DEV Community

Prasad
Prasad

Posted on

Question: How to create APIs like ServiceNow ?

I was reading REST API documentation on ServiceNow. They have Table API to perform CRUD Operations on database- Table API
They have created it so nice that we just need to pass the name of table in query params to get the data.
example:
GET/now/table/{tableName}

Similarly they have created this for other operations like GetbyId, Create, Update, Delete.

I was thinking , how this kind of common crud operations can be done in NodeJS using Express and sequelize?
How should I start for this? your guidance is appreciated.

Oldest comments (2)

Collapse
 
ewatch profile image
ewatch • Edited

In general this shouldn't be a problem. However one thing to keep in mind when implementing is that your security layer must be very good.
Two possibilities:

  • Using dynamic routes and then depending on the request querying the table depending on which route was accessed (this can be really dangerous)
  • Generating a list of tables at a certain point of time for the application (i.e. before deploying the application) and writing this list into a config file or something like that and then depending on this configuration you setup the routes for express which query your database

I cannot stress enough that dynamically making every table available in your own written application needs a high investment in security:
SerivceNow out of the box has Authentication (Basic, Mutual, OAuth 2.0) through API, Roles and Permissions a mature processing of the incoming request and additional things I currently might not think of.
So keep that in mind. :-)

Collapse
 
prasadg profile image
Prasad

Hi Ewatch,
Thank you for response, I will take all those things into consideration.

Thank you.