As someone who once bought into the entire HATEOAS thing, and wrote a (somewhat widely used) python library[0] for interacting with HAL+JSON apis, let me be the first to say: Let it die.
HATEOAS doesn't solve any problems that we actually have. GraphQL is something that solves the problems we actually have with JSON APIs. Fielding style REST with hypermedia only makes sense for the HTML web where you have a human determining how to navigate from one page to another.
If you try to remove hard-coding from your API and make it all navigable by some generic client, you end up just building abstractions and generality that's never needed by anyone. It'll waste a lot of time, and make your frontend developers hate you.
Please, let HATEOAS die and let's never mention it again. Thanks
You're not really contradicting the article, or the point of htmx. [1] Json-based Data APIs are for machines to interact with. Don't try to shoehorn REST semantics onto it, accept and embrace the fact that you are coupling tightly and proceed accordingly. But that still leaves space for Application APIs, where a human drives the client, and in that case REST/HATEOAS semantics work just fine.
We went on a wild goose chase trying to recreate a hypermedia client with javascript, contorting xmlhttprequest from an application api into a data api, on an already existing hypermedia client (the browser) because the latter stagnated and failed to fill out its functionality.
htmx adds the missing functionality to make the browser a functional hypermedia client.
I don’t know if you’ve used htmx, but it makes one way more productive in building websites that can behave like SPAs without the need for all the junk that one needs to get it going. All you need is html templates and a backend server. No JSX, no client side routing lib, no Node.js, no separate API server, heck coupled with something like Alpine.js you can get very far with little to no JavaScript, too (and it’ll still look and feel snappy). None of all the stuff we’ve been forced to use because of HTML’s incompleteness as hypermedia.
The downside to this boost in productivity is when the need for a mobile app comes along, now you need a non-REST API, too. Then you can take out GraphQL or gRPC or something suited for the task. Your mobile client would most likely be using a different surface of the API even if you had one for web clients, so it’s not like you’re wasting much effort here.
>Fielding style REST with hypermedia only makes sense for the HTML web where you have a human determining how to navigate from one page to another.
Yeah, once I realized this, HATEOAS / "strict" REST immediately went into my "nope" bucket. It's pretty much fine for humans and makes some compelling decisions in that context, but it's wildly unusable and unstructured for literally anything else and that makes it almost useless.
HTTP verbs and codes are plenty useful, and REST has been co-opted to mean "use verbs and codes correctly" and... I'm OK with that. It summarizes as "follow the patterns that much of the computing world relies on, so you don't break shit everywhere all the time" and that's something absolutely worth understanding and adopting in depth.
> Fielding style REST with hypermedia only makes sense for the HTML web where you have a human determining how to navigate from one page to another.
That's the point I've never understood, and maybe someone here can clear it up for me?
As far as I understand, Fielding is constantly hammering on the point that navigation between resources should be hypertext-driven, so no "extraneous" information (where some resource or method is located) should be used. Only hypertext-style links from query/response to query/response.
But HTTP has very generic verbs. GET, PUT etc. They don't mean much.
Okay, REST proponents will say, while Fielding did his work in the context of HTTP, but envisioned a much richer hypertext capability.
Good. Now I have verbs like "Resize photo" or "Follow user" or "Get GPS coordinates from EXIF" in my hypertext API? How is a generic client supposed to understand those?
That's where I'm stuck. What's the use of it all if the client still needs to know everything about the domain (unavoidably, IMO)? Showing responses to the user and having him decide cannot be a real proposal, can it?
Yes, that's the easy part. How does a client without extraneous information know that the action resizePhoto corresponds to the action that the user requested when dragging the image border inwards? The idea was a totally agnostic client, IIRC.
You either tightly couple the client to the API or you need AI, don't you?
And if the client needs to know that connection, how is that superior to having it do the PATCH dierectly?
So, the way I've usually seen it implemented is that you use a custom media type like `application/vnd.github.commit.json` and then your client is supposed to have some knowledge of the media types it understands.
