堆栈内存溢出
  简体   繁体   English

如何为每个帐户设计具有多个“公司”的SaaS REST API

[英]How to design REST API for SaaS with multiple “companies” per account

 原文  2019-02-28 00:20:31       rest/ api/ saas/ paas

问题描述

I am currently working on a SaaS for companies, to manage their business data (employees, invoices, orders, products, ...). 我目前正在为公司开发SaaS,以管理其业务数据(员工,发票,订单,产品等)。 The current API design is as following: 当前的API设计如下:

GET /employees?limit=10&offset=0

GET /employees/ID

POST /employees

and so on, for every model. 等等,适用于每种型号。 In addition you can apply more filters with query parameters. 此外,您可以应用更多具有查询参数的过滤器。

Until now I checked to which company the logged in account belongs. 到目前为止,我检查了登录帐户所属的公司。 However now I want that an account can be a "member" in multiple organisations. 但是,现在我希望一个帐户可以成为多个组织的“成员”。 Eg if the company using the platform hires an "expert", they should be able to grant his account access (make him a member). 例如,如果使用该平台的公司雇用了“专家”,则他们应该能够授予他的帐户访问权限(使他成为会员)。

The question: How should i implement this in the API design? 问题:我应该如何在API设计中实现这一点? I've come up with three solution, but don't really know which one is best practice. 我已经提出了三种解决方案,但是真的不知道哪种是最佳实践。

Solution 1: 解决方案1:

GET /ORGANISATION-ID/employees?limit=10&offset=0

Solution 2: 解决方案2:

GET /employees?limit=10&offset=0&organidationId=ORGANISATION-ID

Solution 3: 解决方案3:

The URI stays the same, but a Header is set: URI保持不变,但设置了标头: 

|----------------|------------------------|
| Header name    | Value                  |
|----------------|------------------------|
| Authentication | Bearer TOKEN           |
| Organisation   | ID     ORGANISATION-ID |
|     ...        |         ...            |
|----------------|------------------------|

Note : The Authentication header is always set. 注意 :始终设置Authentication标头。

I personally thing solution number 3 is the most elegant, but I am not sure if it's inappropriate to use headers for this. 我个人认为解决方案编号3是最优雅的,但是我不确定使用标头是否合适。 Solution 2 is confusing i think, and solution 1 would cause all endpoints to start with the organisation id, which isn't very nice. 我认为解决方案2令人困惑,解决方案1会导致所有端点都以组织ID开头,这不是很好。

1 个解决方案

解决方案1
 0  2019-02-28 05:21:34

Generally I find that the best way to handle this for every path in your API to represent a single resource. 通常,我发现针对API中代表单个资源的每个路径处理此问题的最佳方法。

To me that means that, in your case, everything should be namespaced under an organization: 对我来说,这意味着,在您的情况下,应在组织下为所有内容命名空间: 

https://api.example.org/org/[orgid]/employees

This way it's very obvious for a member of multiple organizations that there are multiple employee lists. 这样,对于多个组织的成员来说,很显然存在多个员工列表。

An similar public example might be github. 类似的公共示例可能是github。 Everything in github is either A) namespaced under a user B) namespaced under an organization or C) is a top-level github endpoint. github中的所有内容都是A)在用户下命名的B)在组织下命名的或C)是顶级github端点。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 具有多个公司或组织的系统的REST API设计 - REST API Design for systems with multiple companies or organizations 每个实体的REST API设计 - REST API Design per entity 如何使用Rest Api在扩音器中添加公司? - How to add Companies in bullhorn using Rest Api? 如何设计多种方式来调用REST API - How to design multiple ways to invoke REST API 如何最好地设计具有多个过滤器的REST API? - How best to design a REST API with multiple filters? 资源具有多个状态时如何设计REST API - how to design REST API when resources have multiple states REST API-如何设计Rest API? - REST API - How to design rest api? 如何在Rest API中设计解除关联 - How To Design A Disassociation In A Rest API REST API Companies House(英国)获取文档 - REST API Companies House(UK) get document 如何使用Twisted设计REST API? - How to design REST API with Twisted?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM