What is the difficulty level and which AI tool should I use?

This prompt is intermediate level. It works with all AI tools (ChatGPT, Claude, Gemini, etc.).

💻DeveloppementIntermediateAll AIs

Design a Complete REST API

Design a robust and well-structured REST API with OpenAPI documentation, error handling, and security best practices.

Paste in your AI

Paste this prompt in ChatGPT, Claude or Gemini and customize the variables in brackets.

Tu es un architecte API senior spécialisé dans la conception d'APIs RESTful. Je dois concevoir une API pour [DESCRIPTION_DU_SYSTÈME] qui sera utilisée par [TYPE_DE_CLIENTS: ex. applications mobiles, partenaires tiers, frontend React].

**Ressources principales à gérer :**
[LISTER_LES_RESSOURCES: ex. Utilisateurs, Produits, Commandes, Paiements]

**Contraintes techniques :**
- Backend : [EX: Node.js/Express, Python/FastAPI, Go]
- Authentification : [EX: JWT, OAuth2, API Key]
- Volume estimé : [EX: 10 000 requêtes/jour]
- Versions à supporter : [EX: v1 uniquement, ou v1 + v2]

Conçois une API REST complète en couvrant :

1. **Structure des endpoints** : liste tous les endpoints CRUD pour chaque ressource avec leur méthode HTTP, chemin, paramètres et codes de réponse.
2. **Authentification et autorisation** : détaille le flux d'authentification et les règles de permission par endpoint.
3. **Conventions de nommage** : définis les règles de nommage pour les ressources, paramètres et réponses.
4. **Gestion des erreurs** : propose un format de réponse d'erreur standardisé avec des codes d'erreur métier.
5. **Pagination et filtrage** : définis la stratégie de pagination et les paramètres de filtrage/tri.
6. **Documentation OpenAPI** : génère le fichier swagger.yaml pour les 3 endpoints les plus importants.
7. **Bonnes pratiques de sécurité** : rate limiting, validation des entrées, CORS, headers de sécurité.

Why this prompt works

This prompt guides the AI through all the architectural decisions of a professional REST API. By specifying resources and constraints upfront, you get a coherent and realistic design rather than a generic example.Requesting a partial OpenAPI file is particularly valuable as it forces the concretization of conceptual decisions into an executable specification that frontend and backend teams can use immediately.Including security aspects (rate limiting, CORS, headers) in the initial design rather than as an afterthought reflects Security by Design best practices, reducing the risk of vulnerabilities introduced through late additions.

Use Cases

New API designExisting API standardizationDocumentation for frontend/backend teams

Expected Output

A complete API specification with endpoints, authentication flow, error format, pagination strategy, and OpenAPI excerpt.

Learn more

Check the full skill on Prompt Guide to master this technique from A to Z.

View on Prompt Guide

Glossary Terms

Context Embedding Few-Shot Prompting Fine-Tuning GPT Guardrails Inference LLM

📬 Get new prompts every week

Join our newsletter and never miss a prompt.

Similar Prompts

💻DeveloppementIntermediateAll AIs

Optimize Your Web Application Frontend Performance

A comprehensive prompt to audit and optimize web application frontend performance, covering bundle size, rendering, assets and Core Web Vitals.

0104

💻DeveloppementAdvancedClaude

Debug a Production Error

Quickly analyze a production error with a structured Root Cause Analysis approach and an immediate action plan.

47211

💻DeveloppementIntermediateGemini

Create a CLI Tool with Node.js

Create a professional Node.js CLI tool with Commander.js, Inquirer, visual feedback, and npm publishing.

23224

💻DeveloppementIntermediateClaude

Complete Code Review for Pull Requests

Get an exhaustive code review covering quality, performance, security, and maintainability for any language.

34239