Rep­res­ent­a­tion­al State Transfer – better known as REST – is one of the most important pro­gram­ming paradigms of modern web de­vel­op­ment. The ar­chi­tec­tur­al style that Roy Fielding invented in his 2000 dis­ser­ta­tion, serves the primary purpose of adapting web ap­plic­a­tions as optimally as possible to the re­quire­ments of the modern web. Because REST has gained no­tice­able pop­ular­ity and im­port­ance in the recent past, many web project operators have been in­creas­ingly at­tempt­ing to implement the concept to the best of their ability. However, the results of these efforts are not often 'RESTful' or 'REST-com­pli­ant' since certain prin­ciples and prop­er­ties (such as HATEOAS) have not been im­ple­men­ted ad­equately.

What is HATEOAS?

HATEOAS is an acronym that stands for 'Hypermedia as the Engine of Applic­a­tion State'. This term, in­tro­duced by Fielding as part of his REST defin­i­tion, describes one of the key REST prop­er­ties: since the ar­chi­tec­ture style is supposed to provide a universal interface, HATEOAS requires the REST client to only move through the web ap­plic­a­tion by following URIs (Uniform Resource Iden­ti­fi­ers) in hy­per­me­dia format. If this principle is im­ple­men­ted, the client does not require any further in­form­a­tion apart from a basic un­der­stand­ing of hy­per­me­dia in order to be able to interact with the ap­plic­a­tion or the server.

The in­di­vidu­al URIs are provided…

  • in the form of href and src at­trib­utes for HTML documents or snippets
  • using JSON or XML attribute/elements that are auto­mat­ic­ally re­cog­nised by the re­spect­ive clients

By im­ple­ment­ing the HATEOAS principle, the interface of a REST service can be adapted at any time. This is an important advantage of this ar­chi­tec­ture compared with other ap­plic­a­tion struc­tures, for example, those based on SOAP (Simple Object Access Protocol).

HATEOAS and REST: The hy­per­me­dia principle

In order to classify HATEOAS and its sig­ni­fic­ance for REST ap­plic­a­tions, you have to take a look at the overall con­struc­tion. In his concept, Fielding describes a total of five basic prin­ciples that must be fulfilled in order to make a service REST-compliant.

IvHMM0huDZk.jpg To display this video, third-party cookies are required. You can access and change your cookie settings here.

In any case, there must be a client-server structure that also enables stateless com­mu­nic­a­tion between the server and clients (i.e. requests are handled without referring to previous queries). In addition, the service should have a multi-layered structure and take advantage of HTTP caching to make it as easy as possible for the accessing client to use the service. Finally, im­ple­ment­ing a uniform interface to com­puls­ory tasks, which has already been mentioned, is also part of the package.

Fielding specifies four prop­er­ties for the con­nec­tion between server and client:

  • Unique iden­ti­fi­ab­il­ity of all resources: all resources must be iden­ti­fied by a URI (Unique Resource Iden­ti­fi­er)

  • Possible in­ter­ac­tion with resources through rep­res­ent­a­tions: if a client requests a resource, the server delivers a suitable rep­res­ent­a­tion/rep­res­ent­a­tion form (e.g. HTML, JSON, or XML) so that the client is able to modify or delete the original resource

  • Self-de­script­ive messages: each message that is exchanged between server and client must contain all the in­form­a­tion necessary to un­der­stand it

  • Hy­per­me­dia as the Engine of Ap­plic­a­tion State (HATEOAS): after all, the HATEOAS principle is also a mandatory component of a REST API. The hy­per­me­dia-based structure sim­pli­fies access to the ap­plic­a­tion for clients – no ad­di­tion­al knowledge of the interface is required for access and nav­ig­a­tion

HATEOAS is, therefore, one of the ele­ment­ary features of REST APIs and is in­dis­pens­able for any REST service.

Tip

For more in­form­a­tion on REST, see our basic article on the topic.

HATEOAS using the example of an online shop

In order to make the HATEOAS concept a little more tangible, the concept’s im­ple­ment­a­tion will be il­lus­trated in the following section using a web shop as an example. As is typical for web ap­plic­a­tions, HATEOAS is im­ple­men­ted by placing hy­per­links. These cross-ref­er­ences between two documents or cross-ref­er­ences to another position in the same document are marked in the HTML code like this:

<a href="URI">Link-Text</a>

Linked media, such as text, graphics, audio, and video, are referred to as hy­per­me­dia. Web ap­plic­a­tions are mainly simple text documents in HTML format that can also be regarded as states of these ap­plic­a­tions. Within the framework of the REST philo­sophy, the in­di­vidu­al documents can always be addressed with a unique URL. If you transfer the concept to an ordinary online shop, the following will result:

The document de­scrib­ing the state 'basket' has a per­man­ently assigned URI, for example: 'https://example.org/shop­ping­cart' . In the same style, there are also URIs for in­di­vidu­al items that can be placed in the shopping basket – such as 'https://example.org/item/1' , 'https://example.org/item/2' , etc. Another possible state is the customer account, which can be accessed directly from the shopping cart and could have the following URI: 'https://example.org/customer/1'. Each in­di­vidu­al document also contains links or hy­per­links to actions that the user could perform next.

In order to keep with the present scenario, this means that the shopping cart document also contains cross-ref­er­ences to the article and customer URIs. These could, in turn, contain further links to man­u­fac­tur­ers or con­trac­tu­al documents. By means of a GET request, the client then moves through the store, or in this case, through the shopping basket thanks to the various hy­per­links, as the following sim­pli­fied image il­lus­trates:

Image: HATEOAS example: Online shop
Schematic rep­res­ent­a­tion of HATEOAS im­ple­ment­a­tion in a web shop

In the case of a REST service, in which the HATEOAS principle was followed as required by Fielding, the user only needs to know the start URI in order to be able to take advantage of the offer as planned by the developer.

HATEOAS REST ap­plic­a­tions: Example of server-client com­mu­nic­a­tion

On the basis of the above-mentioned web shop structure, the possible com­mu­nic­a­tion between client and server can also be explained. The client ap­plic­a­tion makes the following request in order to obtain an XML rep­res­ent­a­tion of the basket state:

GET 'https://example.org/basket' HTTP/1.1
Host: 'https://example.org'
Accept: application/xml

The server’s response could then look like this:

HTTP/1.1 200 OK
Content-Type: application/xml
Content-Length: 256
<?xml version="1.0"?>
<basket>
    <basket_number>1</basket_number>
    <link rel="account" href="https://example.org/customer/1" />
    <link rel="item1" href="https://example.org/item/1" />
    <link rel="item2" href="https://example.org/item/2" />
</basket>
Go to Main Menu