Now that doesn't solve everything, because now you need to know relationship information too. Let's say a link on a mortgage application is `application/vnd.property.address`. Is this the property being purchased, or is this a property in the borrower's address history? The api needs to put an attribute of some kind on the links themselves to explain to a machine what they mean in context.
Humans surfing the web don't need this, they use their brains to understand from context what the link relationship is. And when they get to the new page, they don't need to have a hyper specific format for the exact page shape in order to be able to navigate the page. So while hypermedia is genius for the web, it forces an API developer to do all this insane busywork to make it so a "generic client" (which actually has a bunch of hard coded media types and link types in it) can navigate the API.
HATEOAS gets things backwards. It's not useful to have a client that doesn't know what is supposed to be doing, but it's very useful to have a server that doesn't remember what the client's doing. Making sure that every request includes any state needed to answer it means the server doesn't have to track sessions.
I don't think this is at odds with HATEOAS, as long as you can embed state in the hypermedia URLs. Or you could provide a set of URLs and state data or a JWT or whatever, and the client would combine them all together in operation.
> HATEOAS doesn't solve any problems that we actually have.
It’s the foundation of the World-Wide Web, which is the most successful platform in history. It solves a tonne of problems, that’s why it is so successful. You are using HATEOAS right now.
I commented in depth a little farther up in the tree, but the big difference between hypermedia in the web, and hypermedia in an API designed to be consumed by machines is the intelligence and judgement needed. It's a lot of work to make a very generic client that can navigate a hyper media API given only media types and link types. But it's trivial for a human because we can figure things out from context.
Maybe once we can run gpt-3 on a mobile phone lightning fast, we can start building these fuzzy, flexible apis and not worry about breaking our clients. But in the meantime, it's a ton of work for very little gain.
I did read it; they didn’t address it. You can’t say that it has no uses when it’s one of the most useful pieces of tech ever invented. “It only makes sense for HTML” doesn’t even come close to addressing that point.
No we're not, HATEOAS is a design pattern that no one uses. People use the web because it made self-publishing on the internet (which already existed) slightly easier.
Hello, I'm the author, and this is my attempt at explaining why just slapping a "link" property in your JSON response doesn't make for a REST-ful architecture.
I think this should be considered good news for JSON API developers: they can set aside REST, HATEOAS and all that noise, and just focus on building good, rich data APIs.
Lots of people get tripped up by limitations of web browsers.
https://hyperview.org/ should be held up really high to show what’s possible if we think outside of the browser. It looks like it’s optimized for Material UIs, but we can imagine what it might look like for other UIs like Apple, etc.
Apple has given us a glimpse of that with Apple TV Markup https://developer.apple.com/documentation/tvml. While it’s not a hypermedia client, it does show us what UIs are possible via markup.
https://native.live/ is another glimpse, though the financier of this project has said on Twitter that his company is strongly incentivized to keep it “Elixir only”, so I’m not sure where it puts that project with respect to a SwiftUI hypermedia client.
Excellent article that clearly describes the benefits and simplicity of hypermedia applications. We have experienced the benefits of designing our web applications in this manner using htmx. This library, htmx, has been a real lifesaver for our projects.
Just to be clear, the author is NOT arguing for some forced quasi HATEOAS in the typical current architecture of JavaScript rich client passing JSON data in RPC fashion over HTTP. Instead, he is stressing the beneficial original hypermedia architecture of the web; that being, server rendered HTML to the hypermedia browser client. Htmx adds much dynamic behavior to such an approach.
The only actual benefit I've ever been able to come up with for HATEOAS / "true" REST, is that it allows servers to evolve independently from clients. As in, you can change endpoints under the hood, but as long as the names of the hypermedia controls stay the same, the client doesn't actually need to change. That is, it's just a level of indirection based on names.
What I'm looking for someone to answer is, when I control both the client and server, why is this a benefit?
REST as understood by Fielding is useful when you have a highly heterogeneous, connected set of things your clients and servers operate on, like websites or a government intelligence system.
These sorts of domains are pretty uncommon. It's far more than just an extra layer of indirection to keep backwards compatibility; in practice, you can't change HTTP-layer APIs regardless of your hypermedia controls. People bookmark things and write curl scripts.
