MockAPIDownload Mock Server

Endpoint

A specific URL where an API can be accessed to perform operations on resources.

An API endpoint is a specific URL where your API receives requests. Each endpoint represents a resource or action - when you call GET /api/users, that URL is an endpoint. Good endpoint design makes APIs intuitive; bad design makes them confusing and error-prone.

Anatomy of an Endpoint

A complete endpoint URL has these parts:

https://api.example.com/v1/users/123?include=orders

PartExamplePurpose
Protocolhttps://Security (always use HTTPS)
Domainapi.example.comServer location
Base path/v1API version
Resource path/users/123What resource to access
Query string?include=ordersOptions and filters

Endpoint Types

Collection endpoints - operate on groups:

  • GET /users - List all users
  • POST /users - Create a new user

Resource endpoints - operate on single items:

  • GET /users/123 - Get specific user
  • PUT /users/123 - Replace user
  • PATCH /users/123 - Update user fields
  • DELETE /users/123 - Remove user

Nested endpoints - show relationships:

  • GET /users/123/orders - Orders belonging to user 123
  • POST /users/123/orders - Create order for user 123

Action endpoints - for non-CRUD operations:

  • POST /users/123/reset-password - Trigger password reset
  • POST /orders/456/cancel - Cancel an order

URL Design Principles

Use nouns, not verbs: The HTTP method is the verb. The URL is the noun.

  • POST /users (create user)
  • POST /createUser

Use plural names: Collections are plural, even for single resources.

  • GET /users/123
  • GET /user/123

Use kebab-case: Lowercase with hyphens for multi-word resources.

  • /user-profiles
  • /userProfiles or /user_profiles

Keep it shallow: Deep nesting becomes unwieldy. Max 2-3 levels.

  • /users/123/orders
  • /users/123/orders/456/items/789/reviews

Use query params for filtering: Don't encode filters in the path.

  • /users?status=active&role=admin
  • /users/active/admin

HTTP Methods and Endpoints

MethodEndpointActionIdempotent
GET/usersList usersYes
GET/users/123Get userYes
POST/usersCreate userNo
PUT/users/123Replace userYes
PATCH/users/123Update fieldsNo
DELETE/users/123Delete userYes

Query Parameters

Use query params for:

Filtering: /products?category=electronics&price_max=100 Sorting: /users?sort=created_at&order=desc Pagination: /posts?page=2&limit=20 Field selection: /users?fields=id,name,email Including relations: /orders?include=items,customer Searching: /products?q=laptop

Versioning Endpoints

APIs change. Versioning prevents breaking existing clients.

URL versioning (most common): /v1/users, /v2/users

Header versioning: Accept: application/vnd.api.v1+json

Query param versioning: /users?version=1

Start with v1 even if you don't plan v2. It's easier to add than retrofit.

Common Mistakes

1. Inconsistent naming: /users, /Product, /order-items, /customerAddress Pick one convention and stick to it across all endpoints.

2. Verbs in URLs: /getUsers, /deleteUser/123, /createOrder Let HTTP methods be the verbs.

3. Exposing implementation details: /api/mysql/users/select Clients don't care about your database.

4. Not using proper status codes: GET /users/999 returning 200 with empty body instead of 404.

5. Ignoring trailing slashes: /users and /users/ should behave the same. Pick one and redirect the other.

Best Practices

Be consistent: If /users returns a list, /products should too. Same patterns everywhere.

Use meaningful names: /api/v1/u/123 is cryptic. /api/v1/users/123 is clear.

Document every endpoint: Method, URL, parameters, request body, response format, possible errors.

Return useful errors: When an endpoint fails, tell the client why. {"error": "email already exists", "field": "email"}

Consider rate limiting: Protect endpoints from abuse. Return 429 with Retry-After header.

Code Examples

Well-Designed API Endpoints

# Users
GET    /api/v1/users              # List users (with pagination)
GET    /api/v1/users/:id          # Get single user
POST   /api/v1/users              # Create user
PATCH  /api/v1/users/:id          # Update user
DELETE /api/v1/users/:id          # Delete user

# User's nested resources
GET    /api/v1/users/:id/orders   # User's orders
GET    /api/v1/users/:id/profile  # User's profile

# Products with filtering
GET    /api/v1/products                    # All products
GET    /api/v1/products?category=books     # Filter by category
GET    /api/v1/products?sort=-price        # Sort by price desc
GET    /api/v1/products?page=2&limit=20    # Pagination

# Actions (when CRUD doesn't fit)
POST   /api/v1/users/:id/verify-email      # Send verification
POST   /api/v1/orders/:id/cancel           # Cancel order
POST   /api/v1/auth/login                  # Login
POST   /api/v1/auth/logout                 # Logout

Related Terms

REST API

An architectural style for building web APIs using HTTP methods and stateless communication.

Read more

CORS

Cross-Origin Resource Sharing - A security mechanism that controls how web pages can request resources from different domains.

Read more

Latency

The time delay between a request being sent and a response being received.

Read more

Idempotency

A property where making the same API request multiple times produces the same result.

Read more