api-design

REST API design principles and patterns - use when designing new endpoints, creating DTOs, or planning API structure

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "api-design" with this command: npx skills add ashchupliak/dream-team/ashchupliak-dream-team-api-design

REST API Design Principles

URL Structure

GET    /api/v1/resources           # List all
GET    /api/v1/resources/{id}      # Get one
POST   /api/v1/resources           # Create
PUT    /api/v1/resources/{id}      # Replace
PATCH  /api/v1/resources/{id}      # Partial update
DELETE /api/v1/resources/{id}      # Delete

# Nested resources
GET    /api/v1/parents/{id}/children
POST   /api/v1/parents/{id}/children

HTTP Status Codes

CodeMeaningWhen to Use
200OKSuccessful GET, PUT, PATCH
201CreatedSuccessful POST (new resource)
204No ContentSuccessful DELETE
400Bad RequestValidation errors, malformed request
401UnauthorizedMissing or invalid authentication
403ForbiddenValid auth but no permission
404Not FoundResource doesn't exist
409ConflictDuplicate, state conflict
422UnprocessableSemantic errors
500Server ErrorUnexpected errors

Request/Response Design

Collection Response

{
  "data": [...],
  "pagination": {
    "page": 1,
    "pageSize": 20,
    "totalItems": 150,
    "totalPages": 8
  }
}

Single Resource Response

{
  "id": "uuid",
  "name": "Resource Name",
  "createdAt": "2024-01-15T10:30:00Z",
  "updatedAt": "2024-01-15T11:00:00Z"
}

Error Response

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Name is required",
    "details": [
      {"field": "name", "message": "must not be blank"}
    ]
  }
}

Query Parameters

# Filtering
GET /api/v1/resources?status=active&type=premium

# Sorting
GET /api/v1/resources?sort=createdAt,desc

# Pagination
GET /api/v1/resources?page=1&pageSize=20

# Field selection
GET /api/v1/resources?fields=id,name,status

# Search
GET /api/v1/resources?search=query

Idempotency

  • POST with unique identifiers should return existing resource (200) if duplicate
  • PUT/DELETE should be idempotent
  • Use Pair<Result, Boolean> pattern to indicate created vs existing

Versioning

  • Use URL path versioning: /api/v1/, /api/v2/
  • Version when making breaking changes
  • Support old versions during migration period

Security Considerations

  • Always validate input at API boundary
  • Use parameterized queries (JOOQ handles this)
  • Check authorization in service layer
  • Never expose internal IDs or sensitive data
  • Rate limit public endpoints

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

kotlin-spring-boot

No summary provided by upstream source.

Repository SourceNeeds Review
-108
ashchupliak
General

grpc-protobuf

No summary provided by upstream source.

Repository SourceNeeds Review
-57
ashchupliak
General

flyway-migrations

No summary provided by upstream source.

Repository SourceNeeds Review
-55
ashchupliak