How to pass filter arguments to GET requests in REST APIs?

Question

I'm building a RESTful webservice:

• Under GET /clients, I'm getting the list of all known clients.
• Under GET /clients/1, I'm getting the client object for the clientId 1.

Everything as it should be.

Those clients have a property called authorized. On my web UI to manage those, I have separated tables for authorized and unauthorized clients. Of course, I do not want to load all the clients from the server just to display the unauthorized ones.

The question is, how could I filter the client over a RESTful URL? As I want to do a proper RESTful API, query parameters are not an option.

I already thought about additionally doing GET /unauthorizedClients and GET /authorizedClients but this seems not right, as I still would use DELETE/clients/%clientId%` to remove one client.

I couldn't think of a pleasing approach for this problem. Any tips on how this could be solved are welcome.

Answer 1

I'm just wondering what prevents you from using query parameters. They are the most appropriate way to filter a collection of resources in REST APIs. Using query parameters won't make your API less RESTful.

You could have the following:

• Authorized: GET /clients?status=authorized
• Unauthorized: GET /clients?status=unauthorized

Another option is:

• Authorized: GET /clients/authorized
• Unauthorized: GET /clients/unauthorized

You really should consider query parameters though.

Answer 2

I would go with /clients/unauthorized and /clients/authorized. You need to taylor resource URIs like directories.

This way, there's nothing wrong with deleting clients against the /client/[id] resource.