1. Automate Caching
Repeated request and responding to those request consumes resources and this becomes a sign of flawed design. To solve this problem you must store data fetched from the API on the server and serve later from there.
However, there are times when the data becomes outdated and needs to be updated, in this case, we have some industry caching solutions (Redis and Amazon ElasticCache) that can cache data even after making changes.
2. API Documentation
Always provide clear and concise documentation is necessary for any API, it becomes harder to use that API later without good documentation. So make sure that your API has good documentation using simple languages with updates and new releases.
Your API Documentation should include the following:
Simple and easy to read language.
Implementation of API in different programming languages.
3. Don't Return Plain Text
It is not necessary to go above JSON in REST architecture, as most REST APIs use JSON as a data format. But there are times when returning a body that contains a JSON-formated string isn't enough.
Such as you can specify the Content-Type header set to the value application/json.
4. 401 VS 403
Both the status codes have different meanings and it is very easy to get confused whether it related to authentication or authorization. In order to resolve issues faster, you need to know the difference.
If the user hasn't provided authentication details or they were invalid, then it is 401 Unauthorized.
And if the user successfully authenticated but didn't provide the permissions to access the resource, then it is 403 Forbidden.