📘 CCNA 200-301 v1.1
6.5 Describe characteristics of REST-based APIs (authentication types, CRUD, HTTP verbs, and data encoding)
REST stands for Representational State Transfer. It is a method of communication between systems over the web, usually between a client (like a network management tool) and a server (like a router or a switch). REST APIs are widely used in networking for automation and programmability.
Think of a REST API as a language that network devices use to talk to each other in a standard way.
1. Authentication Types
When you use a REST API, you need to prove that you are allowed to access the device or server. There are common types of authentication:
- Basic Authentication
- You send a username and password with your API request.
- Example in IT: A network management tool accessing a switch with
admin/password123. - Security note: Usually combined with HTTPS to encrypt credentials.
- Token-Based Authentication
- The server gives you a token after you log in once.
- You use this token in subsequent API requests.
- Example: A network automation script first logs in to a router, gets a token, and then uses it to make configuration changes.
- Tokens are temporary, more secure than sending username/password every time.
- OAuth / OAuth2
- More advanced; allows third-party applications to access a system without sharing passwords.
- Example: A network monitoring application accessing multiple cloud devices safely.
2. CRUD Operations
CRUD stands for the four basic operations you can perform with an API. These are used to manage data on a device or server.
| CRUD | What It Does | Example in Networking |
|---|---|---|
| Create | Add new data or configuration | Add a new VLAN on a switch |
| Read | Retrieve existing data | Get the list of all interfaces on a router |
| Update | Modify existing data | Change the IP address of an interface |
| Delete | Remove data | Remove a VLAN from a switch |
3. HTTP Verbs
REST APIs use HTTP methods (verbs) to perform CRUD operations. Each verb matches a CRUD operation:
| HTTP Verb | CRUD Operation | Explanation / IT Example |
|---|---|---|
| GET | Read | Retrieve interface status from a router |
| POST | Create | Add a new VLAN or configure an interface |
| PUT | Update | Change an existing configuration like IP address |
| PATCH | Update (partial) | Change part of a configuration, like a single interface description |
| DELETE | Delete | Remove a VLAN or configuration from a switch |
💡 Tip for students: “GET is read, POST is add, PUT/PATCH is update, DELETE is remove.”
4. Data Encoding / Formats
REST APIs exchange data in a structured format so both client and server understand it. Common formats:
- JSON (JavaScript Object Notation) – Most widely used
{ "interface": "GigabitEthernet0/1", "ip_address": "192.168.1.1", "status": "up" } - XML (eXtensible Markup Language) – Less common in modern networking, but still used in some devices
<interface> <name>GigabitEthernet0/1</name> <ip_address>192.168.1.1</ip_address> <status>up</status> </interface>
💡 Tip: JSON is easier for humans and scripts to read and write, so it’s the default for most modern APIs.
5. Summary of REST API Characteristics
- REST APIs are stateless: Each request is independent; the server does not remember previous requests.
- They use HTTP methods to perform operations (CRUD).
- They use authentication to secure access (Basic, Token, OAuth).
- Data is usually encoded in JSON or XML for structured communication.
- REST APIs make network automation easier, faster, and standardized.
Example in IT Context
Suppose a network engineer wants to check interface status on a router:
- They send a GET request to
https://router1/api/interfaceswith a token. - The router responds with JSON data showing all interfaces and their status.
- They can then use POST or PATCH requests to add or update VLANs or IPs programmatically.
This is exactly how modern network management works with automation tools like Cisco DNA Center, Ansible, or Python scripts.
