Free, Hands-On API Security Certification
Free, Hands-On API Security Certification
Free, Hands-On API Security Certification
Free, Hands-On API Security Certification
Free, Hands-On API Security Certification
Free, Hands-On API Security Certification
Close
Privacy settings
We use cookies and similar technologies that are necessary to run the website. Additional cookies are only used with your consent. You can consent to our use of cookies by clicking on Agree. For more information on which data is collected and how it is shared with our partners please read our privacy and cookie policy: Cookie policy, Privacy policy
We use cookies to access, analyse and store information such as the characteristics of your device as well as certain personal data (IP addresses, navigation usage, geolocation data or unique identifiers). The processing of your data serves various purposes: Analytics cookies allow us to analyse our performance to offer you a better online experience and evaluate the efficiency of our campaigns. Personalisation cookies give you access to a customised experience of our website with usage-based offers and support. Finally, Advertising cookies are placed by third-party companies processing your data to create audiences lists to deliver targeted ads on social media and the internet. You may freely give, refuse or withdraw your consent at any time using the link provided at the bottom of each page.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Wallarm
/
Wallarm Learning Center
/
WADL - Web Application Description Language
DevSecOps

WADL - Web Application Description Language

Businesses and enterprises, for their web apps and other digital identities, use HTTP-based resources to gain streamlined access for viewing the internal data and carrying out the operations on (or using) it. These HTTP-based resources/applications deploy text-based documents to data representation.

WADL acts as a means between the data and end-users to make sense out of HTTP-based app data. Read this article to understand what it is and what’s its significance in an elaborated manner.

A1: Injection 2017 OWASP

What is WADL?

WADL is the language instructed for explaining the traits or segments of HTTP web solutions/applications. Description of the app’s all HTTP resources alongside their correlations and dependencies can be provided using it. 

The language intends to make HTTP web services simplified up to such an extent that understanding the core architecture and processing is not complex for end-users and other machines while promoting application reuse. Unlike other languages, WADL is yet to be standardized by the World Wide Web Consortium. 

The distinguishers of WADL scope are provided below -

  • The WADL-provided description is available only in machine-compatible XML.
  • Used mainly to describe RESTFul application components. What WDSL does for SOAP, WADL does the same for REST. 
  • WADL works without platform and language restrictions.
  • It takes multiple sets of resource elements to provide insightful web app descriptions.
Web Application Description Language example

The main elements of WADL

The key WADL defining elements are listed as under:

  1. Resource

With this component, WADL explains the URI-identified resources. 

This element features an xsd:anyURI typed base attribute and operates or behaves like a container for all the application-offered resources. The base attribute of this element proffers the fundamental URI for every included child resource identifier.

Here are the key attributes of this element:

  • id - Optional type xsd: ID attribute helps in identification of resources.
  • path - Optional type xsd: string attribute that offers URI template for resource identifier, when active/present. 
  • type - Another optional attribute related to xsd:anyURI’s separate list type. Every mentioned list value is a cross-reference explaining the resource_type element. 
  • queryType - Used to explain the media type of query element concerning resource URIs.

Other than all the above-mentioned attributes, ‘resource’ also has many other child elements like any number of doc and param elements, template, matrix, header, and query. 

  1. Method

This WADL description element refers to the input provided and output received via HTTP, implemented to a given resource. Its key child elements are -

  • doc - There might be none or multiple doc elements. It is the attribute for documentation related to ‘method’. 
  • request elaborates HTTP method’s input that mostly compromises a collection of parameters.
  • response is the output value received through the method, HTTP. Its value could be zero or more, based upon the inputs offered. 

Method attribute exists in two forms: method definition and method reference. At a time, only one form exists.

Method Reference

It is an offspring of href attributing resource element with a type value of xsd:anyURI. Here, the href attribute value acts out as the method definition element’s cross-reference. 

Any other WADL-based attribute or child elements shouldn’t be included in the method reference. Speaking of the utility, method reference is used to prevent method duplication when it’s applied to multiple resources at a time. 

Method Definition 

A child of the application or resource element, this second type has attributes as enlisted below: 

name refers to the deployed HTTP method. Various child method elements can feature similar name values. Such child elements are known as siblings and will inherit the different variations of one identical HTTP method. Siblings will have distinct input values. 

id is the method identifier essential for defining widely adopted defined methods. Locally embedded methods don’t feature an id. The id is XML id and indicates URI reference usage. 

  1. Request

With the help of this element, WADL explains the input used for the HTTP method. It contains no attributes, but a few child elements such as doc, representation, and param elements. 

All these child elements could feature zero or more value. 

Response’s param will feature a query or header value. It will be added to the style attribute.

  1. Response

A part of various attributes that define WADL, response signifies the output received for an HTTP request sent. In return, it receives just 1 attribute’s value, i.e. Status. Status is non-compulsory and offers the HTTP status codes that are linked with a specific response. 

Its children elements are as listed below:

  • doc element that is optional component.
  • representation may have zero or multiple values. Each representation value indicates the resource representation of the result incurred after method implementation. There are sibling representation elements as well that signifies the logical alternatives of normal HTTP content.
  • param element features zero or many values. Each value holds the style attribute’s header data.
  1. Parameter

Parameter or param element can be a parameter definition or a reference and indicates the parent element’s parameterized value.

Parameter Reference

This type of param element features href attribute with xsd:anyURI type value. 

href is the cross-reference for the param definition element. It is a standard practice to exclude WADL-defined attributes or child elements from it, considering its cruciality. It’s most commonly used for trimming the duplicates in scenarios where a parameter is applied to multiple parents. 

