REST (Representational State Transfer) is a set of conventions for designing web APIs.

Core idea: resources

A REST API is organized around resources:

• /users/users
• /posts/posts
• /orders/orders

You use HTTP methods to operate on them:

• GET /users/users → list users
• GET /users/1/users/1 → get one user
• POST /users/users → create user
• PUT/PATCH /users/1/users/1 → update
• DELETE /users/1/users/1 → delete

Status codes matter

• 200 OK — success
• 201 Created — created successfully
• 400 Bad Request — invalid request data
• 401 Unauthorized — missing/invalid auth
• 403 Forbidden — authenticated but not allowed
• 404 Not Found — resource doesn’t exist

Statelessness

REST APIs are typically stateless:

• every request contains everything needed (auth token, parameters)

That’s why token-based auth (JWT) is common.

A good REST mental model

  flowchart LR
  Client -->|HTTP + JSON| API[Flask API]
  API -->|ORM| DB[(Database)]
  DB --> API
  API -->|JSON + status| Client

Practical tip

REST is a guideline, not a law.

Aim for:

• consistency
• clear error responses
• predictable URLs

🧪 Try It Yourself

Exercise 1 – Create a Flask App

Exercise 2 – Dynamic Route

Exercise 3 – Return JSON