Document - resource, object or instance, database record.
http://api.soccer.restapi.org/leagues/seattle
http://api.soccer.restapi.org/leagues/seattle/teams/trebuchet
http://api.soccer.restapi.org/leagues/seattle/teams/trebuchet/players/mike
Collection - server-managed directory of resources.
http://api.soccer.restapi.org/leagues
http://api.soccer.restapi.org/leagues/seattle/teams
http://api.soccer.restapi.org/leagues/seattle/teams/trebuchet/players
Store - client-managed resource repository. A store resource lets an API client put resources in, get them back out, and decide when to delete them. On their own, stores do not create new resources; therefore a store never generates new URIs. Instead, each stored resource has a URI that was chosen by a client when it was initially put into the store.
PUT /users/1234/favorites/alonso
Controller - procedural concept, executable functions, with parameters and return values; inputs and outputs.
POST /alerts/245743/resend
- A singular noun should be used for document names
http://api.soccer.restapi.org/leagues/seattle/teams/trebuchet/players/claudio
- A plural noun should be used for collection names
http://api.soccer.restapi.org/leagues/seattle/teams/trebuchet/players
- A plural noun should be used for store names
http://api.music.restapi.org/artists/mikemassedotcom/playlists
- A verb or verb phrase should be used for controller names
http://api.college.restapi.org/students/morgan/register
http://api.example.restapi.org/lists/4324/dedupe
http://api.ognom.restapi.org/dbs/reindex
http://api.build.restapi.org/qa/nightly/runTestSuite
- Variable path segments may be substituted with identity-based values
http://api.soccer.restapi.org/leagues/{leagueId}/teams/{teamId}/players/{playerId}
http://api.soccer.restapi.org/leagues/seattle/teams/trebuchet/players/21
- CRUD function names should not be used in URIs
DELETE /users/1234
instead of:
GET /deleteUser?id=1234
GET /deleteUser/1234
DELETE /deleteUser/1234
POST /users/1234/delete
RFC 3986 defines the generic URI syntax as shown below:
URI = scheme "://" authority "/" path [ "?" query ] [ "#" fragment ]
- The query component of a URI may be used to filter collections or stores
GET /users
GET /users?role=admin
- The query component of a URI should be used to paginate collection
or store results
A REST API client should use the query component to paginate collection and store results with the pageSize and pageStartIndex parameters. The pageSize parameter specifies the maximum number of contained elements to return in the response. The pageStartIndex parameter specifies the zero-based index of the first element to return in the response
GET /users?pageSize=25&pageStartIndex=50
- Forward slash separator
/must be used to indicate a hierarchical relationship
http://api.canvas.restapi.org/shapes/polygons/quadrilaterals/squares
- A trailing forward slash
/should not be included in URIs
http://api.canvas.restapi.org/shapes/polygons/quadrilaterals/squares
instead of:
http://api.canvas.restapi.org/shapes/polygons/quadrilaterals/squares/
- Hyphens (-) should be used to improve the readability of URIs
http://api.example.restapi.org/blogs/mark-masse/entries/this-is-my-first-post
-
Underscores
_should not be used in URIs -
Uppercase letters should not be used in URIs
http://api.example.restapi.org/my-folder/my-doc
- File extensions should not be included in URIs
http://api.college.restapi.org/students/3248234/transcripts/2005/fall
instead of
http://api.college.restapi.org/students/3248234/transcripts/2005/fall.json
- GET and POST must not be used to tunnel other request methods
- GET must be used to retrieve a representation of a resource
- HEAD should be used to retrieve response headers
- PUT must be used to both insert and update a stored resource
- PUT must be used to update mutable resources
- POST must be used to create a new resource in a collection
- POST must be used to execute controllers
- DELETE must be used to remove a resource from its parent
- OPTIONS should be used to retrieve metadata that describes a resource’s available interactions
| Category | Description |
|---|---|
| 1xx: Informational | Communicates transfer protocol-level information |
| 2xx: Success | Indicates that the client request was accepted successfully |
| 3xx: Redirection | Indicates that the client must take some additional action in order to complete their request |
| 4xx: Client Error | This category of error status codes points the finger at clients |
| 5xx: Server Error | The server takes responsibility for these error status codes |
200 (“OK”)should be used to indicate nonspecific success200 (“OK”)must not be used to communicate errors in the response body201 (“Created”)must be used to indicate successful resource creation202 (“Accepted”)must be used to indicate successful start of an asynchronous action204 (“No Content”)should be used when the response body is intentionally empty301 (“Moved Permanently”)should be used to relocate resources302 (“Found”)should not be used303 (“See Other”)should be used to refer the client to a different URI304 (“Not Modified”)should be used to preserve bandwidth307 (“Temporary Redirect”)should be used to tell clients to resubmit the request to another URI400 (“Bad Request”)may be used to indicate nonspecific failure401 (“Unauthorized”)must be used when there is a problem with the client’s credentials403 (“Forbidden”)should be used to forbid access regardless of authorization state404 (“Not Found”)must be used when a client’s URI cannot be mapped to a resource405 (“Method Not Allowed”)must be used when the HTTP method is not supported406 (“Not Acceptable”)must be used when the requested media type cannot be served409 (“Conflict”)should be used to indicate a violation of resource state412 (“Precondition Failed”)should be used to support conditional operations415 (“Unsupported Media Type”)must be used when the media type of a request’s payload cannot be processed500 (“Internal Server Error”)should be used to indicate API malfunction