一键在 Manus 中运行任何 Skill

api-design

REST API design principles and best practices. Use when designing API endpoints, request/response schemas, versioning, error formats, or reviewing API design.

在 Manus 中运行

概览

REST API design principles and best practices. Use when designing API endpoints, request/response schemas, versioning, error formats, or reviewing API design.

安装命令

npx skills add https://github.com/cohen-liel/hivemind --skill api-design

复制此命令并粘贴到 Claude Code 中以安装该技能

来源

cohen-liel/hivemind

星标97

分支13

更新时间2026年3月17日 16:33

SKILL.md

readonly

name	api-design
description	REST API design principles and best practices. Use when designing API endpoints, request/response schemas, versioning, error formats, or reviewing API design.

REST API Design Patterns

URL Structure

# Resources (nouns, plural, lowercase-kebab)
GET    /api/v1/users           # List users
POST   /api/v1/users           # Create user
GET    /api/v1/users/{id}      # Get user
PUT    /api/v1/users/{id}      # Replace user
PATCH  /api/v1/users/{id}      # Update user partially
DELETE /api/v1/users/{id}      # Delete user

# Nested resources
GET    /api/v1/users/{id}/posts        # User's posts
POST   /api/v1/users/{id}/posts        # Create post for user

# Actions (when CRUD doesn't fit)
POST   /api/v1/users/{id}/activate
POST   /api/v1/auth/login
POST   /api/v1/auth/logout
POST   /api/v1/auth/refresh

# Search / filtering
GET    /api/v1/posts?status=published&author=123&sort=-created_at&page=2&limit=20

Status Codes

200 OK              — GET/PATCH/PUT success with body
201 Created         — POST success (include Location header)
204 No Content      — DELETE success
400 Bad Request     — Invalid input (validation error)
401 Unauthorized    — Not authenticated (no/invalid token)
403 Forbidden       — Authenticated but not allowed
404 Not Found       — Resource doesn't exist
409 Conflict        — Duplicate email, version conflict
422 Unprocessable   — Semantically invalid (used by FastAPI for validation)
429 Too Many Reqs   — Rate limit exceeded
500 Server Error    — Unexpected error (never expose details)

Request / Response Format

// List response with pagination
{
  "data": [...],
  "pagination": {
    "total": 248,
    "page": 2,
    "limit": 20,
    "has_next": true
  }
}

// Single resource
{
  "data": { "id": 1, "email": "user@example.com", "name": "Alice" }
}

// Error response (consistent across ALL endpoints)
{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid input",
    "details": [
      { "field": "email", "message": "Invalid email format" },
      { "field": "password", "message": "Must be at least 8 characters" }
    ]
  }
}

Filtering & Pagination

# Filtering
GET /posts?status=published&tag=python&author_id=123

# Sorting (- prefix for DESC)
GET /posts?sort=-created_at,title

# Pagination
GET /posts?page=2&limit=20

# Field selection (reduce payload)
GET /users?fields=id,name,email

# Search
GET /posts?q=fastapi+tutorial

Versioning

# URL path versioning (simplest, most visible)
/api/v1/users
/api/v2/users

# When to version: breaking changes only
# Non-breaking changes (adding fields, new endpoints) = no new version needed

Response Headers

Content-Type: application/json
X-Request-ID: uuid  # For distributed tracing
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 87
X-RateLimit-Reset: 1711234567
Location: /api/v1/users/123  # After POST 201

Rules

Use nouns for resources, verbs only for actions
Be consistent: same error format everywhere
Always version the API
Never expose internal IDs in public APIs (use UUIDs or slugs)
Include created_at/updated_at in all resource responses
Use ISO 8601 for all dates: 2024-03-15T10:30:00Z
Paginate ALL list endpoints (even if only 10 items now)
Document with OpenAPI/Swagger (FastAPI auto-generates this)
Make POST idempotent with client-provided idempotency keys for payments

同仓库更多 Skills

同仓库

async-python

cohen-liel/hivemind

Python asyncio patterns for high-performance async code. Use when writing async functions, managing concurrency, working with aiohttp, asyncpg, or any async I/O in Python.

2026-03-1797

celery-tasks

cohen-liel/hivemind

Celery background task patterns for Python apps. Use when implementing background jobs, scheduled tasks, email sending, image processing, or any async work that shouldn't block a web request.

