Glossary · Definition
REST
REST is an architectural style for HTTP APIs: each URL is a resource, HTTP verbs (GET, POST, PUT, PATCH, DELETE) operate on resources, responses are typically JSON. 'REST' colloquially means 'JSON HTTP API'; strict REST has more constraints most APIs ignore.
Definition
REST is an architectural style for HTTP APIs: each URL is a resource, HTTP verbs (GET, POST, PUT, PATCH, DELETE) operate on resources, responses are typically JSON. 'REST' colloquially means 'JSON HTTP API'; strict REST has more constraints most APIs ignore.
What it means
Roy Fielding's 2000 dissertation defined REST as six constraints: client-server separation, statelessness, cacheability, uniform interface, layered system, and code-on-demand (optional). Strict REST also includes HATEOAS (responses embed links to related resources), which most 'REST' APIs don't bother with. In practice 'RESTful' means: resource-oriented URLs (/users/123, not /getUser?id=123), HTTP verbs map to CRUD, status codes communicate outcomes (200/201/204/400/401/403/404/409/422/500). OpenAPI (formerly Swagger) is the standard schema language for documenting REST.
Advertisement
Why it matters
REST is the default for HTTP APIs because it works with every HTTP tool (curl, Postman, browser dev tools, every HTTP library), it caches naturally (HTTP cache headers + ETag), and it's straightforward to reason about. REST's weakness: relationships across resources require multiple roundtrips. GraphQL or RPC patterns can solve this; for many APIs that's not worth the trade-off.
Frequently asked questions
What's HATEOAS and do I need it?
Hypermedia As The Engine Of Application State — responses embed links to related actions ('next page', 'edit', 'delete'). Strict REST requires it. Almost no production APIs use it. Don't worry about HATEOAS unless your domain genuinely benefits from discoverability over a fixed contract.
What's the difference between PUT and PATCH?
PUT replaces the entire resource; PATCH updates specific fields. PUT must be idempotent (same body = same end state); PATCH can be either, depending on the patch format (JSON Merge Patch is idempotent; JSON Patch operations may not be).
OpenAPI vs JSON Schema vs others?
OpenAPI describes the entire API (paths, methods, request/response shapes, auth). JSON Schema is just for shape validation. Use OpenAPI for the API contract; JSON Schema is one piece of OpenAPI.
Related terms
- DefinitionAPIAn API (Application Programming Interface) is a contract that lets one program request something from another — typically over HTTP, in JSON. 'Web APIs', 'REST APIs', 'GraphQL APIs' are all flavors of the same idea: a defined surface for programmatic access.
- DefinitionGraphQLGraphQL is a typed query language for APIs. Clients send a query describing exactly which fields they want from related resources, the server resolves it, and the response shape matches the query. One endpoint, no over- or under-fetching.
- DefinitionHTTPSHTTPS is HTTP wrapped in a TLS-encrypted tunnel. Everything between your browser and the server — URLs, form data, cookies, response bodies — is encrypted in transit so a network observer (cafe Wi-Fi, ISP, anyone in between) can't read it or change it.