HTTP Methods
The HTTP method (or verb) tells a server what action the client wants on a resource.
- GET retrieves a representation and must not change server state.
- POST submits data, often creating a new resource.
- PUT replaces a resource entirely at a known location.
- PATCH applies a partial update.
- DELETE removes a resource.
Safety and Idempotency
Two properties shape correct API design:
- A safe method has no observable side effects. GET, HEAD, and OPTIONS are safe.
- An idempotent method produces the same result whether sent once or many times. GET, PUT, and DELETE are idempotent, but POST generally is not.
Idempotency matters because networks drop responses. A client that retries a PUT is safe, while retrying a POST might create duplicate records. Designers often add an idempotency key to make POST retries safe.
Choosing a Method
Use GET for reads, POST to create, PUT to replace, PATCH to modify, and DELETE to remove. Following these conventions lets caches, proxies, and tooling behave correctly without custom logic.
Key idea
Pick the HTTP method that matches the action so safety and idempotency guarantees hold for caches and retries.