MockAPIDownload Mock Server

Endpoint

A specific URL where an API can be accessed to perform operations on resources.

An API endpoint is a specific URL where your API receives requests. Each endpoint represents a resource or action - when you call GET /api/users, that URL is an endpoint. Good endpoint design makes APIs intuitive; bad design makes them confusing and error-prone.

Anatomy of an Endpoint

A complete endpoint URL has these parts:

https://api.example.com/v1/users/123?include=orders

PartExamplePurpose
Protocolhttps://Security (always use HTTPS)
Domainapi.example.comServer location
Base path/v1API version
Resource path/users/123What resource to access
Query string?include=ordersOptions and filters

Endpoint Types

Collection endpoints - operate on groups:

  • GET /users - List all users
  • POST /users - Create a new user

Resource endpoints - operate on single items:

  • GET /users/123 - Get specific user
  • PUT /users/123 - Replace user
  • PATCH /users/123 - Update user fields
  • DELETE /users/123 - Remove user

Nested endpoints - show relationships:

  • GET /users/123/orders - Orders belonging to user 123
  • POST /users/123/orders - Create order for user 123

Action endpoints - for non-CRUD operations:

  • POST /users/123/reset-password - Trigger password reset
  • POST /orders/456/cancel - Cancel an order

URL Design Principles

Use nouns, not verbs: The HTTP method is the verb. The URL is the noun.

  • POST /users (create user)
  • POST /createUser

Use plural names: Collections are plural, even for single resources.

  • GET /users/123
  • GET /user/123

Use kebab-case: Lowercase with hyphens for multi-word resources.

  • /user-profiles
  • /userProfiles or /user_profiles

Keep it shallow: Deep nesting becomes unwieldy. Max 2-3 levels.

  • /users/123/orders
  • /users/123/orders/456/items/789/reviews

Use query params for filtering: Don't encode filters in the path.

  • /users?status=active&role=admin
  • /users/active/admin

HTTP Methods and Endpoints

MethodEndpointActionIdempotent
GET/usersList usersYes
GET/users/123Get userYes
POST/usersCreate userNo
PUT/users/123Replace userYes
PATCH/users/123Update fieldsNo
DELETE/users/123Delete userYes

Query Parameters

Use query params for:

Filtering: /products?category=electronics&price_max=100 Sorting: /users?sort=created_at&order=desc Pagination: /posts?page=2&limit=20 Field selection: /users?fields=id,name,email Including relations: /orders?include=items,customer Searching: /products?q=laptop

Versioning Endpoints

APIs change. Versioning prevents breaking existing clients.

URL versioning (most common): /v1/users, /v2/users

Header versioning: Accept: application/vnd.api.v1+json

Query param versioning: /users?version=1

Start with v1 even if you don't plan v2. It's easier to add than retrofit.

Common Mistakes

1. Inconsistent naming: /users, /Product, /order-items, /customerAddress Pick one convention and stick to it across all endpoints.

2. Verbs in URLs: /getUsers, /deleteUser/123, /createOrder Let HTTP methods be the verbs.

3. Exposing implementation details: /api/mysql/users/select Clients don't care about your database.

4. Not using proper status codes: GET /users/999 returning 200 with empty body instead of 404.

5. Ignoring trailing slashes: /users and /users/ should behave the same. Pick one and redirect the other.

Best Practices

Be consistent: If /users returns a list, /products should too. Same patterns everywhere.

Use meaningful names: /api/v1/u/123 is cryptic. /api/v1/users/123 is clear.

Document every endpoint: Method, URL, parameters, request body, response format, possible errors.

Return useful errors: When an endpoint fails, tell the client why. {"error": "email already exists", "field": "email"}

Consider rate limiting: Protect endpoints from abuse. Return 429 with Retry-After header.

Code Examples

Well-Designed API Endpoints

# Users
GET    /api/v1/users              # List users (with pagination)
GET    /api/v1/users/:id          # Get single user
POST   /api/v1/users              # Create user
PATCH  /api/v1/users/:id          # Update user
DELETE /api/v1/users/:id          # Delete user

# User's nested resources
GET    /api/v1/users/:id/orders   # User's orders
GET    /api/v1/users/:id/profile  # User's profile

# Products with filtering
GET    /api/v1/products                    # All products
GET    /api/v1/products?category=books     # Filter by category
GET    /api/v1/products?sort=-price        # Sort by price desc
GET    /api/v1/products?page=2&limit=20    # Pagination

# Actions (when CRUD doesn't fit)
POST   /api/v1/users/:id/verify-email      # Send verification
POST   /api/v1/orders/:id/cancel           # Cancel order
POST   /api/v1/auth/login                  # Login
POST   /api/v1/auth/logout                 # Logout

Related Terms

WebSocket

A protocol enabling full-duplex, real-time communication between client and server.

Read more

HTTP Status Codes

Standard response codes that indicate the result of an HTTP request.

Read more

API Versioning

Strategies for managing breaking changes in APIs while maintaining backward compatibility.

Read more

Query Parameters

Key-value pairs appended to URLs for filtering, sorting, and customizing API requests.

Read more