REST (Representational State Transfer) is an architectural style for designing networked APIs that use standard HTTP methods to enable communication between clients and servers. It is the dominant pattern for building web APIs due to its simplicity, scalability, and wide tooling support.
REST is not a protocol or a library — it is a set of architectural constraints first defined by Roy Fielding in his 2000 doctoral dissertation. A system that follows these constraints is called RESTful. REST operates over HTTP, making it naturally compatible with the existing web infrastructure. It treats every piece of data or functionality as a 'resource' identified by a URL.
REST has six guiding constraints: client-server separation, statelessness, cacheability, a uniform interface, a layered system, and optional code-on-demand. The most critical is statelessness — each request from a client must contain all information the server needs to fulfill it, with no session stored server-side. The uniform interface constraint means resources are manipulated through standard HTTP verbs: GET, POST, PUT, PATCH, and DELETE.
A client sends an HTTP request to a resource URL, such as GET /users/42, and the server returns a representation of that resource — typically JSON or XML. The HTTP status code communicates the outcome: 200 for success, 404 for not found, 201 for created, and so on. The response body contains the resource state at the moment of the request, not a live reference to it.
Good REST API design centers on nouns, not verbs, in URLs — /orders/5 is correct, while /getOrder?id=5 is not RESTful. Resources can be nested to express relationships, such as /users/42/orders to list orders belonging to user 42. Keeping URLs consistent and hierarchical makes APIs intuitive and predictable for consumers.
A common mistake is storing authentication sessions server-side, which violates the statelessness constraint. Instead, RESTful APIs typically use tokens — such as JWTs — sent with every request in the Authorization header. This allows any server instance in a load-balanced environment to handle any request without shared session state, which is critical for horizontal scalability.
REST is often compared to GraphQL and gRPC. GraphQL lets clients request exactly the fields they need, reducing over-fetching, while gRPC uses binary Protocol Buffers for high-performance service-to-service communication. REST remains the best default choice for public-facing APIs due to its simplicity, HTTP caching support, and near-universal client compatibility.
© RM Full Stack & AI Engineer · All guides · Roadmaps · Open the app