📘 CCNA 200-301 v1.1
6.5 Describe characteristics of REST-based APIs (authentication types, CRUD, HTTP verbs,
REST stands for Representational State Transfer. It is a way for different software systems (like apps, servers, or network devices) to communicate with each other over a network using standard web protocols.
In networking and IT, REST APIs are often used for automation, monitoring, and managing devices like routers, switches, firewalls, or cloud services.
Key Characteristics of REST APIs
- Client-Server Architecture
- The client (like your network management system) sends requests to the server (like a router or switch).
- The server processes the request and sends back a response.
- This separation allows both sides to evolve independently.
- Stateless Communication
- Each request from the client to the server contains all the information the server needs to fulfill it.
- The server does not store information about previous requests.
- Example in IT: Each API call to a switch includes authentication and command details; the switch doesn’t remember past calls.
- Cacheable
- Responses can be cached to improve performance.
- Example: If the client requests the status of an interface multiple times, the server can reuse a cached response instead of computing it again.
- Uniform Interface
- REST APIs use standard web protocols (HTTP) and standard formats like JSON or XML for exchanging data.
- This makes APIs predictable and easier to use.
HTTP Verbs (Methods) and CRUD
REST APIs use HTTP methods to perform operations. These methods map directly to CRUD actions:
| HTTP Verb | CRUD Action | Description in Networking IT |
|---|---|---|
| GET | Read | Retrieve information from a device (e.g., check interface status or CPU usage). |
| POST | Create | Create a new object or configuration (e.g., add a new VLAN on a switch). |
| PUT | Update | Update an existing configuration or object (e.g., change an IP address of an interface). |
| PATCH | Partial Update | Update part of an object (e.g., change only the description of an interface). |
| DELETE | Delete | Remove an object or configuration (e.g., remove a VLAN from a switch). |
Tip for students:
Think of these as simple “read, create, update, delete” actions, just applied to devices through software.
Authentication Types in REST APIs
REST APIs need authentication to ensure only authorized users or systems can access or change data. Common types include:
- Basic Authentication
- Sends a username and password in the request header.
- Simple but less secure unless combined with HTTPS.
- Token-Based Authentication
- The client first logs in with credentials.
- The server gives a token (like a temporary key) that the client uses for further requests.
- Example: Network monitoring software logs in once and uses a token for multiple API calls.
- OAuth
- A more advanced method used for secure access.
- Allows third-party applications to access resources without sharing passwords.
- API Key
- The client includes a secret key in the request header.
- Often used in cloud services or RESTful network APIs.
Data Format
- JSON (JavaScript Object Notation)
- Most common format in REST APIs.
- Example:
{ "hostname": "Router1", "interface": "Gig0/1", "status": "up" }
- XML
- Older format, still used in some systems.
- Example:
<interface><name>Gig0/1</name><status>up</status></interface>
Summary for CCNA Exam
- REST API allows network devices to be managed programmatically.
- Uses HTTP methods (GET, POST, PUT, PATCH, DELETE) for CRUD operations.
- Data is sent in JSON or XML format.
- Communication is stateless and client-server based.
- Authentication ensures security: Basic Auth, Token, OAuth, API Keys.
- Important for automation, monitoring, and configuration in modern networks.
