When people throw out words like “soap” and “rest,” it’s only natural to turn to thoughts of bathing and sleeping. However, these terms take on a radically different meaning in the context of IT. There are many different types of IT platforms and programming languages to choose from. This diversity has given rise to the need for ways that these various elements can communicate with each other. Enter the Application Programming Interface or API.
APIs facilitate data transfers from one application to another, regardless of its platform or language. The API receives requests then sends back replies via internet protocols like HTTP and SMTP. However, there are several different APIs to choose from, and so here we are!
This article explores two popular API styles — SOAP vs REST. We will take a close look at what they are, their fundamental differences, and a few examples.
Let’s kick things off with SOAP and start by answering the burning question: “What does SOAP stand for?”
What Is the SOAP API?
SOAP stands for Simple Object Access Protocol. Microsoft created SOAP in 1998 and is an integral part of Service-Oriented Architecture (SOA). So then, what is a simple object access protocol? It's a standardized web communication protocol that exposes web services and sends data using SMTP or HTTP protocols.
SOAP relies exclusively on the Extensible Markup Language (XML) for messaging services. SOAP is an official protocol, complete with built-in security features and strict rules. It’s complex and uses large amounts of bandwidth and other resources.
SOAP is a heavyweight protocol designed for heavyweight architecture. While this brings many advantages to the table, we will soon see that it comes at a price.
What Is the Rest API, and What Does REST API Stand For?
REST is short for Representational State Transfer. It is an architectural style that enables programs to communicate with each other, designed especially for functioning with components like files, media components, and objects on a specific hardware device. REST was designed to address SOAP’s shortcomings and offer an easier way to access web services.
Web services created using the REST architectural style are known as RESTful web services. REST is very popular with developers who design public APIs.
When comparing SOAP vs REST, the latter is more data-driven, and depends on a stateless communications protocol, usually HTTP. Although REST can structure data using YAML, XML, or any other machine-readable format, it uses JSON most.
SOAP API Examples
Let’s take a look at two API examples, each rendered in a different programming language. These come courtesy of AlgoSec.
Perl
#!/usr/bin/perl -w
use Data::Dumper;
#use SOAP::Lite ( +trace => all, maptype => {} );
use SOAP::Lite;
#$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
my $soap = SOAP::Lite->proxy('https://localhost/AFA/php/ws.php?wsdl');
# Do not verify the SSL key
$soap->transport->ssl_opts(
verify_hostname => 0,
SSL_verify_mode => 0x00
);
#
# Login to AFA Web Service
#
sub ConnectAFA
{
my $sUserName = shift; # User name
my $sPassword = shift; # Password
my $sDomain = shift; # Domain name or empty for non domain envirnment
$sDomain = (!defined $sDomain) ? '' : $sDomain;
my $method = SOAP::Data->name('ConnectRequest')->attr({xmlns => 'https://www.algosec.com/afa-ws'});
my @params = (
SOAP::Data->name(UserName => $sUserName),
SOAP::Data->name(Password => $sPassword),
SOAP::Data->name(Domain => $sDomain)
);
my $sSessionID = $soap->call($method => @params)->result;
}
#
# Executing query request
#
sub ExecQuery
{
my $sSessionID = shift;
my $sQueryTarget = shift;
$sQueryTarget = (!defined $sQueryTarget) ? '' : $sQueryTarget;
my $method = SOAP::Data->name('QueryRequest')->attr({xmlns => 'https://www.algosec.com/afa-ws'});
my $QueryInput = SOAP::Data->name('QueryRequest')->attr({xmlns => 'https://www.algosec.com/afa-ws'});
my @params = (
