DEV Community


Posted on

Question: How to create APIs like ServiceNow ?

I was reading REST API documentation on ServiceNow. They have Table API to perform CRUD Operations on database- Table API
They have created it so nice that we just need to pass the name of table in query params to get the data.

Similarly they have created this for other operations like GetbyId, Create, Update, Delete.

I was thinking , how this kind of common crud operations can be done in NodeJS using Express and sequelize?
How should I start for this? your guidance is appreciated.

Discussion (2)

ewatch profile image
ewatch • Edited

In general this shouldn't be a problem. However one thing to keep in mind when implementing is that your security layer must be very good.
Two possibilities:

  • Using dynamic routes and then depending on the request querying the table depending on which route was accessed (this can be really dangerous)
  • Generating a list of tables at a certain point of time for the application (i.e. before deploying the application) and writing this list into a config file or something like that and then depending on this configuration you setup the routes for express which query your database

I cannot stress enough that dynamically making every table available in your own written application needs a high investment in security:
SerivceNow out of the box has Authentication (Basic, Mutual, OAuth 2.0) through API, Roles and Permissions a mature processing of the incoming request and additional things I currently might not think of.
So keep that in mind. :-)

prasad2gavande profile image
Prasad Author

Hi Ewatch,
Thank you for response, I will take all those things into consideration.

Thank you.