Skip to main content
Career Paths
Concepts
Api Design
The Simplified Tech

Role-based learning paths to help you master cloud engineering with clarity and confidence.

Product

  • Career Paths
  • Interview Prep
  • Scenarios
  • AI Features
  • Cloud Comparison
  • Resume Builder
  • Pricing

Community

  • Join Discord

Account

  • Dashboard
  • Credits
  • Updates
  • Sign in
  • Sign up
  • Contact Support

Stay updated

Get the latest learning tips and updates. No spam, ever.

Terms of ServicePrivacy Policy

© 2026 TheSimplifiedTech. All rights reserved.

BackBack
Interactive Explainer

API Design Patterns

Versioning, error payloads, pagination, filtering, and idempotency keys for consistent and maintainable APIs.

API Design Patterns

Versioning, error payloads, pagination, filtering, and idempotency keys for consistent and maintainable APIs.

~2 min read
Be the first to complete!

Lesson outline

Versioning

APIs evolve: you add fields, change behavior, or remove endpoints. Versioning lets clients keep working while you ship changes. URL versioning (/v1/users, /v2/users) is common and easy to read. Header versioning (Accept: application/vnd.api+v2+json) keeps URLs clean but is less visible. Pick one and stick with it.

When you release v2, keep v1 supported for a deprecation period and document the sunset date. Do not break v1; add new behavior in v2 or new endpoints.

Error payloads

Return errors in a consistent structure. Example: { "error": { "code": "VALIDATION_ERROR", "message": "Invalid email", "details": [{ "field": "email", "message": "Must be a valid email" }] } }. Use code for machine-readable handling and message for humans. details can hold field-level validation errors.

Map to status codes: validation → 400, not found → 404, auth → 401, forbidden → 403, conflict → 409, server error → 500. Never leak stack traces or internal paths to the client.

Pagination

List endpoints (GET /users) must paginate to avoid returning millions of rows. Offset-based: ?page=2&limit=20 maps to LIMIT 20 OFFSET 20. Simple but slow on large offsets (the DB still scans skipped rows). Cursor-based: ?cursor=abc123&limit=20 returns the next 20 after that cursor (e.g. created_at or an opaque token). More efficient and stable when data changes between requests.

Include metadata in the response: next_cursor, has_more, or total_count (if cheap). Document the pagination contract so clients know how to iterate.

Filtering and sorting

Let clients filter: ?status=active&role=admin. Map to WHERE clauses; validate and whitelist allowed params to avoid injection. Sorting: ?sort=created_at&order=desc. Limit sort keys to indexed columns when possible so queries stay fast.

Use consistent names (e.g. snake_case or camelCase) and document which query params each endpoint supports. Avoid over-flexible "query everything" APIs that make indexing and security hard.

Idempotency keys

For POST (and sometimes PUT/PATCH) that have side effects (payments, orders), clients may retry. Accept Idempotency-Key with a unique value (e.g. a UUID) in the header. Store the key with the result; if the same key is sent again within a window (e.g. 24 hours), return the stored result without re-executing. This prevents duplicate charges or duplicate orders.

Generate keys on the client (UUID or similar). The server only needs to store key → response (and optionally key → request) for the retention window.

Ready to see how this works in the cloud?

Switch to Career Paths for structured paths (e.g. Developer, DevOps) and provider-specific lessons.

View role-based paths

Sign in to track your progress and mark lessons complete.

Discussion

Questions? Discuss in the community or start a thread below.

Join Discord

In-app Q&A

Sign in to start or join a thread.