Most teams say “REST API” when they really mean “HTTP + JSON,” but REST is actually a named architectural style with specific constraints and goals. Understanding those constraints is what lets you decide when REST is a good fit, when it isn’t, and how to design cleaner APIs.
Quick take: REST is a style Roy Fielding described for distributed hypermedia systems; when you apply its constraints intentionally over HTTP, you get APIs that are easier to scale, cache, evolve, and integrate—but only if you respect its trade‑offs.
What REST actually is (and where it came from)
REST, short for Representational State Transfer, was introduced by Roy Fielding in his PhD dissertation as an architectural style for distributed hypermedia systems like the Web. In that work, he describes how REST emphasizes scalability of component interactions, generality of interfaces, independent deployment, and intermediary components that can enforce security or reduce latency. Fielding’s dissertation on REST and Web architecture.
Fielding derived REST by layering constraints (client–server, stateless, cacheable, uniform interface, layered system, optional code‑on‑demand) and analyzing the properties those constraints induce. That process is documented in his chapter on Representational State Transfer, where he walks through how each constraint supports scalability and evolvability at Web scale.
REST vs “HTTP API”: how they relate
REST is transport‑agnostic in theory, but in practice most RESTful web services are implemented over HTTP because that is the protocol of the Web. HTTP/1.1 defines the semantics of request methods, status codes, and headers; REST applies architectural constraints on how those HTTP interactions should be structured.
In other words, HTTP defines what methods like GET, POST, PUT, and DELETE mean, while REST tells you how to organize resources, representations, and interactions so that the system as a whole is scalable, cacheable, and loosely coupled. You can build non‑RESTful HTTP APIs, and you can theoretically build RESTful systems on other protocols, but HTTP + REST is the dominant combination.
The core REST constraints (and what they mean in code)
Fielding defines REST through a set of constraints; applying them together is what gives REST its characteristic properties. A developer‑focused summary of these constraints is available in resources like the REST API Tutorial’s overview of REST architectural constraints.
Client–server
The client–server constraint separates user interface concerns from data storage and business logic. This improves the portability of the client across platforms and allows independent evolution of the client and server components, which is essential for Internet‑scale systems where different organizations own different components.
Stateless
Statelessness means each request from client to server must contain all of the information necessary to understand and process it, without relying on server‑stored session state. Fielding notes that this constraint supports scalability of component interactions and independent deployment, at the cost of potentially larger request payloads.
In practice, for HTTP APIs, this typically means:
- Authentication sent with each request (e.g., token, cookie) so the server does not need per‑client session objects beyond cacheable data.
- No hidden “server conversation state” required to interpret the next call.
Cacheable
REST requires that responses be implicitly or explicitly labeled as cacheable or non‑cacheable so that clients (and intermediaries) can reuse responses when appropriate. When used over HTTP, this aligns directly with HTTP/1.1 semantics for cache‑related headers and validators like ETag.
Proper caching can reduce latency, decrease server load, and improve perceived performance—especially for read‑heavy or reference data.
Uniform interface
The uniform interface is the defining feature that distinguishes REST from other network‑based styles. Fielding describes it as relying on four constraints: identification of resources, manipulation of resources through representations, self‑descriptive messages, and hypermedia as the engine of application state (HATEOAS).
- Identification of resources: Each resource is identified by a resource identifier (over HTTP, that’s usually a URI).
- Manipulation through representations: Clients manipulate resource state by transferring representations (e.g., JSON documents) to and from the server.
- Self‑descriptive messages: Messages contain enough information to describe how they should be processed (e.g., via media types, headers).
- Hypermedia as the engine of application state: Clients use hypermedia (links, forms) provided in responses to discover actions and navigate state transitions.
Layered system
REST allows clients to interact with an intermediate component (like a cache, proxy, or gateway) as if it were the origin server, enabling load balancing, shared caches, and security intermediaries. This layered system constraint, combined with a uniform interface, is what lets you insert cross‑cutting concerns (monitoring, auth, legacy system encapsulation) without rewriting clients.
Code‑on‑demand (optional)
The optional code‑on‑demand constraint allows servers to extend or customize client functionality by transferring executable code (for example, scripts). Fielding treats this as optional because it reduces visibility but can improve extensibility in some scenarios.
Scalability: how REST helps (and where it doesn’t)
Fielding emphasizes scalability of component interactions as a primary goal of REST. Stateless interactions reduce server‑side session tracking; caching reduces load on origin servers; and a layered system allows intermediaries to handle some responsibilities.
For typical web APIs, this translates into:
- Horizontal scaling: any stateless server instance can handle any authorized request.
- Shared caches: proxies or CDNs can serve cached resources for many clients.
- Independent evolution: teams can deploy new versions of services without simultaneously updating all clients.
