api-design
此技能用于设计新的REST API、GraphQL模式、重构API端点、编写API规范、制定API版本策略及定义数据模型,确保API设计合理。
npx skills add supercent-io/skills-template --skill api-designBefore / After 效果对比
1 组早期API设计缺乏统一规范,端点命名混乱,数据模型不一致,导致API难以理解和使用,新功能开发时需要大量适配工作,严重影响了系统的可扩展性和开发效率。
经过专业的API设计指导,我们现在能构建出符合RESTful原则、结构清晰、易于理解和使用的API,统一了命名规范和数据模型,极大地提升了API的可维护性和未来扩展性。
api-design
API Design
When to use this skill
-
Designing new REST APIs
-
Creating GraphQL schemas
-
Refactoring API endpoints
-
Documenting API specifications
-
API versioning strategies
-
Defining data models and relationships
Instructions
Step 1: Define API requirements
-
Identify resources and entities
-
Define relationships between entities
-
Specify operations (CRUD, custom actions)
-
Plan authentication/authorization
-
Consider pagination, filtering, sorting
Step 2: Design REST API
Resource naming:
-
Use nouns, not verbs:
/usersnot/getUsers -
Use plural names:
/users/{id} -
Nest resources logically:
/users/{id}/posts -
Keep URLs short and intuitive
HTTP methods:
-
GET: Retrieve resources (idempotent) -
POST: Create new resources -
PUT: Replace entire resource -
PATCH: Partial update -
DELETE: Remove resources (idempotent)
Response codes:
-
200 OK: Success with response body -
201 Created: Resource created successfully -
204 No Content: Success with no response body -
400 Bad Request: Invalid input -
401 Unauthorized: Authentication required -
403 Forbidden: No permission -
404 Not Found: Resource doesn't exist -
409 Conflict: Resource conflict -
422 Unprocessable Entity: Validation failed -
500 Internal Server Error: Server error
Example REST endpoint:
GET /api/v1/users # List users
GET /api/v1/users/{id} # Get user
POST /api/v1/users # Create user
PUT /api/v1/users/{id} # Update user
PATCH /api/v1/users/{id} # Partial update
DELETE /api/v1/users/{id} # Delete user
Step 3: Request/Response format
Request example:
POST /api/v1/users
Content-Type: application/json
{
"name": "John Doe",
"email": "john@example.com",
"role": "admin"
}
Response example:
HTTP/1.1 201 Created
Content-Type: application/json
Location: /api/v1/users/123
{
"id": 123,
"name": "John Doe",
"email": "john@example.com",
"role": "admin",
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-01-15T10:30:00Z"
}
Step 4: Error handling
Error response format:
{
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid input provided",
"details": [
{
"field": "email",
"message": "Invalid email format"
}
]
}
}
Step 5: Pagination
Query parameters:
GET /api/v1/users?page=2&limit=20&sort=-created_at&filter=role:admin
Response with pagination:
{
"data": [...],
"pagination": {
"page": 2,
"limit": 20,
"total": 100,
"pages": 5
},
"links": {
"self": "/api/v1/users?page=2&limit=20",
"first": "/api/v1/users?page=1&limit=20",
"prev": "/api/v1/users?page=1&limit=20",
"next": "/api/v1/users?page=3&limit=20",
"last": "/api/v1/users?page=5&limit=20"
}
}
Step 6: Authentication
Options:
-
JWT (JSON Web Tokens)
-
OAuth 2.0
-
API Keys
-
Session-based
Example with JWT:
GET /api/v1/users
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Step 7: Versioning
URL versioning (recommended):
/api/v1/users
/api/v2/users
Header versioning:
GET /api/users
Accept: application/vnd.api+json; version=1
Step 8: Documentation
Create OpenAPI 3.0 specification:
openapi: 3.0.0
info:
title: User Management API
version: 1.0.0
description: API for managing users
servers:
- url: https://api.example.com/v1
paths:
/users:
get:
summary: List users
parameters:
- name: page
in: query
schema:
type: integer
default: 1
- name: limit
in: query
schema:
type: integer
default: 20
responses:
'200':
description: Successful response
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
$ref: '#/components/schemas/User'
post:
summary: Create user
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/UserCreate'
responses:
'201':
description: User created
content:
application/json:
schema:
$ref: '#/components/schemas/User'
components:
schemas:
User:
type: object
properties:
id:
type: integer
name:
type: string
email:
type: string
format: email
created_at:
type: string
format: date-time
UserCreate:
type: object
required:
- name
- email
properties:
name:
type: string
email:
type: string
format: email
Best practices
-
Consistency: Use consistent naming, structure, and patterns
-
Versioning: Always version your APIs from the start
-
Security: Implement authentication and authorization
-
Validation: Validate all inputs on the server side
-
Rate limiting: Protect against abuse
-
Caching: Use ETags and Cache-Control headers
-
CORS: Configure properly for web clients
-
Documentation: Keep docs up-to-date with code
-
Testing: Test all endpoints thoroughly
-
Monitoring: Log requests and track performance
Common patterns
Filtering:
GET /api/v1/users?role=admin&status=active
Sorting:
GET /api/v1/users?sort=-created_at,name
Field selection:
GET /api/v1/users?fields=id,name,email
Batch operations:
POST /api/v1/users/batch
{
"operations": [
{"action": "create", "data": {...}},
{"action": "update", "id": 123, "data": {...}}
]
}
GraphQL alternative
If REST doesn't fit, consider GraphQL:
type User {
id: ID!
name: String!
email: String!
posts: [Post!]!
createdAt: DateTime!
}
type Query {
users(page: Int, limit: Int): [User!]!
user(id: ID!): User
}
type Mutation {
createUser(input: CreateUserInput!): User!
updateUser(id: ID!, input: UpdateUserInput!): User!
deleteUser(id: ID!): Boolean!
}
References
Examples
Example 1: Basic usage
Example 2: Advanced usage
Weekly Installs11.2KRepositorysupercent-io/sk…templateGitHub Stars58First SeenJan 24, 2026Security AuditsGen Agent Trust HubPassSocketPassSnykPassInstalled oncodex11.1Kgemini-cli11.0Kopencode11.0Kgithub-copilot11.0Kcursor11.0Kamp11.0K
用户评价 (0)
发表评价
暂无评价
统计数据
用户评分
为此 Skill 评分