2026-03-1797

docker-deployment

cohen-liel/hivemind

Docker, docker-compose, and deployment configuration best practices. Use when writing Dockerfiles, docker-compose.yml, CI/CD configs, or setting up any containerized deployment.

2026-03-1797

e2e-testing

cohen-liel/hivemind

End-to-end testing patterns with Playwright. Use when writing browser automation tests, integration tests, testing user flows, or setting up E2E test suites.

2026-03-1797

email-service

cohen-liel/hivemind

Email sending patterns for transactional and marketing emails. Use when implementing email sending, templates, SMTP configuration, or email services like SendGrid, Resend, or Mailgun.

2026-03-1797

fastapi-backend

cohen-liel/hivemind

FastAPI best practices for building production Python backends. Use when building REST APIs, async endpoints, Pydantic models, dependency injection, middleware, or any FastAPI server.

2026-03-1797

来源

cohen-liel

cohen-liel/hivemind

打开 GitHub 仓库查看创作者相关仓库

安装命令

下载

在 Manus 中运行

适用职业SOC

软件开发工程师计算机与数学类职业15-1252L4

name	api-design
description	REST API design principles and best practices. Use when designing API endpoints, request/response schemas, versioning, error formats, or reviewing API design.

REST API Design Patterns

URL Structure

# Resources (nouns, plural, lowercase-kebab)
GET    /api/v1/users           # List users
POST   /api/v1/users           # Create user
GET    /api/v1/users/{id}      # Get user
PUT    /api/v1/users/{id}      # Replace user
PATCH  /api/v1/users/{id}      # Update user partially
DELETE /api/v1/users/{id}      # Delete user

# Nested resources
GET    /api/v1/users/{id}/posts        # User's posts
POST   /api/v1/users/{id}/posts        # Create post for user

# Actions (when CRUD doesn't fit)
POST   /api/v1/users/{id}/activate
POST   /api/v1/auth/login
POST   /api/v1/auth/logout
POST   /api/v1/auth/refresh

# Search / filtering
GET    /api/v1/posts?status=published&author=123&sort=-created_at&page=2&limit=20

Status Codes

200 OK              — GET/PATCH/PUT success with body
201 Created         — POST success (include Location header)
204 No Content      — DELETE success
400 Bad Request     — Invalid input (validation error)
401 Unauthorized    — Not authenticated (no/invalid token)
403 Forbidden       — Authenticated but not allowed
404 Not Found       — Resource doesn't exist
409 Conflict        — Duplicate email, version conflict
422 Unprocessable   — Semantically invalid (used by FastAPI for validation)
429 Too Many Reqs   — Rate limit exceeded
500 Server Error    — Unexpected error (never expose details)

Request / Response Format

// List response with pagination
{
  "data": [...],
  "pagination": {
    "total": 248,
    "page": 2,
    "limit": 20,
    "has_next": true
  }
}

// Single resource
{
  "data": { "id": 1, "email": "user@example.com", "name": "Alice" }
}

// Error response (consistent across ALL endpoints)
{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid input",
    "details": [
      { "field": "email", "message": "Invalid email format" },
      { "field": "password", "message": "Must be at least 8 characters" }
    ]
  }
}

Filtering & Pagination

# Filtering
GET /posts?status=published&tag=python&author_id=123

# Sorting (- prefix for DESC)
GET /posts?sort=-created_at,title

# Pagination
GET /posts?page=2&limit=20

# Field selection (reduce payload)
GET /users?fields=id,name,email

# Search
GET /posts?q=fastapi+tutorial

Versioning

# URL path versioning (simplest, most visible)
/api/v1/users
/api/v2/users

# When to version: breaking changes only
# Non-breaking changes (adding fields, new endpoints) = no new version needed

Response Headers

Content-Type: application/json
X-Request-ID: uuid  # For distributed tracing
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 87
X-RateLimit-Reset: 1711234567
Location: /api/v1/users/123  # After POST 201

Rules

Use nouns for resources, verbs only for actions
Be consistent: same error format everywhere
Always version the API
Never expose internal IDs in public APIs (use UUIDs or slugs)
Include created_at/updated_at in all resource responses
Use ISO 8601 for all dates: 2024-03-15T10:30:00Z
Paginate ALL list endpoints (even if only 10 items now)
Document with OpenAPI/Swagger (FastAPI auto-generates this)
Make POST idempotent with client-provided idempotency keys for payments