Skip to main content

REST API Reference

v1.0.0

Searchable reference for HTTP methods, status codes, design principles, and common headers.

40 entries found

GETHTTP Methods

Retrieve a resource. Safe and idempotent — should not modify state.

GET /users/42
POSTHTTP Methods

Create a new resource or trigger an action. Not idempotent.

POST /users  { name: 'Alice' }
PUTHTTP Methods

Replace a resource entirely. Idempotent — same result on repeated calls.

PUT /users/42  { name: 'Alice', email: '...' }
PATCHHTTP Methods

Partially update a resource. Only send fields that change.

PATCH /users/42  { email: 'new@mail.com' }
DELETEHTTP Methods

Remove a resource. Idempotent.

DELETE /users/42
OPTIONSHTTP Methods

Describes the communication options for the target resource.

OPTIONS /users
HEADHTTP Methods

Like GET but returns only headers, no body.

HEAD /users/42
200 OKStatus Codes 2xx

Request succeeded. Typically used for GET and PUT responses.

201 CreatedStatus Codes 2xx

Resource created successfully. Return Location header pointing to the new resource.

202 AcceptedStatus Codes 2xx

Request accepted for async processing but not yet completed.

204 No ContentStatus Codes 2xx

Request succeeded but there is no response body. Common for DELETE.

301 Moved PermanentlyStatus Codes 3xx

Resource has permanently moved to a new URL.

302 FoundStatus Codes 3xx

Temporary redirect. The resource is currently at a different URL.

304 Not ModifiedStatus Codes 3xx

Resource has not changed; use the cached version.

400 Bad RequestStatus Codes 4xx

Malformed or invalid request syntax.

401 UnauthorizedStatus Codes 4xx

Authentication is required and has failed or not been provided.

403 ForbiddenStatus Codes 4xx

Authenticated but not authorised to access this resource.

404 Not FoundStatus Codes 4xx

Resource does not exist at this URL.

405 Method Not AllowedStatus Codes 4xx

HTTP method is not allowed on this resource.

409 ConflictStatus Codes 4xx

Request conflicts with the current state of the resource.

410 GoneStatus Codes 4xx

Resource has been permanently deleted and will not return.

422 Unprocessable EntityStatus Codes 4xx

Request was well-formed but contained semantic errors.

429 Too Many RequestsStatus Codes 4xx

Rate limit exceeded. Include Retry-After header.

500 Internal Server ErrorStatus Codes 5xx

Unexpected server-side failure.

501 Not ImplementedStatus Codes 5xx

Server does not support the functionality required.

502 Bad GatewayStatus Codes 5xx

Upstream server returned an invalid response.

503 Service UnavailableStatus Codes 5xx

Server is temporarily unavailable, e.g. during maintenance.

504 Gateway TimeoutStatus Codes 5xx

Upstream server did not respond in time.

Resource NamingDesign Principles

Use nouns for resources, not verbs. Plural for collections.

/users, /orders/42, /orders/42/items
VersioningDesign Principles

Version your API to avoid breaking changes.

/v1/users  or  Accept: application/vnd.api+json;version=1
PaginationDesign Principles

Use limit/offset or cursor-based pagination for large collections.

GET /users?page=2&limit=20  or  ?after=cursor_token
Filtering / SortingDesign Principles

Use query params for filtering and sorting.

GET /users?role=admin&sort=-createdAt
HATEOASDesign Principles

Include hypermedia links in responses to drive state transitions.

{ "id": 1, "links": { "self": "/users/1" } }
Idempotency KeyDesign Principles

For non-idempotent ops, accept an idempotency key header to prevent duplicate execution.

Idempotency-Key: <uuid>
Content-TypeHeaders

Media type of the request or response body.

Content-Type: application/json
AcceptHeaders

Media types the client can understand.

Accept: application/json
AuthorizationHeaders

Credentials for authenticating the request.

Authorization: Bearer <token>
LocationHeaders

URL of created or redirected resource.

Location: /users/42
ETagHeaders

Version identifier for conditional requests.

ETag: "abc123"
Cache-ControlHeaders

Caching directives for the response.

Cache-Control: max-age=3600, must-revalidate