.io/) – Free online service to create fake HTTP responses.
118 | * [FakeQL](https://fakeql.com/) – Mainly focused on GraphQL, but can mock RESTful APIs, as well.
119 | * [PIPL API](https://pipl.ir) – Free and public API that generates random and fake people's data in JSON
120 | * [API Mocha](https://apimocha.com) - Free online service providing fake REST API endpoints, create customizable responses and download rules as a Postman collection.
121 | ### Response
122 | 
123 | * [httpstat.us](https://httpstat.us) – A super simple service for generating different HTTP codes.
124 | * [httpbin](https://httpbin.org) – httpbin(1): HTTP Request & Response Service.
125 | * [badssl](https://badssl.com) – Testing clients against bad SSL configs.
126 | 
127 | ## Documentation
128 | 
129 | > One of the most important part of your API is have a good documentation and updated with the code.
130 | 
131 | ### Free
132 | 
133 | * [docbox](https://github.com/tmcw/docbox).
134 | * [slate](https://github.com/tripit/slate).
135 | * [whiteboard](https://github.com/mpociot/whiteboard).
136 | 
137 | ### Services
138 | 
139 | * [RapidAPI](https://docs.rapidapi.com/docs).
140 | * [Readme.io](https://readme.io/).
141 | * [GitBook](https://www.gitbook.com/).
142 | 
143 | ## Logging
144 | 
145 | * [PM2 by keymetrics](https://pm2.keymetrics.io).
146 | * [morgan for expressjs](https://github.com/expressjs/morgan).
147 | * [Moesif API Analytics](https://www.moesif.com/features/api-logs). Log and Understand API Traffic.
148 | 
149 | ## Modeling and SaaS
150 | 
151 | > Based in DDD (Domain Driven Development). Generates automatically API's in different languages.
152 | 
153 | * [Alteranatives to API Plug](https://www.producthunt.com/alternatives/api-plug) – 9 alternative and related products to api plug.
154 | * [Apiary](https://apiary.io/) – Collaborative design, instant API mock, generated documentation, integrated code samples, debugging and automated testing.
155 | * [wrapAPI, Build an API on top of any website](https://wrapapi.com).
156 | * [import.io, turn web pages into Data](https://www.import.io/).
157 | * [RAML, RESTful API Modeling Language](http://raml.org).
158 | * [Runscope](https://www.runscope.com/) – Automated API Monitoring & Testing.
159 | * [swagger.io](http://swagger.io).
160 | 
161 | ## Libraries
162 | 
163 | > Used it to improve your workflow
164 | 
165 | * [async-ratelimiter](https://github.com/microlinkhq/async-ratelimiter) – Rate limit made simple, easy, async, backed in Redis.
166 | * [hashids](https://github.com/niieani/hashids.js) – A small JavaScript library to generate YouTube-like ids from numbers.
167 | * [typeid-js](https://github.com/jetify-com/typeid-js) – Type-safe, K-sortable, and globally unique identifiers inspired by Stripe IDs
168 | 
169 | ## Frameworks
170 | 
171 | > Designed specifically for building RESTful API's Quickly.
172 | 
173 | * [Loopback](http://loopback.io).
174 | * [Sails.js](http://sailsjs.org).
175 | * [FastAPI](https://github.com/tiangolo/fastapi).
176 | * [rest-hapi](https://resthapi.com).
177 | 
178 | ## Gateways
179 | 
180 | > Manage API infrastructure concerns such as authentication/authorization, rate limiting, scaling, analytics, etc.
181 | 
182 | ### Open Source / Self-hosted
183 | 
184 | * [API Umbrella](http://apiumbrella.io/).
185 | * [ApiAxle](http://apiaxle.com).
186 | * [KrakenD](http://krakend.io).
187 | * [Mashape Kong](https://getkong.org/).
188 | * [Tyk](https://tyk.io/).
189 | * [WSO2 API Manager](http://wso2.com/api-management/try-it/).
190 | 


--------------------------------------------------------------------------------