Building an API is easy. Building a good API is remarkably difficult. REST (REpresentational State Transfer) is a globally agreed-upon architectural design pattern. Following REST principles ensures that any developer in the world can intuitively guess how to interact with your codebase without reading a hundred-page manual.
For an API to be considered truly "RESTful," it must adhere to strict architectural rules. The most critical include:
Endpoints should be modeled as Nouns (Resources) in their plural form. They should NEVER contain verbs (Actions).
| Operation | ❌ Bad (Non-RESTful) | ✅ Good (RESTful) |
|---|---|---|
| Get all users | GET /api/Users/GetAll | GET /api/users |
| Get user #4 | GET /api/Users/GetUserById?id=4 | GET /api/users/4 |
| Delete user #4 | POST /api/Users/Delete/4 | DELETE /api/users/4 |
| Get articles for user #4 | GET /api/Articles/GetUser4 | GET /api/users/4/articles |
In a true REST API, the action you wish to perform isn't in the URL; it relies entirely on the HTTP Method (Verb) used in the network request.
Retrieves data. A GET request must be Idempotent and Safe. It should never alter the database. Running the same GET request 1,000 times must not change the server state.
[HttpGet("{id}")]
public IActionResult GetProduct(int id) { ... }Creates a brand new resource. It is NOT idempotent. If you send a POST request 5 times, it creates 5 new distinct rows in your database.
[HttpPost]
public IActionResult CreateProduct([FromBody] ProductDto product) { ... }Replaces an existing resource entirely. It is Idempotent. If you send a PUT request 5 times, it overwrites the exact same data 5 times, leaving the server in the exact same state.
[HttpPut("{id}")]
public IActionResult UpdateProduct(int id, [FromBody] ProductDto updatedProduct) { ... }Modifies only specific fields of a resource (e.g., just updating a user's phone number without transmitting the entire user object). Usually implemented using JSON Patch.
Removes a resource. Also idempotent; once a record is deleted, subsequent DELETE calls to it simply return a 404 (or 204 No Content).
Q: "What is the precise difference between PUT and POST in REST APIs?"
Architect Answer: "The primary difference lies in Idempotency. POST is used to create a new subordinate resource; the server determines the new URI (e.g., auto-incrementing the ID in the database). Because it is not idempotent, firing the same POST request multiple times creates multiple duplicate records. PUT, however, is idempotent. It is used to update or replace an existing resource at a specific, known URI (e.g., /api/users/5). Firing the exact same PUT request 100 times will result in the exact same state as firing it once."