Best Practices for Naming REST API URIs
External
- REST API Design Rulebook by Mark Masse, O'Reilly, Chapter 2. Identifier Design with URIs.
Internal
Overview
REST APIs use Uniform Resource Identifiers (URIs) to address resources.
General URI Rules
Use Forward Slash to Indicate a Hierarchical Relationship
The forward slash (/) character is used in the path portion of the URI to indicate a hierarchical relationship between resources. Also see Resource Modeling below.
Example:
http:://api.canvas.restapi.org/shapes/polygons/quadrilaterals/squares
A Trailing Forward Slash Should Not Be Included in URIs
Every character within a URI counts towards a resource's unique identity. If the URIs differ, then so do the resources, and vice-versa. Even if the REST API implementation discards the trailing forward slashes, the definition of the REST API must communicate clean URIs. For example, an API implementation may redirect clients that use a forward slash to the URI without forward slash using a HTTP 301 response code.
Separate Words with Hyphens
When a REST API URI contains multiple words in a path segment, separate the words with hyphens. It's a good way to make the URI easier to read and is a universal method that everyone can understand. It's generally accepted that a hyphen is clearer and more user-friendly than underscores (first_name) or camel case (firstName), which is discouraged due to its use of capital letters.
Do Not Use Underscores
One practical reason is that the underscored may get partially obscured in the UIs that render clickable URIs, depending on the fonts that are used. To avoid this, use hyphens to separate words.
Prefer Lowercase Letters
The URIs are case-sensitive, except for the scheme and host components.
Lowercase is preferred, if practical, because capital letters can sometimes cause problems.
File Extensions Should Not Be Included in URIs
A REST API should not include artificial file extensions in URIs to indicate the format of a message's entity body. Instead, they should rely on media type, as communicated through the Content-Type header.
Authority Rules
APIs Should Use Consistent Subdomain Names
The top-level domain and first subdomain name (example: accounting.example.com) should identity the service owner. The full domain name of an API should add a subdomain named "api": api.accounting.example.com.
Developer Portal Names
Many REST APIs have an associated website, known as developer portal, to help on-board new clients with documentation, etc. Conventionally it is named using the "developer" subdomain: developer.accounting.example.com.
Resource Modeling Rules
The URI path conveys a REST API's resource model, which each forward slash separated path segment corresponding to a unique resource within the model hierarchy. Resource modeling establishes the key API's concepts, and it is similar to data modeling in a relational database or class hierarchy modeling in an object-oriented system. Assigning meaningful values for each path segment helps to communicate the hierarchical structure of the REST API resource model. Each path element corresponds to one of the four resource archetypes described below.
For example in this URI http:://api.directory.exmaple.com/departments/marketing/teams/{id}, each of the path elements identifies an addressable resource:
http:://api.directory.exmaple.com/departments/marketing/teams http:://api.directory.exmaple.com/departments/marketing http:://api.directory.exmaple.com/departments http:://api.directory.exmaple.com
Resource Archetypes
It is useful to assign every resource modeled in a system to one of four archetypes: document, collection, store and controller. Resist the temptation to design resources as hybrids of more than one archetypes. If that situation arises, consider designing separate resources that are either part of a hierarchy, or in relationships, modeled as links.
Document
A document resource models a singular concept in the system exposed by the REST API, similar conceptually with an object instance in an object-oriented system. A document's state includes fields with values, and links to related resources, modeling the relationships that exist between instances. The following URIs identifies a document resource:
http:://api.directory.exmaple.com/departments/marketing/teams/advertising http:://api.directory.exmaple.com/departments/marketing
A document may have child resources that represent different subordinate concepts.
Collection
A collection is a system-managed directory of resources. Clients may propose new resources to be added to the collection, but it is up to the collection resource to decide whether a new resource is created or not. The collection chooses what it wants to contain, and also decides the URI of each contained resource. The following URIs represent collections:
http:://api.directory.exmaple.com/departments/marketing/teams http:://api.directory.exmaple.com/departments
Store
A store is a client-managed resource repository. A store resource lets the client put resources in, via API calls, to get them back out and delete them when the client wishes. On their own, stores do not create new resources. Therefore, a store never generates new URIs. Instead, each stored resource has a URI that was chosen by the client when it was initially put in the store.
An example of a request initiated by a user ("1122") to insert a document resources name "chocolate" in the user's store of "favorites":
PUT /users/1122/favorites/chocolate
Controller
A controller resource models a procedural concept that goes beyond those that can be modeled with HTTP operations GET, POST, PUT, PATCH, DELETE, etc. Controller resources are similar to executable functions, with parameters and return values. The REST API relies on controller resources to perform application-specific actions that cannot be mapped onto CRUD operation. Controller names typically appear as the last segment in a URI path, with no child resources to follow them in the hierarchy.
POST /alerts/245743/resend
Use Nouns to Name Resources
A REST API endpoint has a URL at which it can be accessed: https://example.com. Subdirectories of the URL denote different resources, which are accessed with URIs.
In general, URIs should be named with nouns that specify the content of the resource, rather than using a verb for the function performed. This is because CRUD operations should already be specified in the HTTP request.
Example:
https://example.com/users
https:://example.com/users/{id}
Prefer Plural
In general, you should name the URIs that return collections using plural. The URIs that return an individual element will use the same prefix and an additional path qualifier, usually an ID, to designate the specific element.