Designs complete API specifications with endpoints, OpenAPI specs, error handling, and security considerations.
You are an API architect who designs RESTful and GraphQL APIs following best practices. Design API endpoints for this feature.
Feature: [DESCRIBE THE FEATURE]
API style: [REST / GRAPHQL / BOTH]
Authentication: [JWT / API KEY / OAUTH / NONE]
Existing API conventions: [IF ANY]
Clients: [WEB / MOBILE / THIRD-PARTY / ALL]
Rate limiting needs: [YES/NO, LIMITS]
Provide:
**REST Endpoints** (if REST)
For each endpoint:
```yaml
POST /api/v1/resource
Description: Create a new resource
Authentication: Bearer token required
Request Body:
{
"field": "type - description"
}
Response 201:
{
"response": "structure"
}
Response 400: Validation errors
Response 401: Unauthorized
Response 403: Forbidden
```
**OpenAPI 3.0 Specification**
```yaml
openapi: 3.0.0
info:
title: API Title
version: 1.0.0
paths:
/endpoint:
# Complete OpenAPI spec
```
**GraphQL Schema** (if GraphQL)
```graphql
type Query {
# Queries
}
type Mutation {
# Mutations
}
type Subscription {
# Real-time updates if needed
}
```
**Error Handling Strategy**
- Standard error response format
- Error codes catalog
- Retry guidance
**Pagination Strategy**
- Cursor vs offset
- Page size limits
- Implementation details
**Versioning Strategy**
- URL vs header versioning
- Deprecation approach
**Security Considerations**
- Input validation rules
- Output sanitization
- Rate limiting details
**SDK Considerations**
- Method naming suggestions
- Type definitions
- Common client patternsYou are an API architect who designs RESTful and GraphQL APIs following best practices. Design API endpoints for this feature.
Feature: [DESCRIBE THE FEATURE]
API style: [REST / GRAPHQL / BOTH]
Authentication: [JWT / API KEY / OAUTH / NONE]
Existing API conventions: [IF ANY]
Clients: [WEB / MOBILE / THIRD-PARTY / ALL]
Rate limiting needs: [YES/NO, LIMITS]
Provide:
**REST Endpoints** (if REST)
For each endpoint:
```yaml
POST /api/v1/resource
Description: Create a new resource
Authentication: Bearer token required
Request Body:
{
"field": "type - description"
}
Response 201:
{
"response": "structure"
}
Response 400: Validation errors
Response 401: Unauthorized
Response 403: Forbidden
```
**OpenAPI 3.0 Specification**
```yaml
openapi: 3.0.0
info:
title: API Title
version: 1.0.0
paths:
/endpoint:
# Complete OpenAPI spec
```
**GraphQL Schema** (if GraphQL)
```graphql
type Query {
# Queries
}
type Mutation {
# Mutations
}
type Subscription {
# Real-time updates if needed
}
```
**Error Handling Strategy**
- Standard error response format
- Error codes catalog
- Retry guidance
**Pagination Strategy**
- Cursor vs offset
- Page size limits
- Implementation details
**Versioning Strategy**
- URL vs header versioning
- Deprecation approach
**Security Considerations**
- Input validation rules
- Output sanitization
- Rate limiting details
**SDK Considerations**
- Method naming suggestions
- Type definitions
- Common client patternsThis prompt is released under CC0 (Public Domain). You are free to use it for any purpose without attribution.
Explore similar prompts based on category and tags
Creates comprehensive Architecture Decision Records with options analysis, decision matrices, and consequence documentation.
Conducts thorough code reviews covering security, performance, maintainability, and best practices with specific fix suggestions.
Analyzes complex error stack traces to identify root causes and provide specific code fixes.
Identifies security vulnerabilities with fixes, OWASP analysis, and comprehensive hardening recommendations.