I'm not entirely sure. Fetching attributes of related entities and pagination are really common operations, and those are natural cases where providing the client with pre-built URLs can make the client's job a lot simpler.
- It can be a much simpler approach to building an application. As evidence for this fact, consider Contexte's experience moving from react to htmx for their Saas application: https://htmx.org/essays/a-real-world-react-to-htmx-port/. They reduced their codebase to 1/3rd the size with no reduction in UX, dropped JS dependencies by 95%, etc. Not every project is this amenable to hypermedia, but many are.
- Related to this, hypermedia is the "native" architecture of the web, and browsers have a lot of technology built into them for it. htmx is a depenedency-free 12k library because it builds on top of that model.
- By adopting hypermedia as your system architecture, you push your logic back onto the server side, where you are free to use whatever programming language you prefer: clojure, python, haskell, etc. This lets you write more code in your preferred programming language and execution environment.
- The server side is a trusted computing environment, so you can have complete access to a data store when writing logic there. This is in contrast with the browser, where you can't have unrestricted access to the data store due to the fact that a hostile user can open a console and start manipulating the data store. On the server side, you can just use SQL. On the client side, you can't, without putting your whole data store at risk.
There are certainly tradeoffs associated with the hypermedia approach: it doesn't work well in situations when you need to respond quickly to many UI-driven events, it sacrifices representational efficiency for flexibility, etc. There isn't a silver bullet, after all.
With htmx I am trying to expand the set of applications for which the hypermedia approach will work, but I have no illusions that it will work for everyone: nothing is right for everything.
> It can be a much simpler approach to building an application
This is not related to hypermedia, this is related to server-rendering vs. client-rendering. Everyone knows that server-rendering saves on some code and JS. This is a tradeoff, for less control over the stateful aspects of the client.
> Related to this, hypermedia is the "native" architecture of the web
But, that was the text-based web. Hypermedia isn't necessary (or desired) for applications, which the web has moved towards supporting.
> By adopting hypermedia as your system architecture, you push your logic back onto the server side
Nothing to do with hypermedia. You can choose to push logic to the server with a single-page app too.
> The server side is a trusted computing environment, so you can have complete access to a data store when writing logic there
Same.
I'm still failing to see a _benefit_ that hypermedia and HATEOAS approach provides, or what problem it solves.
> What I'm looking for someone to answer is, when I control both the client and server, why is this a benefit?
If you (and only you, personally) control both the client and the server (and by "control" I mean you can update/deploy them as you please, simultaneously if necessary), you can feel free to use any sort of homebrew efficient binary stateful protocol and format you like, with no consequence.
However, the more parties that are involved (co-workers, separate teams, external organizations, etc.), and the less those parties are able/willing to synchronize their efforts over time, the more benefit you will see from aspects of REST and HATEOAS.
Most developers aren't working in a domain and environment where the diversity of stakeholders is maximally broad for both the client(s) and server(s), so "going full HATEOAS" is often overkill, but you should still understand it, in the same way that you need to understand why data schemas ideally conform to fourth normal form, even if your production data is denormalized in practice.
While some benefits from some REST practices can start accruing even in the single developer situation, simply because there can be costs to coordinating between present-you and various versions of past-you and future-you, and their respective client and server deployments, that only makes a case for partial adoption. By all means, only use the practices and patterns that make sense and solve or avoid a pain point for you in your situation rather than being dogmatic.
In that sense, REST and HATEOAS shouldn't be considered in any different light than other aspects of writing software such as external dependencies, or changing the toolchain, or splitting some code into its own library or module, or publishing code as open source; sometimes it makes sense, sometimes not (especially when the costs are concrete and the benefits hypothetical).
If you're writing a web app that only works in a browser you control, then no, you won't benefit from hypermedia. The rest of us like search engines being able to index our sites though.
The frustrating thing about this post is that it is true and in the bigger scheme of things utterly irrelevant. Yes what is presented here is more restful and it correctly stresses the importance of the client in a proper hyper media application. The thing is no one with the exception of a small number of puritan web developers care about this. I've seen applications where the server responded with the error code 437 for bad requests. Like how could you have gotten that wrong, but they did and it did not matter.
