GET: Read a resource. Safe and idempotent. | POST: Create a resource or trigger processing. Not idempotent. | PUT: Replace a resource. Idempotent.

Safe: Does not modify server state (GET, HEAD, OPTIONS). | Idempotent: Repeated calls have the same effect (GET, PUT, DELETE).

GET /users: List resources. | POST /users: Create resource. | GET /users/{id}: Fetch resource by ID.

HTTP Methods Cheat Sheet

Semantics, idempotency, and safe methods for designing clean REST APIs.

Core Methods

Key / Code	Description
GET	Read a resource. Safe and idempotent.
POST	Create a resource or trigger processing. Not idempotent.
PUT	Replace a resource. Idempotent.
PATCH	Partially update a resource. Not necessarily idempotent.
DELETE	Remove a resource. Idempotent.
HEAD	Same as GET but no response body.
OPTIONS	Discover supported methods / CORS preflight.

Safe vs Idempotent

Key / Code	Description
Safe	Does not modify server state (GET, HEAD, OPTIONS).
Idempotent	Repeated calls have the same effect (GET, PUT, DELETE).

Common API Patterns

Key / Code	Description
GET /users	List resources.
POST /users	Create resource.
GET /users/{id}	Fetch resource by ID.
PATCH /users/{id}	Update part of a resource.
DELETE /users/{id}	Delete resource.

Error Handling Tips

Use 400 for validation errors, 401/403 for auth, 404 for missing resources, and 409 for conflicts.

Method Selection Rule of Thumb

Use GET when nothing changes, POST when the server creates or triggers work, PUT when the client replaces a full resource, PATCH when only some fields change, and DELETE when removing a resource. This mapping makes APIs easier to document, cache, and reason about.

Knowledge is power.