REST is not a silver bullet for every scaling problem: if you need low‑latency bidirectional streaming or long‑lived sessions with continuous state synchronization, other approaches (like WebSockets, gRPC streaming, or event‑driven messaging) may be more appropriate.
Interoperability and multiple clients
One of REST’s advantages, according to skasolution.com, is interoperability: a uniform interface and self‑descriptive messages make it easier for independently developed components to interact. Fielding explicitly calls out the generality of interfaces and the independent deployment of components as key design goals.
When implemented over HTTP with standard media types:
- Any client that can speak HTTP and understand the representation format (JSON, XML, etc.) can interact with the API.
- Resource identifiers (URIs) provide a stable, bookmarkable handle for resources that can be used across systems.
JSON has become a de facto choice for many REST implementations because of its ubiquity in web and mobile environments, but REST itself does not mandate JSON; it only requires consistent representations and self‑descriptive messages.
HTTP methods in RESTful APIs: semantics matter
While REST does not require specific methods, HTTP/1.1 defines semantics for common methods (GET, HEAD, POST, PUT, DELETE, etc.), including which methods are safe (read‑only) and which are idempotent. RFC 7231 describes these semantics and the expectations for servers that implement them.
- GET: Transfer a current representation of the target resource; defined as a safe method (no state change expected).
- HEAD: Same as GET but only returns headers; safe.
- POST: Perform resource‑specific processing on the request payload (often used for creating subordinate resources or actions).
- PUT: Replace all current representations of the target resource with the payload; defined as idempotent.
- DELETE: Remove all current representations of the target resource; also defined as idempotent.
Applying REST over HTTP means designing your APIs so that these method semantics (safe, idempotent) line up with your domain operations, which helps with caching, retries, and reasoning about behavior.
Caching and performance in RESTful systems
The cacheable constraint in REST is closely aligned with HTTP’s caching model. RFC 7231 describes how responses can be marked as cacheable or non‑cacheable using status codes and headers (e.g., Cache‑Control, ETag, Last‑Modified), and how intermediaries may store and reuse responses.
For RESTful web services, this allows:
- Shared caches between multiple clients, reducing redundant requests.
- Client‑side caching, which can dramatically improve perceived performance for read‑heavy endpoints.
- Conditional requests (If‑None‑Match, If‑Modified‑Since) to avoid sending full responses when nothing has changed.
When REST is a good fit (and when it isn’t)
REST is a strong fit when you have resource‑centric domains, clear representations, and a need for broad interoperability over HTTP. The style is particularly aligned with systems where you can model your domain in terms of resources, links, and state transitions discovered at runtime through hypermedia.
REST may be a weak fit when:
- You require high‑frequency, low‑latency bidirectional streaming (e.g., real‑time gaming, telemetry).
- Your domain is action‑heavy rather than resource‑heavy, leading to awkward overloading of POST for everything.
- You need strong schema contracts and code‑generated clients across many languages, in which case something like gRPC might be more appropriate.
Implementation checklist for RESTful web services
- Model your domain in terms of resources and relationships (URIs and links).
- Decide which REST constraints you will apply and where (statelessness, caching, layering).
- Align HTTP method semantics (safe, idempotent) with your operations according to RFC 7231.
- Choose representation formats (e.g., JSON) and define media types and versioning strategy.
- Design responses to be self‑descriptive and, where appropriate, hypermedia‑driven.
- Plan for caching, conditional requests, and intermediaries (CDNs, API gateways).
FAQ
Is a JSON‑over‑HTTP API automatically RESTful?
No. REST is defined by a set of constraints (client–server, stateless, cacheable, uniform interface, layered system, optional code‑on‑demand), not by using JSON or HTTP alone. An HTTP JSON API that ignores things like proper use of HTTP methods or self‑descriptive messages may not satisfy REST’s constraints.
Why does REST care so much about a uniform interface?
Fielding emphasizes the uniform interface because it increases visibility, simplifies the architecture, and decouples implementations from services. A consistent interface allows clients and intermediaries to interact with different resources and servers without custom coupling.
Do I have to implement HATEOAS to be RESTful?
In Fielding’s original definition, hypermedia as the engine of application state is one of the interface constraints of REST, so omitting it means you are not fully applying the style. Many “pragmatic REST” APIs skip HATEOAS in exchange for simpler client implementations, but that is a trade‑off.
Can I use REST over protocols other than HTTP?
Yes in theory, because REST is an architectural style, not a protocol specification. However, Fielding’s work applied it specifically to the modern Web and HTTP, and most available tooling assumes HTTP as the transport.
How is REST different from RPC or SOAP?
REST emphasizes a uniform interface, resource identification, self‑descriptive messages, and hypermedia‑driven state transitions, while RPC and SOAP often expose operation‑centric interfaces with tighter coupling to specific procedures or message formats. This difference affects evolvability, caching, and intermediary support.
💬 Comments