Difference between SOAP And REST APIs

Monalisa Das  Print 
25 Sep 2018
01 Oct 2018

I am sure everyone of us has sign-up in an online shopping website at least once. Let me consider Myntra or Paytm. When you visit the site, you come across three ways of signing up, either you can use your Facebook or Google credentials or can simply fill up a registration form for the same. When you select Google and you are only asked for your google credentials and your Myntra account is created in fraction of seconds. Isn’t that great!! But the question here is, does Myntra has access to Google’s database? OBVIOUSLY NOT!! Myntra has simply integrated Google API within their website.

Now what is this API in front of Google? When you click on Google to sign-up, Myntra takes your credentials and forwards them to Google and Google sends the user data like user Name, Image, Email Id as a response which is utilized by Myntra to create the account. In short, there is some sort of data exchange between two domains, Myntra and Google. So, the one who is responsible to process the request-response communication is known as API – Application Programming Interface. APIs are few lines of code which takes the request from the requester and gives back the response in form of data. Few of you must be thinking how can I integrate google in my website? The link for more detailshttps://developers.google.com/identity/sign-in/web/sign-in.

Web Service

If we think of Google functionalities which can be integrated in our application, we have Google Maps, Google Search, Gmail and many more. The link for more details https://developers.google.com/apis-explorer/#p/.

So, when you click on Google button, in the above example, along with your credentials, a keyword denoting which service Myntra is willing to access is sent to Google. Google in turn reads the keyword and hits the desired HTTP request to call the Sign-in API viz the Gmail API. This kind of communication which involves HTTP or Network is known as a Web Service. Similarly, websites like Shein.com, Zomato also uses Google Gmail API for user registration/sign up irrespective of the platform the websites are written in, viz. Java, .Net, PHP.

Are API And Web Services Similar?

An obvious question which popped-up in your mind is, So Web Service and API are same, right? My answer is, IT’S NOT. All web services are API but not all APIs are web service. Confused?? Let me explain.

As I mentioned earlier APIs are few lines of code which takes the request from the requester and gives back the response in form of data. Now suppose you are creating a utility class where you have written certain methods and can be reused in other different classes. In this case also we are exchanging data but not making use of any HTTP protocols or networks. Hence, I can term my utility class as an API but not as a Web Service. The most popular Web Service Protocols are

  1. SOAP – Simple Object Access Protocol

  2. REST – Representational State Transfer

Let’s start understanding them one by one.

SOAP based Web Seervice

Recently I mentioned that web services can be called by any application irrespective of the platform being used to write the code. Now imagine a scenario where this wouldn’t have been possible. So, for every platform, there must be a web service and for every web service managing different code, HTTP or network would result in difficult maintenance.

To enable different application to use the same web service, there has to be an intermediate language – XML (Extensible Markup Language). Almost every coding platform understands XML. But the drawback is XML don’t have any fixed specification across the programming languages. Hence to avoid such scenario, SOAP protocol was introduced.SOAP is an XML-Based protocol to work over HTTP which has few fixed specifications to be used across all programming languages.SOAP specification is known as SOAP Message. Following are the building blocks in a SOAP Message,

SOAP Envelope : Recognizes where the XML is a SOAP. This element is mandatory.

SOAP Header : Contains header information. For e.g. we need to pass username and password as a mandatory parameter in the request. We can define the same along with the datatypes under ComplexType tag. See below. This element is optional.

SOAP Body : Contains the webservice URL and the elements to be passed with the request, i.e. ComplexType values.

To understand in more detail over SOAP request and Response, you can go through the below link http://www.soapuser.com/basics3.html

REST based Web Service

SOAP requires a good amount of bandwidth to exchange data. Due to the complex structure, a small group of developers came up with REST, an architectural based web services, i.e. defined HTTP methods by which two applications can exchange data along with different formats like JSON, XML, Text to exchange data and response code to identify the response status. JSON is the most popular format.Following four HTTP methods are commonly used in REST based architecture.

  • GET – to fetch data from the application

  • POST – if you want to send new data to the application for processing

  • DELETE – if you wish to remove an existing data

  • PUT – if you wish to update any existing data

    A REST implementation basically contains the below elements,

  • URL – This contains the webservice URL.

  • HTTP Method – Describes what kind of request is the URL all about

  • Header – this element is used to tell the format in which the response is expected

  • Request Body – contains the requested web service details. It also contains the data you want to send to the other application.

  • Response Body – contains the data requested

  • Response Status code

Difference Between SOAP And REST

Slower due to defined specification
Faster as there is no defined specifications
Request and response format is always XML
Request and Response can be either in XM, JSON or plain text.
Requires bandwidth as the amount of data to transfer is a lot
Can work perfect even in case of low bandwidth
It is a protocol that defines some specifications which are to be followed strictly
Due to its architectural approach, it doesn’t have any strict specification
Less preferred due to its complex design
Easy to implement
Highly secure as it has its own security.
Doesn’t have its own security. Hence depends on application defined security
HTTP SSL Encryption and WS-Security encryption are used to secure SOAP messages
Data can be secured only by HTTP SSL Encryption
No need of caching mechanism
Requires caching mechanism
Can communicate over HTTP as well as SMTP
Can communicate only over HTTP

Chossing Between SOAP and REST

Use SOAP for,
  • if your application requires high level of security

  • Both consumer and provider should agree to the specification format

    Use REST for,
    • If each operation, i.e. Create, Read, Update, and Delete are independent of each other

    • If you need to cache any information

    • The bandwidth is limited


    Selecting between SOAP and REST depends completely on the actual application requirements as there are many factors involved. Depending on them, one needs to check the benefits and decide upon the API. But as a heads up, I would like to conclude everything in a simple way. According to me, the applications, where exchanging data should be highly secure, for e.g. transaction security or processing data with BPEL, I would suggest using SOAP. On the other hand, applications which require fast responses, for e.g. social media, its advisable to use REST.

Hands-on Learning
Free Interview Books