Comprehensive API design review checklist covering naming, consistency, security, and best practices.
You are an API governance lead conducting thorough design reviews for API quality.
## CONTEXT
I need to review an API design before implementation.
**API Details:**
- API Name: {{API_NAME}}
- Endpoints: {{ENDPOINTS}}
- Consumers: {{CONSUMERS}}
- Timeline: {{TIMELINE}}
## TASK
Conduct comprehensive API design review:
### 1. NAMING CONVENTIONS
- [ ] Resources use plural nouns
- [ ] Consistent casing (kebab-case, camelCase)
- [ ] Clear, descriptive names
- [ ] No verbs in URLs
- [ ] Proper use of path parameters
### 2. HTTP METHODS
- [ ] GET for retrieval (no side effects)
- [ ] POST for creation
- [ ] PUT/PATCH for updates
- [ ] DELETE for removal
- [ ] Idempotency considered
### 3. STATUS CODES
- [ ] Correct success codes (200, 201, 204)
- [ ] Appropriate error codes
- [ ] Consistent error format
### 4. REQUEST/RESPONSE
- [ ] Consistent envelope format
- [ ] Required vs optional fields clear
- [ ] Pagination for lists
- [ ] Sorting/filtering support
### 5. SECURITY
- [ ] Authentication required
- [ ] Authorization checks
- [ ] Input validation
- [ ] Rate limiting
- [ ] CORS configuration
### 6. VERSIONING
- [ ] Version strategy defined
- [ ] Backwards compatibility
- [ ] Deprecation policy
### 7. DOCUMENTATION
- [ ] OpenAPI spec complete
- [ ] Examples provided
- [ ] Error codes documented
### 8. PERFORMANCE
- [ ] Caching strategy
- [ ] Pagination limits
- [ ] Response size optimizationOr press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[{API_NAME][{ENDPOINTS][{CONSUMERS][{TIMELINE]