rest-patternslisted

# REST Patterns Quick reference for RESTful API design patterns and HTTP semantics. ## HTTP Methods | Method | Purpose | Idempotent | Cacheable | |--------|---------|------------|-----------| | **GET** | Retrieve resource(s) | Yes | Yes | | **POST** | Create new resource | No | No | | **PUT** | Replace entire resource | Yes | No | | **PATCH** | Partial update | Maybe | No | | **DELETE** | Remove resource | Yes | No | ## Essential Status Codes | Code | Name | Use | |------|------|-----| | **200** | OK | Success with body | | **201** | Created | POST success (add `Location` header) | | **204** | No Content | Success, no body | | **400** | Bad Request | Invalid syntax | | **401** | Unauthorized | Not authenticated | | **403** | Forbidden | Not authorized | | **404** | Not Found | Resource doesn't exist | | **422** | Unprocessable | Validation error | | **429** | Too Many Requests | Rate limited | | **500** | Server Error | Internal failure | ## Resource Design ```http GET /users # List POST /users # Create GET /users/{id} # Get one PUT /users/{id} # Replace PATCH /users/{id} # Update DELETE /users/{id} # Delete # Query parameters GET /users?page=2&limit=20 # Pagination GET /users?sort=created_at:desc # Sorting GET /users?role=admin # Filtering ``` ## Security Checklist - [ ] HTTPS/TLS only - [ ] OAuth 2.0 or JWT for auth - [ ] Validate all inputs - [ ] Rate limit per client