GET request is simple and used to fetch a resource on the server. For example,
https://example.com/directory/resource?param=50
A GET method only needs a URL to identity along with other REST API headers.
POST method the single most important REST verb. Though it is used much lesser than a GET request. It is for this method, that resources are created on the server. From credit cards to payments, logins to forms all trust this method for sending requests to the server.
Note that in both the REST methods GET and POST, the request is initiated by the client.
The server differentiates between the methods and executes accordingly. The server is free to implement an non-idempotent action for a GET request but usually the standard is followed on the server side.
It creates a new record on the server. So, if the same request is repeated several times, it will create fresh records on the server. Generates a new URI for a resource. After a successful resource creation, status code 201 is returned to indicate a resource has been successfully created. Validations are performed on the server and status codes like 412, 422 are sent by the server in case of error.
Due to the non-idempotent nature of the POST request, the browser alerts the user about repeated POST request.
Refresh Post Request Page: If you refresh the page the post request gets submitted again. To avoid this situation, the browser warns you with a confirmation box Back Page: Navigating back to a page that had made a POST request will alert you with the confirmation box.
Every POST request should have a body. The body consists of information required to create the resource. Some added parameters can be sent as a query string. The server's job is to parse the body and create the resource.
In order to parse the request body, the server needs to know the format of the body (e.g. XML, JSON, URL-encoded). For this, the server depends on the Content-Type header. If the Content-Type header says 'application/json', the server is expecting JSON data in the request body. But, if incorrect Content-type is sent, the server fails to parse the request body, resulting in 422 status code error.
Here is an article on sending POST Request to a REST API in java using okhttp
Query parameters have limitations in terms of the amount of data that can be sent. But POST body can handle large data.
Most people when asked the purpose of post request, say that it is used instead of a GET request to hide the request data in the browser.
That is not true, since most modern browsers come with a network tab that can display the data being sent on the server.
var xhr = new XMLHttpRequest();
var formData = new FormData();
formData.append('username', 'admin');
formData.append('password', 'YWRtaW4=');
//open the request
xhr.open('POST','https://localhost:7000/console/accesstoken')
//send the form formData
xhr.send(formData);
If you check the above request being sent with header Content-Type: multipart/form-data; boundary=...
Post request is commonly used for ajax based form processing.
REST APIs frequently use item requests to fetch individual items from a resource collection.
It's clear to every API developer that POST collection should be used to create a resource. Since it is non-idempotent. But does that make POST item request useless? Since the update is performed with PUT. So when can we use POST /coffee/12
.
Resource | GET | POST | PUT | DELETE |
---|---|---|---|---|
/coffee | List Coffee | Create Coffee | Update multiple coffee records | delete all coffees |
/coffee/12 | Get coffee #12 | Clone coffee #12 record | Update coffee #12 record | Delete coffee #12 record |
An item request with POST method should be used to clone and alter the record. Thereby, altering the state of the database with repeated requests i.e non-idempotent.