What is the difficulty level and which AI tool should I use?

This prompt is intermediate level. It works with all AI tools (ChatGPT, Claude, Gemini, etc.).

💻DeveloppementIntermediateAll AIs

Design a Complete REST API

Design a robust and well-structured REST API with OpenAPI documentation, error handling, and security best practices.

Paste in your AI

Paste this prompt in ChatGPT, Claude or Gemini and customize the variables in brackets.

Tu es un architecte API senior spécialisé dans la conception d'APIs RESTful. Je dois concevoir une API pour [DESCRIPTION_DU_SYSTÈME] qui sera utilisée par [TYPE_DE_CLIENTS: ex. applications mobiles, partenaires tiers, frontend React].

**Ressources principales à gérer :**
[LISTER_LES_RESSOURCES: ex. Utilisateurs, Produits, Commandes, Paiements]

**Contraintes techniques :**
- Backend : [EX: Node.js/Express, Python/FastAPI, Go]
- Authentification : [EX: JWT, OAuth2, API Key]
- Volume estimé : [EX: 10 000 requêtes/jour]
- Versions à supporter : [EX: v1 uniquement, ou v1 + v2]

Conçois une API REST complète en couvrant :

1. **Structure des endpoints** : liste tous les endpoints CRUD pour chaque ressource avec leur méthode HTTP, chemin, paramètres et codes de réponse.
2. **Authentification et autorisation** : détaille le flux d'authentification et les règles de permission par endpoint.
3. **Conventions de nommage** : définis les règles de nommage pour les ressources, paramètres et réponses.
4. **Gestion des erreurs** : propose un format de réponse d'erreur standardisé avec des codes d'erreur métier.
5. **Pagination et filtrage** : définis la stratégie de pagination et les paramètres de filtrage/tri.
6. **Documentation OpenAPI** : génère le fichier swagger.yaml pour les 3 endpoints les plus importants.
7. **Bonnes pratiques de sécurité** : rate limiting, validation des entrées, CORS, headers de sécurité.

Why this prompt works

This prompt guides the AI through all the architectural decisions of a professional REST API. By specifying resources and constraints upfront, you get a coherent and realistic design rather than a generic example.Requesting a partial OpenAPI file is particularly valuable as it forces the concretization of conceptual decisions into an executable specification that frontend and backend teams can use immediately.Including security aspects (rate limiting, CORS, headers) in the initial design rather than as an afterthought reflects Security by Design best practices, reducing the risk of vulnerabilities introduced through late additions.

Use Cases

New API designExisting API standardizationDocumentation for frontend/backend teams

Expected Output

A complete API specification with endpoints, authentication flow, error format, pagination strategy, and OpenAPI excerpt.

Learn more

Check the full skill on Prompt Guide to master this technique from A to Z.

View on Prompt Guide

Glossary Terms

Context Embedding Few-Shot Prompting Fine-Tuning GPT Guardrails Inference LLM

📬 Get new prompts every week

Join our newsletter and never miss a prompt.

Similar Prompts

💻DeveloppementIntermediateAll AIs

Automate Your Git Commits with AI

This prompt analyzes a Git diff and automatically generates structured commit messages following project conventions, with atomic splitting if needed.

💻DeveloppementIntermediateGemini

Define a Git Strategy for a Team

Define a complete Git strategy adapted to your team: branching model, conventions, code review, and release management.

1979

💻DeveloppementAdvancedChatGPT

Legacy Code Refactoring

Safely and incrementally refactor legacy code following SOLID principles and modern best practices.

2977

💻DeveloppementAdvancedClaude

Set Up Application Observability

Implement the three pillars of observability (logs, metrics, traces) with OpenTelemetry, Prometheus, and Grafana dashboards.

4479