Generally, our public APIs follow a standard set of best practices:
- All APIs follow REST principles.
- JSON is the standard payload. Some APIs may include additional formats such as XML and in such cases media type headers are used to specify your preference.
- Due to the sensitive nature of most data that is exchanged with American Express, you will commonly find HTTP POST methods used where you may expect to find either GET or DELETE methods used. The primary purpose is to prevent sensitive search criteria from being used in the Query string, moving it instead to the Body.
----------------
So they claim to be RESTful yet not support GET or DELETE calls. Do they even realize what they are saying?
Generally, our public APIs follow a standard set of best practices:
- All APIs follow REST principles.
- JSON is the standard payload. Some APIs may include additional formats such as XML and in such cases media type headers are used to specify your preference.
- Due to the sensitive nature of most data that is exchanged with American Express, you will commonly find HTTP POST methods used where you may expect to find either GET or DELETE methods used. The primary purpose is to prevent sensitive search criteria from being used in the Query string, moving it instead to the Body.
----------------
So they claim to be RESTful yet not support GET or DELETE calls. Do they even realize what they are saying?