REST API Cheat Sheet

rest-api-cheatsheet.md

REST API Cheat Sheet

REST Architectural Principles

• Client-Server Architecture

  • Strict separation of concerns
  • Independent evolution of components

• Statelessness

  • Complete context in requests
  • No server-side session storage

• Cacheability

  • Cache control mechanisms
  • Improves response times

• Layered System

  • No direct dependency between layers
  • Enhances flexibility

• Uniform Interface

  • Standardized communication
  • Self-descriptive messages

HTTP Methods

• GET

  • Retrieve resource data
  • Safe, idempotent, no side effects

• POST

  • Create new resources
  • Not idempotent

• PUT

  • Replace entire resource
  • Idempotent

• PATCH

  • Partial resource modification
  • Efficient and lightweight

• DELETE

  • Remove resources
  • Idempotent

HTTP Status Codes

• 2xx Success

  • 200 OK
  • 201 Created
  • 204 No Content

• 3xx Redirection

  • 301 Moved Permanently
  • 304 Not Modified

• 4xx Client Errors

  • 400 Bad Request
  • 401 Unauthorized
  • 404 Not Found

• 5xx Server Errors

  • 500 Internal Server Error
  • 503 Service Unavailable

Resource Design Principles

• Endpoint Naming

  • Use nouns, plural forms, logical structure

• Query Parameters

  • Filtering, sorting, pagination

Security Best Practices

• Authentication

  • OAuth 2.0, JWT, API Keys

• Authorization

  • RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control)

• Protection Strategies

  • HTTPS, validation, rate limiting

Performance Optimization

• Caching Strategies

  • Browser caching, CDN, ETag

• Efficiency Techniques

  • Compression, minimal payload

Documentation Guidelines

• Endpoint Descriptions
• Error Code Explanations
• Version Management