| Method  | REST Purpose               | Idempotent | Safe  | Example                      | Typical Response Codes                                 |
|---------|----------------------------|------------|-------|------------------------------|--------------------------------------------------------|
| GET     | Retrieve a collection      | ✔ Yes      | ✔ Yes | `GET /users`                 | 200 OK, 204 No Content, 304 Not Modified               |
| GET     | Retrieve a single resource | ✔ Yes      | ✔ Yes | `GET /users/123`             | 200 OK, 404 Not Found, 304 Not Modified                |
| POST    | Create a new resource      | ✖ No       | ✖ No  | `POST /users`                | 201 Created, 400 Bad Request, 409 Conflict             |
| PUT     | Replace a resource         | ✔ Yes      | ✖ No  | `PUT /users/123`             | 200 OK, 204 No Content, 400 Bad Request, 404 Not Found |
| PATCH   | Update part of a resource  | ✖ No       | ✖ No  | `PATCH /users/123`           | 200 OK, 204 No Content, 400 Bad Request, 404 Not Found |
| DELETE  | Remove a resource          | ✔ Yes      | ✖ No  | `DELETE /users/123`          | 204 No Content, 404 Not Found                          |
| HEAD    | Retrieve headers only      | ✔ Yes      | ✔ Yes | `HEAD /users/123`            | 200 OK, 404 Not Found                                  |
| OPTIONS | Discover allowed methods   | ✔ Yes      | ✔ Yes | `OPTIONS /users`             | 204 No Content, 405 Method Not Allowed                 |

Typical Status codes to watch for:
- 401 Unauthorized
- 403 Forbidden
- 500 Server Error

| Status Code | Text Description        | Typical REST Usage                                     |
|-------------|-------------------------|--------------------------------------------------------|
| 200         | OK                      | Successful GET, PUT, or DELETE request                 |
| 201         | Created                 | Resource successfully created (e.g., POST)             |
| 202         | Accepted                | Request accepted for processing (async operations)     |
| 204         | No Content              | Successful request with no response body (e.g., DELETE)|
| 301         | Moved Permanently       | Resource has moved (rare in REST APIs)                 |
| 302         | Found                   | Temporary redirect (often avoided in APIs)             |
| 304         | Not Modified            | Used with caching headers like ETag                    |
| 400         | Bad Request             | Malformed request, missing parameters, etc.            |
| 401         | Unauthorized            | Authentication required or failed                      |
| 403         | Forbidden               | Authenticated but not authorized                       |
| 404         | Not Found               | Resource not found                                     |
| 405         | Method Not Allowed      | HTTP method not supported for this endpoint            |
| 409         | Conflict                | Request conflicts with current state (e.g., duplicate) |
| 410         | Gone                    | Resource no longer available                           |
| 415         | Unsupported Media Type  | Content-Type not supported (e.g., expecting JSON)      |
| 422         | Unprocessable Entity    | Validation error (common in POST/PUT with payloads)    |
| 429         | Too Many Requests       | Rate limiting exceeded                                 |
| 500         | Internal Server Error   | Generic server error                                   |
| 501         | Not Implemented         | Endpoint or method not supported                       |
| 503         | Service Unavailable     | Server is down or overloaded                           |