REST has been a strong theme among the Identerati in 2012. Initiatives like OAuth2, OpenID Connect and SCIM all have RESTful underpinnings and represent an industry embracing the API economy. When asked why REST is special most respond by saying “it’s lightweight!.” To developers that statement is accepted unconditionally. To business folks, however, that statement is usually meaningless. Therefore, below is what I typically tell people when they want to know more about REST.
REST is an architecture style where simple HTTP is used to make calls between machines. RESTful applications use HTTP requests to create, update, query, and delete data. Since it’s architecture is rooted in a model that mirrors the World Wide Web, developers can simply get and post data using the HTTP protocol. A REST query can be a simple URL (e.g. –http://www.forgerock.com/phonebook/UserDetails/12345) and avoids the complexity of embedding heavy amounts of XML in a query. More importantly, HTTP is a protocol that a massive number of developers understand and know how to use making it very simple and attractive.
Finally, REST is not only lightweight, but it is also platform and language independent. As a result, it is ideal for extending identity to new realms such as social, mobile and cloud. Since the Open Identity Stack is all about protecting these realms at Internet Scale, REST has become a growingly attractive model for community members. Thus, many ForgeRockers are proud to promote REST as a method for helping our brethren to simply and elegantly protect resources regardless of platform and location.