1172 IoT Application Protocols: REST API Design and Best Practices

1172.1 Learning Objectives

By the end of this module, you will be able to:

Design RESTful IoT APIs: Apply REST constraints to IoT resource hierarchies
Implement Proper Error Handling: Use HTTP status codes correctly for device states
Choose Payload Formats: Select between JSON, CBOR, and Protocol Buffers
Version APIs Effectively: Implement URI, header, or query parameter versioning
Apply Rate Limiting: Protect infrastructure from device misbehavior
Secure IoT APIs: Implement authentication, authorization, and TLS best practices

1172.2 Prerequisites

Before diving into this module, you should be familiar with:

Introduction and Why Lightweight Protocols Matter: Understanding HTTP pitfalls in IoT
Protocol Overview and Comparison: Technical comparison of HTTP, MQTT, and CoAP
HTTP Basics: Request methods (GET, POST, PUT, DELETE), status codes, headers

1172.3 How This Module Fits

Chapter Series Navigation: 1. Introduction and Why Lightweight Protocols Matter 2. Protocol Overview and Comparison 3. REST API Design for IoT (this module) 4. Real-time Protocols 5. Worked Examples

This module focuses on practical REST API design patterns specifically for IoT systems, building on the protocol comparison from the previous chapter.

1172.4 Module Overview

This module on REST API design for IoT has been organized into focused chapters for easier learning:

1172.4.1 Chapter Guide

Chapter	Topics Covered	Estimated Time
Design Patterns	RESTful patterns, naming conventions, payload formats, versioning, rate limiting, security	15-20 min
Worked Examples and Quizzes	Thermostat API design, offline device handling, protocol overhead calculations, comprehensive quizzes	20-25 min

Total Module Time: ~35-45 minutes

1172.5 Quick Reference

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#16A085', 'secondaryColor': '#E67E22', 'tertiaryColor': '#ecf0f1'}}}%%
graph TB
    subgraph Patterns["API Design Patterns"]
        REST["RESTful Design<br/>Resources over actions"]
        Naming["Naming Conventions<br/>MQTT topics, CoAP URIs"]
        Payload["Payload Formats<br/>JSON, CBOR, Protobuf"]
    end

    subgraph Practices["Best Practices"]
        Version["API Versioning<br/>URI path recommended"]
        Rate["Rate Limiting<br/>Token bucket algorithm"]
        Security["Security<br/>TLS/DTLS, auth tokens"]
    end

    subgraph Examples["Worked Examples"]
        Thermostat["Thermostat API<br/>Resource hierarchy"]
        Offline["Offline Handling<br/>Connectivity metadata"]
        Quiz["Protocol Quizzes<br/>Battery calculations"]
    end

    REST --> Version
    Naming --> Rate
    Payload --> Security

    style REST fill:#16A085,stroke:#16A085,color:#fff
    style Naming fill:#E67E22,stroke:#D35400,color:#fff
    style Payload fill:#3498db,stroke:#2980b9,color:#fff
    style Thermostat fill:#9b59b6,stroke:#8e44ad,color:#fff

Figure 1172.1: REST API design module structure showing patterns, practices, and examples

1172.6 Key Concepts Summary

1172.6.1 RESTful Design Principles

Resource-Oriented Design: - Model APIs around nouns (devices, sensors, readings), not verbs - HTTP methods provide the actions (GET, PUT, POST, DELETE) - Use consistent URI patterns: /api/v1/{resource}/{id}/{subresource}

Statelessness: - Each request contains all needed information - No server-side session state - Enables horizontal scaling and device reconnection

1172.6.2 Payload Format Selection

Format	Size	Best For
JSON	Large	Development, debugging, web apps
CBOR	Small	Constrained devices, CoAP payloads
Protobuf	Small	High-volume, multi-language systems

1172.6.3 API Versioning (URI Recommended)

coap://sensor.local/v1/temperature
coap://sensor.local/v2/temperature

Simplest for embedded clients
Clear in logs and debugging
Works across all protocols

1172.7 Start Learning

Recommended path:

Start with Design Patterns - Learn RESTful patterns, naming conventions, payload formats, versioning, and security best practices
Continue to Worked Examples - Practice with thermostat API design, offline device handling, and test your knowledge with comprehensive quizzes

1172.8 Summary

This module covers practical REST API design patterns for IoT systems:

Design Patterns Chapter: - RESTful vs message-based patterns - Topic and URI naming conventions - Payload format selection (JSON vs CBOR vs Protobuf) - API versioning strategies - Rate limiting and throttling - Security best practices

Worked Examples Chapter: - Smart thermostat API design - Handling offline devices with connectivity metadata - Protocol overhead and battery impact calculations - Comprehensive review quizzes

1172.9 What’s Next?

After completing this module, continue with:

Real-time Protocols: VoIP, SIP, and RTP for audio/video IoT applications
Protocol Selection Worked Examples: Agricultural sensor network case study

For implementation details: - MQTT Fundamentals - CoAP Fundamentals and Architecture