SOAP::Data->name(SessionID => $sSessionID),
SOAP::Data->name(QueryInput => \SOAP::Data->value(
SOAP::Data->name(Source => '*'),
SOAP::Data->name(Destination => '*'),
SOAP::Data->name(Service => '80'),
SOAP::Data->name(Service => '443')
)
),
SOAP::Data->name(QueryTarget => $sQueryTarget)
);
return $soap->call($method => @params);
}
#
# Disconnect from AFA Web Service (terminate session)
#
sub DisconnectAFA
{
my $sSessionID = shift;
my $method = SOAP::Data->name('DisconnectRequest')->attr({xmlns => 'https://www.algosec.com/afa-ws'});
my @params = (
SOAP::Data->name(SessionID => $sSessionID),
);
return $soap->call($method => @params)->valueof('//DisconnectResponse');
}
my $sSessionID = ConnectAFA('admin', 'algosec', '');
print "\n";
print "Session ID: '" . $sSessionID ."'";
print "\n";
my $QueryResult = ExecQuery($sSessionID, 'afa-276');
foreach my $Result ($QueryResult->valueof('//QueryResult/')) {
print Dumper($Result);
}
print "\n";
my $Disconnect = DisconnectAFA($sSessionID);
print "Disconnect: ";
print $Disconnect;
print "\n";
Python
#!/usr/bin/python
from SOAPpy import SOAPProxy
def ConnectAFA(params):
# username/password
username = params['UserName']
password = params['Password']
domain = params['Domain']
proxy = 'https://'+sHost+'/AFA/php/ws.php?wsdl'
namespace = 'https://www.algosec.com/afa-ws'
server = SOAPProxy(proxy, namespace)
if (DebugMode):
# uncomment these for debugging output
server.config.dumpHeadersIn = 1
server.config.dumpHeadersOut = 1
server.config.dumpSOAPOut = 1
server.config.dumpSOAPIn = 1
response = server.ConnectRequest(UserName=username, Password=password, Domain=domain)
return response
def SendQueryRequest(params):
# username/password
SessionID = params['SessionID']
QueryInput = params['QueryInput']
proxy = 'https://'+sHost+'/AFA/php/ws.php?wsdl'
namespace = 'https://www.algosec.com/afa-ws'
server = SOAPProxy(proxy, namespace)
if (DebugMode):
# uncomment these for debugging output
server.config.dumpHeadersIn = 1
server.config.dumpHeadersOut = 1
server.config.dumpSOAPOut = 1
server.config.dumpSOAPIn = 1
response = server.QueryRequest(SessionID=SessionID, QueryInput=QueryInput)
return response
def DisconnectAFA(params):
# username/password
SessionID = params['SessionID']
proxy = 'https://'+sHost+'/AFA/php/ws.php?wsdl'
namespace = 'https://www.algosec.com/afa-ws'
server = SOAPProxy(proxy, namespace)
if (DebugMode):
# uncomment these for debugging output
server.config.dumpHeadersIn = 1
server.config.dumpHeadersOut = 1
server.config.dumpSOAPOut = 1
server.config.dumpSOAPIn = 1
response = server.DisconnectRequest(SessionID=SessionID)
return response
sHost = '192.168.3.82'
#DebugMode = True
DebugMode = False
print "\n" + "Submitting connect request:" + "\n"
values = {'UserName': 'admin', 'Password': 'algosec', 'Domain': ''}
afa_connect = ConnectAFA(values)
SessionID = afa_connect
print "Returned Session ID: "+repr(SessionID)
print "\n" + "Submitting query request:" + "\n"
QueryParams = {'SessionID': SessionID,'QueryInput': {'Source': '192.168.1.100', 'Destination': '10.228.16.10', 'Service': 'tcp/22'}}
QueryResult = SendQueryRequest(QueryParams)
print QueryResult
print "\n" + "Submitting disconnect request:" + "\n"
DisconnectParams = {'SessionID': SessionID}
DisconnectResult = DisconnectAFA(DisconnectParams)
print DisconnectResult
REST API Examples
In this SOAP vs REST comparison, let’s now look at examples of REST, courtesy of Tableau.
The first REST API request a programmer must make is the sign-in.
POST /api/2.2/auth/signin HTTP/1.1
HOST: my-server
Content-Type:text/xml
<tsRequest>
<credentials name="administrator" password="passw0rd">
<site contentUrl="" />
</credentials>
</tsRequest>
Here’s how to create a request to get a list of users.
GET /api/2.2/sites/9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d/users/users HTTP/1.1
HOST: my-server
X-Tableau-Auth: 12ab34cd56ef78ab90cd12ef34ab56cd
And finally, here’s a request to update an existing user.
