Comments (4)
It's worth mentioning that UUIDs also bring security benefits. An online store may leak information about their sales numbers if they expose integer IDs for their order numbers, allowing competitors to monitor their activity. Malicious actors may also use them to enumerate/scrape resources which may not be desirable. I'd personally recommend UUIDs over integers unless you expect to never expose these ids or have a good reason to use them.
EDIT 2024/09/16: UUIDs also remove integers' data locality improvements if you use v7 UUIDs, which sort by the date when they were created.
from http-api-design.
It may indeed be worthwhile to amend this one slightly, even if only to make it clear that it's certainly not a slam dunk to use UUIDs.
The way I see it, UUID advantages:
- Operational errors, even across different tables/resources, are incredibly difficult to do by accident. Two different resources in two different tables might share the ID
23
, but when it comes to UUIDs, no entity shares an ID with anything else in the database. This has legitimately saved me a couple times as I've run anUPDATE
against the wrong table (again, accidentally). - Scales well beyond a single master database.
Sequence/serial advantages:
- Much improved data locality in that new data will land in the same nodes in the B-tree/pages on disk. If you have a table with a lot of
INSERT
s happening, sequences will be far more performant I/O-wise. - More human friendly in that it's easy to copy or remember a comparatively short integer ID compared to a UUID.
from http-api-design.
Good callouts. Do you think we should move from a recommendation to an explanation of the tradeoffs then?
from http-api-design.
I'd welcome a PR if you'd like to draft some updates.
from http-api-design.
Related Issues (20)
- Dead link in about section HOT 1
- Guidance on implementing REST interfaces for state machine HOT 21
- I'm curious to know the reasoning for going with JSON Schemas instead of Swagger HOT 5
- How are you modeling authentication operation? HOT 1
- Using 409 Conflict for uniqueness checks HOT 2
- Create a website (Gitpage) HOT 3
- Traditional Chinese version, and add "List of Translations" HOT 5
- Consider adding language specific resources for implementing these principles HOT 1
- consider expanding error messaging as per white house guide HOT 7
- include more examples for main points HOT 9
- detail expansions
- Consider compatibility with jsonapi.org? HOT 8
- Why use UUID? HOT 12
- Paginating/ranging over non-unique fields HOT 15
- Pagination using Range cannot be consistent HOT 8
- Test Framework HOT 1
- The used time format is actually RFC5424, a subset of ISO8601 HOT 2
- Json with PLSQL ( PLJSON) HOT 1
- Links in README.md are 404 when viewed on Gitbook HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from http-api-design.