How I understand REST API / HTTP

Tay Bencardino
3 min readOct 4, 2022

A REST API is a set of HTTP-based standards that control how different applications communicate with one another.

When we interact with an application on the internet, it is the API’s job to help communicate what you want to the system so that the server can understand and fulfil your request.

A REST API works by manipulating resources and representations. These representations are exchanged between users and servers through a standardized interface and a specific communication protocol — usually HTTP.

So, when a user wants to use application functionality, his device sends a request via HTTP to the server. The server locates the resource and communicates the representation of its state in response to the user over the same protocol. And these representations can be made in different formats.

There are four primary methods, which are also referred to as CRUD operations:

  • POST: Create a record.
  • GET: Read a record.
  • PUT: Update a record.
  • DELETE: Delete a record.
Using Excalidraw to understand what is going on

Some HTTP response status codes I have seen so far:

  • Successful responses: 200–299

200 OK: The request succeeded.
201 Created: The request succeeded, and a new resource was created. This is typically the response sent after POST requests or some PUT requests.
204 No content: There is no content to send for this request, but the headers may be helpful. The user agent may update its cached headers for this resource with the new ones.

  • Redirection Messages: 300–399

301 Moved Permanently: The URL of the requested resource has been changed permanently. The new URL is given in the response.

  • Client error responses: 400–499

400 Bad Request: The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).
401 Unauthorized: Although the HTTP standard specifies “unauthorized”, semantically, this response means “unauthenticated”. That is, the client must authenticate itself to get the requested response.
403 Forbidden: The client does not have access rights to the content; that is, it is unauthorized, so the server refuses to give the requested resource. Unlike 401 Unauthorized, the client’s identity is known to the server.
404 Not Found: The server can not find the requested resource. In the browser, this means the URL is not recognized. This can also mean that the endpoint is valid in an API, but the resource does not exist.

  • Server error responses: 500–599

500 Internal Server Error: The server has encountered a situation it does not know how to handle. (It is probably a mistake in the code😅)

The REST architectural style represents a specific set of principles that characterize a RESTful API if applied in the development of a web application.

By indicating a Representational State Transfer, the REST architecture allows users access, organization and connection to the application services on the internet, especially those based on the cloud (cloud servers).

The restrictions listed by the REST style indicate essential benefits for developing applications and systems. After all, they result in greater flexibility, lower bandwidth consumption, more security and standardization of protocols. Thus, REST and RESTful technologies tend to grow even more in the future, becoming the most popular standards for these functions.