The things that matters matters, when we migrated to HTMX + HyperScript (from backend/frontend separation): increased productivity and less resource. Basically we don't care about philosophy, paradigm, etc. It works, we use it.
I am trying to understand why the negativity towards a design that had been celebrated (in the abstract) for so long and even has a dramatic success (the browser).
The argument "it does not solve any problem I have" must be taken seriously for what it implies, but has less serious implications if the problem domain people consider is narrower than what the hypermedia design envisaged two decades ago.
This feels a bit like mathematics: expediency, predominant business models driving requirements etc dont change fundamental truths or properties. To say 'i dont need complex numbers' just begs for Fourier to come up with fourier analysis :-)
>The argument "it does not solve any problem I have" must be taken seriously for what it implies
I find it difficult to take it seriously because the people making it do not acknowledge any of the history that has led them to this point.
They are in a point where they can say that the architecture that underpins the web does not solve their current problems because they are building things on top of that solution.
For a lot of people the OS is a wrapper for the browser and that's it. We could reasonably say for those people the OS does not solve any of their problems, except for the fact that it exists to enable them to have a browser and go to the few places they go to.
HATEOAS doesn't solve many developer's problems in the same way because those problems are enabled by sitting on top of the solution that is HATEOAS.
Also I can't remember who it was that said it, it was back in the time when people were arguing about SOAP vs. REST which, well whatever, I think it might have been Tim Bray or Paul Prescod and they said in discussing what was needed to build a world wide network for information sharing they were predisposed to accept the arguments of the people who had actually done such a thing.
> They are in a point where they can say that the architecture that underpins the web does not solve their current problems because they are building things on top of that solution.
I am afraid the original web architecture is not really that useful or important for the "web application" model. I mean the basic idea is you ship an entire application in javascript or whatever and then make API calls. The user is never meant to leave the "app" anyway. The rest of the digital universe might as well not exist.
A lot of us have tried very hard to design software this way and afterwards had to admit it did not work. There is a big difference between making a web browser and a web application, the first needs specs with careful semantics but with the second anything goes. At some point the specs ala W3C just get in the way of the creativity of building something. The comparison to the complex numbers is unfair, they are actually useful and show up in physics in all sort of places.
the analogy probably only goes so far but it is meant to suggest that there might be a entire class of useful things that are not yet developed because the machinery for doing so is not fully developed / understood.
> A lot of us have tried very hard to design software this way and afterwards had to admit it did not work
I can only respect that. But I think we can also take a step back and look at all these web applications that do work (in a certain context) and ask whether they can withstand and evolve to cope with the information explosion that only gets worse. Evolvability, making use of linked data, composing useful things from diverse sources etc. These are not pipedreams or academic pursuits. Having designs that will help build tools adapted to this reality could unlock enormous potential.
I use htmx extensively and I care 0 minutes about what is more RESTful and HATEOS. I don’t care about these terms.
And for the author to emphasize these concepts is to shoot himself into foot, because nobody cares about that and it’s not why people use htmx or other html-based libraries.
A middle ground is having rich UI components that are declaratively driven server side. Some benefits are being able to have three FE codebases in sync with less effort (Website, iOS, Andriod). BFF (Backend for Frontend) is a good starting point.
It’s not not about HyperCard. A HC product is definitely more “hypermedia” than JSON. Granted there are no clients which can use it (I’m sure there’s some esoteric exception, but meh).
HATEOAS doesn't solve any problems that we actually have. GraphQL is something that solves the problems we actually have with JSON APIs. Fielding style REST with hypermedia only makes sense for the HTML web where you have a human determining how to navigate from one page to another.
If you try to remove hard-coding from your API and make it all navigable by some generic client, you end up just building abstractions and generality that's never needed by anyone. It'll waste a lot of time, and make your frontend developers hate you.
Please, let HATEOAS die and let's never mention it again. Thanks
[0]: https://rest-navigator.readthedocs.io