REST API design patterns including resource naming, status codes, pagination, filtering, error responses, versioning, and rate limiting for production APIs.
Conventions and best practices for designing consistent, developer-friendly REST APIs.
GET /api/v1/users # List
GET /api/v1/users/:id # Get one
POST /api/v1/users # Create
PUT /api/v1/users/:id # Full update
PATCH /api/v1/users/:id # Partial update
DELETE /api/v1/users/:id # Delete
# Sub-resources
GET /api/v1/users/:id/orders
200 OK -- GET, PUT, PATCH
201 Created -- POST (include Location header)
204 No Content -- DELETE
400 Bad Request -- Validation failure
401 Unauthorized -- Missing/invalid auth
403 Forbidden -- Authenticated but not authorized
404 Not Found -- Resource doesn't exist
409 Conflict -- Duplicate entry
422 Unprocessable Entity -- Valid JSON, bad data
429 Too Many Requests -- Rate limit exceeded
500 Internal Server Error -- Never expose details
{
"data": { "id": "abc-123", "name": "Alice" },
"meta": { "total": 142, "page": 1, "per_page": 20 },
"links": { "next": "/api/v1/users?page=2" }
}
{
"error": {
"code": "validation_error",
"message": "Request validation failed",
"details": [
{ "field": "email", "message": "Must be a valid email address" }
]
}
}
GET /api/v1/users?cursor=eyJpZCI6MTIzfQ&limit=20
GET /api/v1/users?page=2&per_page=20
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1640000000