Your REST API Is Probably Broken (7 Mistakes I See in Every Codebase)

I've reviewed 50+ REST APIs this year (for market research tools, scraping services, and internal tools). The same mistakes show up in almost every one. Here are the 7 worst offenders. 1. Returning 200 for Errors // BAD: Status 200 { "success" : false , "error" : "User not found" } // GOOD: Status 404 { "error" : "User not found" , "code" : "USER_NOT_FOUND" } If you return 200 for errors, every client has to parse the body to know if the request worked. HTTP status codes exist for a reason. 2. No Pagination (or Bad Pagination) // BAD: Returns all 50 , 000 records GET /api/users // GOOD: Cursor-based pagination GET /api/users?limit= 50 &cursor=abc 123 Offset pagination breaks at scale (try OFFSET 1000000 on a large table). Use cursor-based pagination from day one. 3. Nested URLs 4 Levels Deep // BAD GET /api/companies/123/departments/456/employees/789/reviews // GOOD GET /api/reviews?employee_id=789 Deep nesting makes URLs fragile and hard to cache. Flat is better. 4. No Rate Limiting I