Stats
Actions
Tags
Indexes 12 RESTful API design principle skills covering routes, HTTP methods, errors, auth, versioning, webhooks, and more; invokes relevant ones before API work begins.
How this skill is triggered — by the user, by Claude, or both
Slash command
/api-design-principles:using-api-principlesThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
<IMPORTANT>
These are not suggestions. They are research-backed, opinionated principles drawn from Stripe, GitHub, Twilio, Shopify, Google, Microsoft, Zalando, Cloudflare, OWASP, and industry RFCs.
Use the Skill tool to invoke any skill by name. When invoked, follow the skill's guidance directly.
| Skill | Triggers On |
|---|---|
api-design-principles:routes-and-naming | URL design, endpoint naming, plural nouns, nesting depth, query vs path params, snake_case, field naming |
api-design-principles:http-methods | GET/POST/PUT/PATCH/DELETE semantics, idempotency per verb, CRUD operations, method selection |
api-design-principles:prefixed-ids | Type-safe identifiers, Stripe-style prefixed IDs (cus_, ord_), KSUID, ULID, ID generation |
api-design-principles:errors-and-status-codes | HTTP status codes, error envelopes, per-field validation errors, RFC 9457, error formatting |
api-design-principles:response-design-and-pagination | Response envelopes, cursor/offset/keyset pagination, expand patterns, list metadata |
api-design-principles:auth-and-api-keys | API key design (sk_live_, pk_test_), OAuth 2.0, JWT, Bearer tokens, key rotation |
api-design-principles:rate-limiting-and-security | Rate limiting algorithms/headers, OWASP API Top 10, CORS, input validation, request signing |
api-design-principles:versioning-and-evolution | URL versioning (/v1/), date-based versioning, sunset headers, additive evolution, deprecation |
api-design-principles:caching-and-performance | Cache-Control, ETags, conditional requests, CDN strategies, compression, circuit breakers |
api-design-principles:webhooks-and-events | HMAC-SHA256 signing, retry logic, event naming (resource.action), webhook endpoints |
api-design-principles:documentation-and-dx | API docs, interactive explorers, SDK generation, onboarding, time-to-first-call, changelogs |
api-design-principles:advanced-patterns | Bulk/batch ops, REST vs GraphQL vs gRPC, SSE/WebSockets, multi-tenancy, API gateways, CQRS |
Invoke a skill when there is even a small chance the work touches one of these areas:
All twelve principles rest on three foundations:
Consistency beats cleverness — A predictable API that follows conventions everywhere is better than a clever API that surprises developers. Pick one pattern and apply it universally.
Errors are part of the interface — Every error response, status code, and validation message is as carefully designed as the happy path. Developers spend more time debugging than building.
Optimize for the consumer, not the server — API shape follows what makes client code simple, not what matches the database schema. The server does extra work so every client doesn't have to.
npx claudepluginhub oborchers/fractional-cto --plugin api-design-principlesGuides REST API design with best practices for HTTP methods, status codes, structured errors, pagination, versioning, and OpenAPI documentation.
Guides REST and GraphQL API design with patterns for resource modeling, error handling, pagination, versioning, and auth.
Establishes REST API design patterns for resource naming, HTTP methods and status codes, pagination, filtering, error responses, versioning, and rate limiting for production APIs.