REST API
REST API (Representational State Transfer Application Programming Interface) is an architectural style for interaction between a client and a server, based on HTTP requests and data transfer in standardized formats (most commonly JSON). REST API is used for information exchange between applications — for example, between a website and a server, a mobile app and a database, a CRM system and an online store.
What is REST API
REST stands for Representational State Transfer.
It is not a specific protocol, but a set of principles on which modern web services are built.
REST API is an interface that allows systems to exchange data in a stateless manner using standard HTTP methods.
Example:
When a user visits a website or application, it sends a request to the server:
“Give me the list of products”
The server returns a response in JSON format — and the application displays the required data.
REST Principles
- Client-Server Architecture. The client (e.g., browser or app) and server are independent. The client is responsible for the interface, the server for storing and processing data.
- Statelessness. Each request is independent — the server does not store information about previous interactions.
- Caching. Server responses can be cached to improve performance.
- Uniform Interface. All requests use standard HTTP methods (GET, POST, PUT, DELETE, etc.).
- Hierarchical Resource Structure. All data is organized as resources (e.g., /users, /orders, /products), accessible via URLs.
- Data Format. Typically JSON, less often — XML, YAML, or HTML.
Main HTTP Methods in REST API
| Method | Purpose | Example Request |
| GET | Retrieve data (read a resource) | GET /products |
| POST | Create a new resource | POST /products |
| PUT | Fully update a resource | PUT /products/123 |
| PATCH | Partially update a resource | PATCH /products/123 |
| DELETE | Delete a resource | DELETE /products/123 |
Example:
GET https://api.example.com/users/25
→ returns data for the user with ID 25.
Example REST API Request and Response
Request (GET):
text
GET /api/products/15 HTTP/1.1
Host: example.com
Accept: application/json
Response:
json
{
“id”: 15,
“name”: “Apple iPhone 15”,
“price”: 145000,
“in_stock”: true
}
Data Formats
REST API most commonly uses JSON (JavaScript Object Notation) — a lightweight, human-readable format. Example JSON response:
json
{
“user”: {
“id”: 102,
“name”: “Anna Smirnova”,
“email”: “anna@example.com”
}
}
Other possible formats:
- XML — a stricter format for enterprise systems.
- YAML — often used in DevOps and configurations.
- CSV — for exporting table data.
Example REST API in Action
Imagine an online store:
| User Action | HTTP Request | URL |
| View all products | GET | /api/products |
| Get product by ID | GET | /api/products/45 |
| Add a new product | POST | /api/products |
| Update a product | PUT | /api/products/45 |
| Delete a product | DELETE | /api/products/45 |
Advantages of REST API
- Simplicity. Uses standard HTTP requests — doesn’t require complex protocols.
- Flexibility. Can be used with any programming language or platform.
- Scalability. Suitable for microservice architecture.
- Caching. Reduces server load.
- Universality. Works in browsers, mobile apps, IoT devices.
Disadvantages of REST API
- Statelessness. Each request must re-send authorization and parameters.
- No Strict Standard. REST implementations can vary.
- Inefficient for Complex Data Relationships. For example, when working with graphs (in such cases, GraphQL is better).
Authorization in REST API
To protect data, REST API often uses:
- API Key — a simple access token.
- Basic Auth — username + password.
- OAuth 2.0 / Bearer Token — standard for secure applications.
- JWT (JSON Web Token) — a token containing encrypted user data.
Example authorization header:
text
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9…
Tools for Working with REST API
- Postman — visual API request testing.
- Insomnia — alternative with a focus on development.
- cURL — command-line tool for HTTP requests.
- Swagger (OpenAPI) — API documentation and interactive testing.
REST API Best Practices
- Use readable URLs:
/api/users/123/orders instead of /getUserOrders?id=123. - Return correct HTTP status codes:
- 200 OK — request successful.
- 201 Created — resource created.
- 400 Bad Request — error in the request.
- 404 Not Found — resource not found.
- 500 Internal Server Error — server error.
- Add pagination for large datasets (?page=2&limit=20).
- Document the API via Swagger / OpenAPI Specification.
- Implement API versioning:
/api/v1/products, /api/v2/products.
Example REST API Architecture
text
Client (Web / Mobile)
↓
HTTP Request
↓
REST API (Server)
↓
Database
↓
JSON Response
Conclusion
REST API is the foundation of interaction in the modern web. It provides a standard, simple, and flexible way for data exchange between systems, used in websites, CRM systems, applications, microservices, and analytics.
