The correct JSON API or JSON RPC

    What is the JSON API?

    Surely many in the know.

    JSON - Text format for data exchange JSON
    API - API application programming interface

    Keywords here: data exchange interface.

    A, then what is JSON-RPC?

    JSON - we are already in the know.

    RPC - remote procedure call RPC

    We conclude that JSON-RPC is: remote data exchange.

    Surely this data exchange will occur with a certain interface, i.e. with the API.

    And what's the problem?! You ask. And the fact is that some programmers developing the JSON API, i.e. the interface, forget about JSON-RPC. And the next invention of the bicycle begins. The Frontend programmer says: “I will give you such json”, and the Backend programmer replies: “I will return you such json”. And all would be fine, but it would be good to remember that smart people have long developed standards, or rather data exchange protocols. And not some super complex, but very simple ones: JSON-RPC

    Most likely, if not to say that almost everyone knows and even uses these protocols. A bunch of servers are written, etc. But personally, not everything suited me in the existing protocols. They seemed to me not flexible enough and not logical in everything. As you might have guessed, I decided to invent my bike json-rpc-1.5

    The main differences from existing protocols are:

    • Optional “sign” parameter - Signature or Token
    • In queries, instead of the param parameter, the data parameter is used, because we always send data, not just parameters.
    • In all answers the parameter “result” is always returned and it contains a description of the result of the query “success” or “error”.
    • All data in the responses comes in the “data” parameter
    • You can use aliases to name the request and response parameters.

    It could seem. that the differences are minor, but they are fundamentally important.
    By the way, this protocol appeared in practice, i.e. When creating json api, I used the approach described in this protocol.


    Having received a bunch of negative comments and minuses, I decided to check again, maybe I'm really doing something wrong? Naturally, all that I write here is my personal opinion and I do not impose anything on anyone. Let me give you a couple of examples:
    1. Example of Yandex direct JSON API request :
        "method": "GetClientInfo",
        "param": ["agrom"],
        "locale": "ru",
        "token": "0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f"

    They can also read about tokens: Authorization tokens

    2. An example from Sberbank API Payment from a mobile application using Apple Pay
    JSON I will not give a request, it is large, you can see the link.
    It is important that the JSON request contains a “paymentToken”. Here is a link to the requirements for generating a token from Apple.

    It is important to understand that tokens and signatures in the API are used often, naturally along with other protection methods. And those who work with various APIs know this very well.

    Also popular now: