rest-api/REST.md


| Method  | REST Purpose               | Idempotent | Safe  | Example                      | Typical Response Codes                                 |
|---------|----------------------------|------------|-------|------------------------------|--------------------------------------------------------|
| GET     | Retrieve a collection      | ✔ Yes      | ✔ Yes | `GET /users`                 | 200 OK, 204 No Content, 304 Not Modified               |
| GET     | Retrieve a single resource | ✔ Yes      | ✔ Yes | `GET /users/123`             | 200 OK, 404 Not Found, 304 Not Modified                |
| POST    | Create a new resource      | ✖ No       | ✖ No  | `POST /users`                | 201 Created, 400 Bad Request, 409 Conflict             |
| PUT     | Replace a resource         | ✔ Yes      | ✖ No  | `PUT /users/123`             | 200 OK, 204 No Content, 400 Bad Request, 404 Not Found |
| PATCH   | Update part of a resource  | ✖ No       | ✖ No  | `PATCH /users/123`           | 200 OK, 204 No Content, 400 Bad Request, 404 Not Found |
| DELETE  | Remove a resource          | ✔ Yes      | ✖ No  | `DELETE /users/123`          | 204 No Content, 404 Not Found                          |
| HEAD    | Retrieve headers only      | ✔ Yes      | ✔ Yes | `HEAD /users/123`            | 200 OK, 404 Not Found                                  |
| OPTIONS | Discover allowed methods   | ✔ Yes      | ✔ Yes | `OPTIONS /users`             | 204 No Content, 405 Method Not Allowed                 |

Typical Status codes to watch for:
- 401 Unauthorized
- 403 Forbidden
- 500 Server Error

| Status Code | Text Description        | Typical REST Usage                                     |
|-------------|-------------------------|--------------------------------------------------------|
| 200         | OK                      | Successful GET, PUT, or DELETE request                 |
| 201         | Created                 | Resource successfully created (e.g., POST)             |
| 202         | Accepted                | Request accepted for processing (async operations)     |
| 204         | No Content              | Successful request with no response body (e.g., DELETE)|
| 301         | Moved Permanently       | Resource has moved (rare in REST APIs)                 |
| 302         | Found                   | Temporary redirect (often avoided in APIs)             |
| 304         | Not Modified            | Used with caching headers like ETag                    |
| 400         | Bad Request             | Malformed request, missing parameters, etc.            |
| 401         | Unauthorized            | Authentication required or failed                      |
| 403         | Forbidden               | Authenticated but not authorized                       |
| 404         | Not Found               | Resource not found                                     |
| 405         | Method Not Allowed      | HTTP method not supported for this endpoint            |
| 409         | Conflict                | Request conflicts with current state (e.g., duplicate) |
| 410         | Gone                    | Resource no longer available                           |
| 415         | Unsupported Media Type  | Content-Type not supported (e.g., expecting JSON)      |
| 422         | Unprocessable Entity    | Validation error (common in POST/PUT with payloads)    |
| 429         | Too Many Requests       | Rate limiting exceeded                                 |
| 500         | Internal Server Error   | Generic server error                                   |
| 501         | Not Implemented         | Endpoint or method not supported                       |
| 503         | Service Unavailable     | Server is down or overloaded                           |
Documentation 9 months ago
			`\| Method \| REST Purpose \| Idempotent \| Safe \| Example \| Typical Response Codes \|`
			`\|---------\|----------------------------\|------------\|-------\|------------------------------\|--------------------------------------------------------\|`
			\| GET \| Retrieve a collection \| ✔ Yes \| ✔ Yes \| `GET /users` \| 200 OK, 204 No Content, 304 Not Modified \|
			\| GET \| Retrieve a single resource \| ✔ Yes \| ✔ Yes \| `GET /users/123` \| 200 OK, 404 Not Found, 304 Not Modified \|
			\| POST \| Create a new resource \| ✖ No \| ✖ No \| `POST /users` \| 201 Created, 400 Bad Request, 409 Conflict \|
			\| PUT \| Replace a resource \| ✔ Yes \| ✖ No \| `PUT /users/123` \| 200 OK, 204 No Content, 400 Bad Request, 404 Not Found \|
			\| PATCH \| Update part of a resource \| ✖ No \| ✖ No \| `PATCH /users/123` \| 200 OK, 204 No Content, 400 Bad Request, 404 Not Found \|
			\| DELETE \| Remove a resource \| ✔ Yes \| ✖ No \| `DELETE /users/123` \| 204 No Content, 404 Not Found \|
			\| HEAD \| Retrieve headers only \| ✔ Yes \| ✔ Yes \| `HEAD /users/123` \| 200 OK, 404 Not Found \|
			\| OPTIONS \| Discover allowed methods \| ✔ Yes \| ✔ Yes \| `OPTIONS /users` \| 204 No Content, 405 Method Not Allowed \|

			`Typical Status codes to watch for:`
			`- 401 Unauthorized`
			`- 403 Forbidden`
			`- 500 Server Error`

			`\| Status Code \| Text Description \| Typical REST Usage \|`
			`\|-------------\|-------------------------\|--------------------------------------------------------\|`
			`\| 200 \| OK \| Successful GET, PUT, or DELETE request \|`
			`\| 201 \| Created \| Resource successfully created (e.g., POST) \|`
			`\| 202 \| Accepted \| Request accepted for processing (async operations) \|`
			`\| 204 \| No Content \| Successful request with no response body (e.g., DELETE)\|`
			`\| 301 \| Moved Permanently \| Resource has moved (rare in REST APIs) \|`
			`\| 302 \| Found \| Temporary redirect (often avoided in APIs) \|`
			`\| 304 \| Not Modified \| Used with caching headers like ETag \|`
			`\| 400 \| Bad Request \| Malformed request, missing parameters, etc. \|`
			`\| 401 \| Unauthorized \| Authentication required or failed \|`
			`\| 403 \| Forbidden \| Authenticated but not authorized \|`
			`\| 404 \| Not Found \| Resource not found \|`
			`\| 405 \| Method Not Allowed \| HTTP method not supported for this endpoint \|`
			`\| 409 \| Conflict \| Request conflicts with current state (e.g., duplicate) \|`
			`\| 410 \| Gone \| Resource no longer available \|`
			`\| 415 \| Unsupported Media Type \| Content-Type not supported (e.g., expecting JSON) \|`
			`\| 422 \| Unprocessable Entity \| Validation error (common in POST/PUT with payloads) \|`
			`\| 429 \| Too Many Requests \| Rate limiting exceeded \|`
			`\| 500 \| Internal Server Error \| Generic server error \|`
			`\| 501 \| Not Implemented \| Endpoint or method not supported \|`
			`\| 503 \| Service Unavailable \| Server is down or overloaded \|`