
REST stands for Representational State Transfer. It's an architectural style for designing networked applications, particularly web services, and is used as a standard for creating APIs (Application Programming Interfaces).

In a REST API (or RESTful API), REST is used to structure interactions between a client (like a web browser or mobile app) and a server. Here’s a breakdown of its main principles and features:

# Key Principles of REST:

1. **Statelessness:** Each request from the client to the server must contain all the information needed to understand and process the request. The server doesn't store any state about the client session on its side, so each call is independent.
2. **Client-Server Architecture:** REST enforces a separation of concerns, where the client (user interface) and server (database/storage) are kept separate. This allows each to be developed independently.
3. **Uniform Interface:** REST uses standard methods and conventions, often based on HTTP, for communication. The common HTTP methods include:
GET: Retrieve data
POST: Create new resources
PUT or PATCH: Update existing resources
DELETE: Remove resources
4. **Layered System:** REST allows for multiple layers in the architecture, such as load balancers, caching layers, or security gateways, which don’t affect the client-server interaction.
5. **Cacheability:** Responses from the server can be explicitly marked as cacheable or non-cacheable, allowing clients to reuse responses for later, improving efficiency and reducing load on the server.
6. **Representation of Resources:** Resources (data or information) are identified by URLs and are represented in a format such as JSON or XML, which the client can understand.

# Termonologies

1. Resource
- **Definition**: A resource represents any object or data that can be accessed and manipulated through the API. Resources are central to REST APIs.
- **Form**: Resources are identified by Uniform Resource Identifiers (URIs) or URLs, often structured as /resource-name.
- **Content**: Resources contain data, which is usually represented in JSON or XML format. For example, a resource called /users might represent user data with attributes like id, name, email, etc.

2. Endpoint
- **Definition**: An endpoint is a specific URL that clients use to access resources and interact with the API. Each endpoint corresponds to a specific resource or function.
- **Form**: Endpoints are URLs, typically based on a root URL followed by resource paths, e.g., https://api.example.com/users.
- **Content**: Endpoints specify paths to resources and can contain query parameters to filter, sort, or paginate data (e.g., https://api.example.com/users?age=30&sort=name).

3. HTTP Methods
- **Definition**: HTTP methods (also called verbs) define the action to perform on a resource.
- **Form**: The main HTTP methods used in REST are:
    - **GET**: Retrieve a resource.
    - **POST**: Create a new resource.
    - **PUT or PATCH**: Update an existing resource (PUT replaces the entire resource; PATCH updates parts of it).
    - **DELETE**: Remove a resource.
- **Content**: HTTP methods, along with the endpoint, instruct the server on what action to take for a request.

4. Request
- **Definition**: A request is a message sent from the client to the server to interact with resources.
- **Form**: Consists of an HTTP method, a URL (endpoint), headers, and sometimes a body.
- **Content**:
    - **Headers**: Include metadata like Content-Type, Authorization, User-Agent, etc.
    - **Body**: Typically in JSON or XML format, it contains the data to be sent for actions like POST or PUT.
5. Response
- **Definition**: A response is the server’s reply to a client’s request.
- **Form**: A response includes a status code, headers, and often a body.
- **Content**:
    - **Status Code**: Indicates the result of the request (e.g., 200 OK, 404 Not Found, 500 Internal Server Error).
    - **Headers**: Include metadata about the response, like Content-Type, Cache-Control.
    - **Body**: Contains the requested data, error message, or confirmation, usually in JSON format.

6. Status Code
- **Definition**: Status codes are numerical codes that indicate the result of a request.
- **Form**: They follow the HTTP standard and are divided into categories:
    - **2xx**: Success (e.g., 200 OK, 201 Created)
    - **3xx**: Redirection (e.g., 301 Moved Permanently)
    - **4xx**: Client Error (e.g., 400 Bad Request, 404 Not Found)
    - **5xx**: Server Error (e.g., 500 Internal Server Error).
- **Content**: Status codes communicate the outcome and sometimes additional error or success information in the response body.

7. Headers
- **Definition**: Headers provide metadata about the request or response.
- **Form**: Headers are key-value pairs and include items like Content-Type, Authorization, Accept, etc.
- **Content**:
    - **Request Headers**: Information about the request, like Authorization for access tokens, Content-Type for body data format.
    - **Response Headers**: Information about the response, like Content-Type, ETag for caching, RateLimit for API rate limits.

8. Query Parameters
- **Definition**: Query parameters modify or filter a request.
- **Form**: Appended to the endpoint URL in the format ?key=value&key2=value2.
- **Content**: Commonly used for:
    - **Filtering**: ?status=active
    - **Sorting**: ?sort=name
    - **Pagination**: ?page=2&limit=10

9. Body
- **Definition**: The body is the part of a request or response that contains data.
- **Form**: Typically in JSON or XML format.
- **Content**:
    - **Request Body**: Used with POST or PUT requests to send data to the server (e.g., new user data).
    - **Response Body**: Contains the server’s response data, such as the requested resource or error details.

10. Authentication & Authorization
- **Definition**: Authentication verifies the user’s identity, and authorization checks permissions for resources.
- **Form**: Typically involves headers like Authorization containing tokens, API keys, or session data.
- **Content**: Common authentication methods include:
    - Bearer Tokens (OAuth)
    - API Keys
    - Basic Auth (username and password encoded in base64)

11. Rate Limiting
- **Definition**: Rate limiting restricts the number of API requests allowed within a certain time frame.
- **Form**: Typically defined by headers like RateLimit-Limit, RateLimit-Remaining, and RateLimit-Reset.
- **Content**: Limits requests per hour, minute, or second to prevent abuse or overloading the API.

12. Versioning
- **Definition**: Versioning allows updates to the API without breaking existing integrations.
- **Form**: Can be specified in the URL (e.g., api.example.com/v1/resource) or in headers.
- **Content**: Indicates which version of the API is being used, allowing changes over time while supporting older versions.

13. Error Handling
- **Definition**: Mechanisms to handle and inform clients about errors that occur during API interactions.
- **Form**: Error codes (HTTP status codes), error messages, and sometimes error objects in the response.
- **Content**: Errors may include details about what went wrong and, in some cases, suggested solutions.