The Fully Qualified Domain Name (FQDN) is the complete and unique name of a computer or host on the internet or a local network. It consists of multiple parts that reflect a hierarchical structure.
An FQDN is made up of three main components:
Hostname – The specific name of a computer or service (e.g., www
).
Domain Name – The name of the higher-level domain (e.g., example
).
Top-Level Domain (TLD) – The highest level of the domain structure (e.g., .com
).
Example of an FQDN:
👉 www.example.com.
www
→ Hostname
example
→ Domain name
.com
→ Top-Level Domain
The trailing dot (.
) is optional and represents the root domain of the DNS system.
✅ Uniqueness: Each FQDN is globally unique and refers to a specific resource on the internet.
✅ DNS Resolution: It is used by DNS servers to find the IP address of websites and servers.
✅ SSL Certificates: An FQDN is often required for SSL/TLS certificates to ensure secure connections.
✅ Email Delivery: Mail servers use FQDNs to send emails to the correct hosts.
FQDN: mail.google.com
(fully specified)
Simple Domain: google.com
(can contain multiple hosts, e.g., www
, mail
, ftp
)
In summary, the FQDN is the complete address of a device or service on the internet, while a simple domain is a more general address.
A Bearer Token is a type of access token used for authentication and authorization in web applications and APIs. The term "Bearer" means "holder," which implies that anyone in possession of the token can access protected resources—without additional verification.
Authorization: Bearer <token>
.GET /protected-data HTTP/1.1
Host: api.example.com
Authorization: Bearer abcdef123456
💡 Tip: To enhance security, use short-lived tokens and transmit them only over HTTPS.
OAuth (Open Authorization) is an open standard protocol for authorization that allows applications to access a user's resources without knowing their credentials (e.g., password). It is commonly used for Single Sign-On (SSO) and API access.
OAuth operates using tokens, which allow an application to access a user's data on their behalf. The typical flow is as follows:
Entity headers are HTTP headers that provide information about the body of a message. They can appear in both requests and responses, describing properties of the content such as type, length, encoding, or last modification date.
1.
Content-Type
Content-Type: application/json; charset=UTF-8
2.
Content-Length
Content-Length: 1024
3.
Content-Encoding
Content-Encoding: gzip
4. Content-Language
Content-Language: de-DE
5. Cache-Location
Content-Location: /files/document.pdf
6. Last-Modified
Last-Modified: Tue, 30 Jan 2025 14:20:00 GMT
7. ETag
ETag: "abc123xyz"
8. Expires
Expires: Fri, 02 Feb 2025 12:00:00 GMT
9. Allow
Allow: GET, POST, HEAD
10. Refresh
(Not standardized but often used)
Refresh: 10; url=https://example.com
These headers help describe the content of an HTTP message, optimize caching strategies, and ensure correct rendering.
Request headers are HTTP headers sent by a client (e.g., a web browser or API request) to the server, providing additional information about the request, the client, or the desired content.
1. Host
Host: www.example.com
2. User-Agent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)
3. Accept
Accept: text/html, application/json
4. Accept-Language
Accept-Language: de-DE, en-US
5. Accept-Encoding
Accept-Encoding: gzip, deflate, br
6. Referer
Referer: https://www.google.com/
7. Authorization
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
8. Cookie
Cookie: sessionId=abc123; theme=dark
9. Content-Type
(for POST/PUT-Anfragen)
Content-Type: application/json
10. Origin
Origin: https://www.example.com
These headers help the server understand the request and respond accordingly by providing details about the client, preferred content, and security aspects.
General HTTP headers are headers that can be used in both HTTP requests and responses. They contain general information about the connection and data transfer that is not specific to the client, server, or content.
1. Cache-Control
Cache-Control: no-cache, no-store, must-revalidate
2. Connection
Connection: keep-alive
3. Date
Date: Wed, 31 Jan 2025 12:34:56 GMT
4. Pragma
(veraltet, aber noch genutzt)
Cache-Control
, mainly used for backward-compatible caching rules.für rückwärtskompatible Caching-Regeln genutzt.Pragma: no-cache
5. Trailer
Trailer: Expires
6. Transfer-Encoding
Transfer-Encoding: chunked
7. Upgrade
Upgrade: websocket
8. Via
Via: 1.1 proxy.example.com
These headers improve communication between the client and server, manage caching, and allow protocol upgrades.
HTTP headers are metadata exchanged between the client (e.g., a browser) and the server during HTTP requests and responses. They contain important information for communication, such as:
Cache-Control
for caching rules).User-Agent
, which identifies the browser type).Server
, which indicates the web server used).Content-Type
, which specifies the media type of the response).Example of an HTTP request with headers:
GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept: text/html
Example of an HTTP response with headers:
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 3456
Server: Apache
HTTP headers are commonly used for security (e.g., Strict-Transport-Security
), performance optimization (e.g., Cache-Control
), and authentication (e.g., Authorization
).
A Remote Function Call (RFC) is a method that allows a computer program to execute a function on a remote system as if it were called locally. RFC is commonly used in distributed systems to facilitate communication and data exchange between different systems.
Contract Driven Development (CDD) is a software development approach that focuses on defining and using contracts between different components or services. These contracts clearly specify how various software parts should interact with each other. CDD is commonly used in microservices architectures or API development to ensure that communication between independent modules is accurate and consistent.
Contracts as a Single Source of Truth:
Separation of Implementation and Contract:
Contract-Driven Testing:
Consumer-Driven Contract
test can be used to ensure that the data and formats expected by the consumer are provided by the provider.Management Overhead:
Versioning and Backward Compatibility:
Over-Documentation:
Contract Driven Development is especially suitable for projects with many independent components where clear and stable interfaces are essential. It helps prevent misunderstandings and ensures that the communication between services remains robust through automated testing. However, the added complexity of managing contracts needs to be considered.
RESTful (Representational State Transfer) describes an architectural style for distributed systems, particularly for web services. It is a method for communication between client and server over the HTTP protocol. RESTful web services are APIs that follow the principles of the REST architectural style.
Resource-Based Model:
Use of HTTP Methods:
GET
: To retrieve a resource.POST
: To create a new resource.PUT
: To update an existing resource.DELETE
: To delete a resource.PATCH
: To partially update an existing resource.Statelessness:
Client-Server Architecture:
Cacheability:
Uniform Interface:
Layered System:
Assume we have an API for managing "users" and "posts" in a blogging application:
/users
: Collection of all users./users/{id}
: Single user with ID {id}
./posts
: Collection of all blog posts./posts/{id}
: Single blog post with ID {id}
.GET /users/1 HTTP/1.1
Host: api.example.com
Response:
{
"id": 1,
"name": "John Doe",
"email": "john.doe@example.com"
}
POST Request:
POST /users HTTP/1.1
Host: api.example.com
Content-Type: application/json
{
"name": "Jane Smith",
"email": "jane.smith@example.com"
}
Response:
HTTP/1.1 201 Created
Location: /users/2
RESTful APIs are a widely used method for building web services, offering a simple, scalable, and flexible architecture for client-server communication.