API Specification: senderId and subscriberId in URIs
Current Implementation
senderId / subscriberId stand for the ID of the client application and are mandatory path parameters in all endpoints.
- Information about the client application, which is using the API, should not be sent by the client itself
- Under the paradigm of resource-based RESTful APIs, the URIs of the Sender API /{senderId}/{destinationId}/... falsely suggest that the destination is a subordinate resource of the sender.
Suggested Enhancement
The senderId / subscriberId should be encoded in the access token or somehow differently retrievable by the access token.