PUT /api/2.2/sites/9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d/users/9f9e9d9c-8b8a-8f8e-7d7c-7b7a6f6d6e6d HTTP/1.1
HOST: my-server
X-Tableau-Auth: 12ab34cd56ef78ab90cd12ef34ab56cd
Content-Type: text/xml
<tsRequest>
<user fullName="NewUser2" siteRole="ViewerWithPublish" />
</tsRequest>
The Key Differences Between SOAP vs REST
By now, it’s quite clear that SOAP vs REST are two very different animals even though they both exist for the same reason. But let’s make the SOAP vs REST API differences easier to compare by illustrating them with a chart.
SOAP vs REST
SOAP |
REST |
Is a protocol |
Is an architectural style |
Cannot use REST because the latter’s an architectural style |
Can use SOAP web services since it’s a protocol like HTTP |
Uses the Java API “JAX-WS” for its web services |
Uses the Java API “JAX-RS” for its web services |
Defines standards that must be strictly followed |
Not so many standards, as recommendations and loose guidelines |
Defines its own security |
Relies on the security measures of the underlying transport |
Uses considerably more bandwidth than REST |
Requires much less bandwidth than SOAP |
Allows only XML data format |
Allows data formats such as Plain text, HTML, JSON, XML, etc. |
Uses service interfaces to expose business logic |
Uses URI to expose business logic |
It’s function-driven. |
It’s data-driven. |
SOAP Advantages
Here’s why it’s a good idea to use SOAP.
- Built-in error handling
- It’s standardized
- It functions well in distributed enterprise environments
- It’s platform, language, and transport independent
- It supplies automation with some language products
And here’s why you may want to pass on it.
- It’s complex
- It performs poorly compared to REST
- It’s less flexible
REST Advantages
And here’s why you need a REST.
- It has a shorter learning curve
- It’s efficient and fast
- It’s design philosophy is more in-line with other web technologies
- Employs easy-to-understand standards such as OpenAPI Specification 3.0 and Swagger
And here are REST’s drawbacks.
- It’s not as secure as SOAP
- It’s not suited for distributed environments
Although REST has become more popular than SOAP, the latter won’t be going away any time soon. SOAP is perfect for enterprise-level web services that use complex transactions and require high security. SOAP APIs are ideal for payment gateways, identity management, CRM software, and financial services.
Master the JavaScript programming language in an all-inclusive JavaScript Certification training program that includes complete JavaScript fundamentals, jQuery, Ajax, and more.
Do You Want to Become a Full Stack Developer?
Now that you have become familiar with SOAP vs REST, you’re probably wondering what careers use them. Full stack developers employ resources like SOAP and REST as they build websites and develop apps. There is an increasing need for full stack developers, and Simplilearn can help you change to that rewarding and challenging career.
The Full Stack Java Developer Master’s program is designed to give you the essence of front-end, middleware, and back-end Java web developer technologies. You will learn to build an end-to-end application, test and deploy code, store data using MongoDB, and much more. The course teaches you valuable industry skills like Angular, Spring Boot, Hibernate, Servlets, JSPs, MVC, web services, and SOA to build highly web-scalable apps.
According to Glassdoor.com, full stack Java developers earn an average of USD 105,813 per year. Indeed.com reports that a full stack Java developer in India can make an annual average salary of ₹660,711.
The Secret to the Most Effective Web Developer Upskilling
The best developers stay ahead of the pack by continually improving their skill sets, including working with SOAP vs REST. Simplilearn provides developers with a great selection of training courses to help web developers upskill. For instance, there’s the Post Graduate Program in Full Stack Web Development, held in collaboration with Caltech CTME. Or you could learn about MEAN stack with the Full Stack Web Developer- MEAN Stack master’s program.
If you’re more interested in the world of mobile software and apps, Simplilearn has you covered as well. Take the Java Certification training course and learn the programming language most used in mobile app development. Or go the Python route and take the Python Certification course, which teaches Python, data operations, conditional statements, shell scripting, and Django.
Whichever direction you choose, Simplilearn has the resources you need to make all your developer dreams come true. Check out their Free Java Basic Course for Beginners course today!