REST
API - Application Programming Interface
2 min read
This section is 2 min read, full guide is 16 min read
Published Sep 24 2025
8
Show sections list
0
Log in to enable the "Like" button
0
Guide comments
0
Log in to enable the "Save" button
Respond to this guide
Guide Sections
Guide Comments
API
REST is an architectural style for designing APIs, focused on resources rather than actions. It allows clients and servers to communicate over HTTP, using standard methods to perform operations on resources.
REST APIs are the default standard for web services, providing a simple, stateless way to manipulate resources over HTTP. They’re widely used because of their simplicity, scalability, and interoperability, but they can be less efficient for complex queries or real-time data needs.
Key Features
- Resource-oriented → Everything is a resource (e.g.,
/users/123). - HTTP methods → Standard verbs define actions:
GET→ Read a resourcePOST→ Create a resourcePUT→ Update a resourceDELETE→ Delete a resource
- Stateless → Each request contains all information needed; the server does not store session state.
- Data formats → JSON is most common, but XML, YAML, or others are possible.
- URI-based access → Resources are identified by URLs.
Advantages
- Simple and widely adopted → Easy to learn and implement.
- Lightweight → Especially with JSON payloads.
- Scalable → Works well over HTTP and can be cached.
- Tooling and ecosystem → Huge support in frameworks, libraries, and documentation tools.
Disadvantages
- Over-fetching/under-fetching → May return too much or too little data.
- No strict contract → Responses can vary unless carefully documented.
- Not ideal for real-time updates → Requires polling or additional tech like WebSockets.
Use Cases
- Web and mobile apps fetching or updating data.
- CRUD-based applications.
- Public APIs like GitHub, Twitter, or Spotify.
- Backend-to-backend communication where simplicity is preferred.
Security
Common Methods:
- API keys → Client includes a secret key in the header or URL.
- HTTP Basic Auth → Username/password encoded in HTTP header (less secure over plain HTTP).
- Bearer Tokens / OAuth 2.0 → Most common for modern REST APIs:
- Client gets a token from an authorisation server.
- Token is sent in the
Authorization: Bearer <token>header.
- JWT (JSON Web Tokens) → Encodes user identity and claims, often used with OAuth 2.0.
Example REST Request & Response
Request (GET a user):
GET /users/123 HTTP/1.1
Host: example.com
Accept: application/json
Response:
{
"id": 123,
"name": "Alice",
"email": "alice@example.com"
}
Products from our shop
Docker Cheat Sheet - Print at Home Designs
Docker Cheat Sheet Mouse Mat
Docker Cheat Sheet Travel Mug
Docker Cheat Sheet Mug
Vim Cheat Sheet - Print at Home Designs
Vim Cheat Sheet Mouse Mat
Vim Cheat Sheet Travel Mug
Vim Cheat Sheet Mug
SimpleSteps.guide branded Travel Mug
Developer Excuse Javascript - Travel Mug
Developer Excuse Javascript Embroidered T-Shirt - Dark
Developer Excuse Javascript Embroidered T-Shirt - Light
Developer Excuse Javascript Mug - White
Developer Excuse Javascript Mug - Black
SimpleSteps.guide branded stainless steel water bottle
Developer Excuse Javascript Hoodie - Light
