How to make OAuth API Restful

Question

I refer many document for trying making api Restful like below:

GET    /user
POST   /user
GET    /user/123
PUT    /user/123
DELETE /uesr/123

But Backend uses OAuth2 token to retrieve user id, it means that Server will know 123 after get token.

I thought it's not a great idea to put token directly in the id place:

GET     /user/aweakleknf11123232sadwanawndajkdnamdal 

Is any better practice to the restful OAuth2 API?

Answer 1

While designing RESTful api don't think too much about how your url look, rather it is just representation of your resources. And moreover it is not good idea to expose domain model of your project if your api is public.

If you have gone through Facebook api design you can see that they refer user as

/me?method=GET&format=json&access_token=...

They have abstracted the domain and just sharing self descriptive representation.