Passing array in GET for a REST call

155,097

Solution 1

Collections are a resource so /appointments is fine as the resource.

Collections also typically offer filters via the querystring which is essentially what users=id1,id2... is.

So,

/appointments?users=id1,id2

is fine as a filtered RESTful resource.

Solution 2

I think it's a better practice to serialize your REST call parameters, usually by JSON-encoding them:

/appointments?users=[id1,id2]

or even:

/appointments?params={users:[id1,id2]}

Then you un-encode them on the server. This is going to give you more flexibility in the long run.

Just make sure to URLEncode the params as well before you send them!

Solution 3

Another way of doing that, which can make sense depending on your server architecture/framework of choice, is to repeat the same argument over and over again. Something like this:

/appointments?users=id1&users=id2

In this case I recommend using the parameter name in singular:

/appointments?user=id1&user=id2

This is supported natively by frameworks such as Jersey (for Java). Take a look on this question for more details.

Solution 4

This worked for me.

/users?ids[]=id1&ids[]=id2

Solution 5

/appointments?users=1d1,1d2..

is fine. It's pretty much your only sensible option since you can't pass in a body with a GET.

View more solutions

155,097

Author by

ChrisOdney

A weary weary Software Developer

Updated on July 05, 2022

Comments

ChrisOdney almost 2 years
I have a url to fetch appointments for a user like this:
```
/user/:userId/appointments
```
How should the url look like if I want to get appointments for multiple users?

should it be:
```
/appointments?users=1d1,1d2..
```
Thanks, Chris.
bryanmac over 11 years

?{users:[id1,id2]} doesn't follow querystring params conventions of ?key1=val2&key2=val2.
bryanmac over 11 years

Also, do you have example of major services offering serialized objects in querystring filters? From what I've seen most offer simple filters of comma delimited options or query formats like OData
matthew.kempson over 8 years

I dont think this is the correct way to go about it. You are GETting a resource not POSTing a new one.
Blessed Geek over 8 years

I don't think you understand the http GET/POST uses. They do not conform to the English dictionary meaning for those words. POST is when trying to GET but with the arguments not placed not in the url but in the io stream.
Blessed Geek over 8 years

It is very perplexing to have someone with an inadequate understanding of the POST method, but depending on the English dictionary meaning, to vote me down. You can't blame me for the syntactic decisions made by the people who chose to define it that way. Don't kill the messenger.
pherris about 8 years

You CAN use a POST like this but it is not idiomatic - "By design, the POST request method requests that a web server accepts and stores the data enclosed in the body of the request message." en.wikipedia.org/wiki/POST_(HTTP)
Blessed Geek about 8 years

By historical use in HTML forms, and therefore not the design of REST which came later, POST has been used to not expose request parameters, and is still used that way today. And is the recommended practice. Regardless what wikipedia says.
J0HN about 7 years

RFC 1945 (1996, HTTP/1.0 spec) tells to use POST "to create a subordinate of the resource". Later, RFC 7231 (2014, HTTP/1.1: Semantics and Content spec) made it more vague by stating "target resource process ... request according to the resource's own specific semantics". So, technically RFCs does not restrict using POST to get some data from the server, but discourage it (in further paragraphs I won't cite here for brevity).
J0HN about 7 years

Historical use in HTML forms have nothing to do with the question or REST - you're not using the paper mail because it has historical use and was a recommended practice of communication some time ago, right? And it's not the recommended practice in general - only when you've got to overcome 4096 URI limitation (is it still in effect though?) or when you don't want to expose parameters (but why would you?).
Dante Lacerda over 6 years

@BlessedGeek i got what you mean and i´m sorry but i´ll never make a "String Array" instead of changing my method to POST. Totally agree with you. I voted you UP, thank you.
nclsvh about 6 years

What if you have 30 key value pairs you want to pass?
siride over 5 years

Given that browsers and other user agents and webservers behave differently with POST and GET, this seems extremely silly. Of course you can abuse the system, but it'll only lead to pain and inconsistency. The HTTP methods have well-defined, well-understood meanings. People and systems expect these. It's not just wikipedia shouting into the wind.
Lennart over 4 years

I'd say it would be better to just submit identifiers that refer to certain objects in order to obtain them via a HTTP GET, instead of using HTTP POST to submit identifiers to the server. In general, obtaining complex objects should be done with HTTP GET, and submitting complex objects should be done with HTTP POST. Besides that, there seems to be no need for extensibility in regards to the complexity of the identifier needed to obtain the complex objects, even using multiple HTTP GET's would be better than using a POST.
Isaac Weingarten over 2 years

also in golang i found 2 libraries is doing it like your example not with comma separated google/go-querystring and gorilla/schema