REST APIs

What is a REST API?

The most common architectural style for web APIs

REST (Representational State Transfer) is an architectural style for designing networked applications. A REST API uses HTTP methods to perform operations on resources identified by URLs.

When you call an API endpoint like GET /api/users/123, you're requesting a representation of the user resource. The API returns data (usually JSON) along with metadata in HTTP headers.

REST Principles

The six architectural constraints defined by Roy Fielding

REST Architectural Constraints

Click each principle to learn more

Click on a principle to see details

💡

REST vs RESTful

REST is the architectural style defined by Roy Fielding. RESTful describes APIs that follow REST principles. Most APIs claim to be RESTful but only partially follow the constraints.

Resources & Endpoints

How to design URLs for your API resources

RESTful URL Patterns

Click each endpoint to see request and response examples

Collection Resource

/api/users

Represents a list of resources. Use plural nouns.

Singleton Resource

/api/users/123

Represents a single resource identified by ID.

Nested Resources (Relationships)

GET /api/users/1/posts Get all posts by user 1

GET /api/users/1/posts/5 Get post 5 by user 1

POST /api/users/1/posts Create a new post for user 1

API Design Best Practices

Industry-standard conventions for RESTful APIs

🔗

HATEOAS (Hypermedia)

Hypermedia As The Engine Of Application State. Responses include links to related actions:

{
  "id": 1,
  "name": "Alice",
  "_links": {
    "self": "/api/users/1",
    "posts": "/api/users/1/posts",
    "delete": "/api/users/1"
  }
}

API Versioning

Strategies for evolving your API without breaking clients

Versioning Strategies

Compare different approaches to API versioning

Click on a versioning strategy to see details

💡

Common Interview Question

"Which versioning strategy should you use?"
URL path versioning (/api/v1/) is most popular due to simplicity and clarity. Major companies like Twitter, GitHub, and Stripe use this approach.

Error Handling

HTTP status codes and error response best practices

Consistent Error Response Structure

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "The request data is invalid",
    "details": [
      { "field": "email", "message": "Must be a valid email" },
      { "field": "age", "message": "Must be at least 18" }
    ]
  },
  "request_id": "req_abc123",
  "timestamp": "2024-01-15T10:30:00Z"
}

💡

Security Best Practice

Never expose internal error details (stack traces, database errors) in production. Log detailed errors server-side and return generic messages with a request ID for debugging.

Key Terms to Remember

Master these terms for technical interviews