REST API best practices

ramjiram · ‎07-24-2015

Hi All,

I have a requirement to setup inbound REST API, so the third party system can consume our REST API's to create/update the incident tickets in our system.

At the same time we do not want them to send any data that is not compliance with the our data. From their end they just invoke the API, but we do want to validate the data before it gets updated into our tables.

Please let us know best practices or steps that can be taken care to come over this situation.

Thanks.

keviningleby · ‎12-21-2018

I was challenged by developers from another ITSM Tool-suite on this recently.

They wanted to only use the Table API to create/update Incident Tickets from their own system.

Having recommended the approach advocated in this thread (and similar sources) - I was unable to find any specific authoritative statements from ServiceNow to back my insistence that the Import Table API (or even Scripted API) approach should be used.

Given that it is obvious to most people - that poking data directly into any SN Tables by any mechanism without proper client-side and server-side checks is just asking for trouble .... and given that 15-20 mins RTFM of the SN Docs would satisfy most people ...

Is there any Authoritive Source of REST API Best Practise out there that also explains various scenarios and how to reach the best solution using the various techniques available in SN ?

Many thanks

Kevin

Mohammed A Kha1 · ‎03-03-2020

Agree with you Kevin, Business rule won't be able to validate when you have multiple fields that's sending by API user during POST or PATCH in various states.

Saurabh singh4 · ‎03-03-2020

Hi

ramjiram

please go through this link,here you will get all the best practises regarding REST API

https://restfulapi.net/resource-naming/

PLEASE MARK MY ANSWER CORRECT OR HELPFUL IF IT HELPS YOU IN ANY WAY

SAURABH