Parameter Definition

It explains the parameterized value of elements, like a parent element or a resource child. Other than this, param definition is also used for representation, application, response, and request elements. 

This element features: 

  • doc child element, either zero or many. 
  • None or multiple children (optionally)
  • Non-compulsory link child element. 

The key attributes of these elements are id, name, style, type, default, path, required, repeating, and fixed. 

Other than id, name, and style, the rest are optional attributes. 

WADL Example

WADL Example
WADL Example

WSDL vs WADL

As both WADL and WSDL are the contracts/interfaces for web services and are used in almost similar situations, it’s crucial to figure out the differences between these two for effective usage. 

Before delving deep to figure out the differences, understand one key similarity that is both acts as a bridge between the server and the clients and are responsible for data transfer.

Comparison WADL and WSDL

Distinction PointersWADLWSDL
AcronymStands for Web App Description LanguageStands for Web Service Description Language
Supported formatUseful to describe RESTful applicationsUseful to describe SOAP applications
File uploading mechanismUploading a WADL file will allow a client to get familiar with basic abilities of the targeted web service.Uploading a WSDL file helps clients to know about the details like web service methods calls, predicted arguments against the methods, and type of returnable data.
Complexity levelVery lightweight, beginner-friendly, and easy to write and read language.Complex and time-consuming language requiring high-end expertise for effective usage.
Server bindingVery less or nearly zero SMTP server binding.High SMTP server binding.
DesigningFeatures simple designing.Features complex designing.
URI mechanismDemands straightforward URI mechanism.For proper utilization of the URI mechanism, the client needs to explain the XML message in detail.
RecognitionNot recommended by W3C.Highly recommended by W3C.
Relationship with RESTWorks only with REST and HTTP protocol.The earlier versions of WSDL, WSDL 1.1, and WSDL 1.0 were supporting only GET and POST-based requests. The latest version, WSDL 2.0, is HTTP compatible as well.
What it definesWith WADL, clients can explain elements such as resources, representations, and the techniques used for resource manipulations.All the key elements, including 0, can be explained by WSDL. Only <types> are not supported. It doesn’t expect the description of all the elements to be presented in XML format. Concepts of Abstract and Concrete portions are supported.
Resource that can be explained<resources>,<grammers>, <methods>, and <representation><message>, <type>,<binding> and <porttype>
AuthenticationOther than Authentication, all keys’ user expectations are supported by WADL.WSDL is a bit more flexible than WADL and supports all the expectations.
InputIt features two functions - one for POST and one for GET.WSDL is automatically generated via “?”
PurposeSupport app reuseProvides assistance in operation/messages and invoked data

What is WADL in RESTful service?

In simple words, it is the XML description comprising the details of the app's structure, media extensions, and resources alongside the HTTP requesting methods. To understand it better, try doing this for a REST solution:

  • Select the REST service option and pick the “sample-service” from the available menu.
  • In the newly-opened wizard, expand the menu.
  • From here, select the preferred Service Endpoints.
  • Look for the option ‘WADL’ and choose ‘Content.’

this way, you will be able to view opened RESTful app’s description and take its reference.

Conclusion

Employed widely to illustrate the utilities and characteristics of HTTP-driven web services, WADL is assisting web applications like Flickr, Google, and Yahoo greatly. Knowing about WADL in detail will help you reuse these apps and services better. You can even convert this file to WADL JSON format and use it more conveniently.

FAQ

Open
What is Web Application Description Language (WADL)?

WADL is an XML-based language used to describe the capabilities and structure of a web service, allowing developers to understand and interact with the service.

Open
What are the benefits of using WADL?

Using WADL simplifies development by providing a clear and concise description of the web service, enabling rapid prototyping and reducing time-to-market.

Open
How is WADL different from WSDL?

WADL is used to describe RESTful web services, while WSDL is used to describe SOAP web services. WADL is simpler and more lightweight than WSDL, making it easier to understand and use.

Open
What are some popular tools for working with WADL?

Some popular tools for working with WADL include the WADL2Java code generation tool, RESTClient, and SoapUI.

Open
Can you recommend a professional resource to learn more about WADL?

Absolutely! Here's an article on how WADL and SoapUI RESTful work together

References

Web Application Description Language - w3.org official

WADL - Github repository

Subscribe for the latest news

Updated:
Jul 31, 2025
Learning Objectives
APIs in an AI World: The Security Blind Spot Business Leaders Must Address
webinar
Apr 23, 2026
APIs in an AI World: The Security Blind Spot Business Leaders Must Address

In this session, business leaders will get a clear view of what is at stake and what it means for how you govern, protect, and lead.

Register Now
Subscribe for
the latest news
subscribe
Author |
Verified Expert
20+ years IT expertise in system engineering, security analysis, solutions architecture. Proficient in OS (Windows, Linux, Unix), programming (C++, Python, HTML/CSS/JS, Bash), DB (MySQL, Oracle, MongoDB, PostgreSQL). Skilled in scripting (PowerShell, Python), DevOps (microservices, containers, CI/CD), web development (Node.js, React, Angular). Successful track record in managing IT systems.
Reviewer |
Verified Expert
With over a decade of experience in cybersecurity, well-versed in system engineering, security analysis, and solutions architecture. Ivan possesses a comprehensive understanding of various operating systems, programming languages, and database management. His expertise extends to scripting, DevOps, and web development, making them a versatile and highly skilled individual in the field. Bughunter, working with top tech companies such as Google, Facebook, and Twitter. Blackhat speaker.
Related Topics
<