| /public-api/users/ | 2,076 |
| /public-api/posts/ | 3,507 |
| /public-api/comments/ | 2,897 |
| /public-api/albums/ | 2,785 |
| /public-api/photos/ | 4,026 |
NOTE: Do not save/post your personal data like email, phone, address etc...
GET /public-api/users/: list all users.GET /public-api/users/?name=john: list all users with name contains john.POST /public-api/users/: create a new user.GET /public-api/users/123/: return the details of the user 123.PATCH /public-api/users/123/ and PUT /users/123: update the user 123.DELETE /public-api/users/123/: delete the user 123.HEAD /public-api/users/: show the overview information of user listing.HEAD /public-api/users/123/: show the overview information of user 123.OPTIONS /public-api/users/: show the supported verbs of endpointOPTIONS /public-api/users/123/: show the supported verbs of endpointNOTE: To prevent abuse all API calls requires a access-token, which can be obtained by a free registration.
Unlike Web applications, RESTful APIs are usually stateless, which means sessions or cookies should not be used. Therefore, each request should come with some sort of authentication credentials. A common practice is to send a secret access token with each request to authenticate the user. Since an access token can be used to uniquely identify and authenticate a user, API requests should always be sent via HTTPS to prevent man-in-the-middle (MitM) attacks.
There are different ways to send an access token:
https://gorest.co.in/public-api/users?access-token=xxxxxxxx.
Customize the output fields, also get the relational data in single call
1. Only returns fields id and email
http://gorest.co.in/public-api/users?fields=id,email
2. Returns all fields of user with posts
http://gorest.co.in/public-api/users?expand=posts
3. Returns all fields of user with albums and posts
http://gorest.co.in/public-api/users?expand=albums,posts
4. Only returns user fields id and email with user posts
http://gorest.co.in/public-api/users?fields=id,email&expand=posts
1. Create new user
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer YOUR-ACCESS-TOKEN" -XPOST "https://gorest.co.in/public-api/users" -d '{"first_name":"Brian","last_name":"Ratke","gender":"male","email":"lew19@roberts.com","status":"active"}'
2. Update existing user with id 123
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer YOUR-ACCESS-TOKEN" -XPATCH "https://gorest.co.in/public-api/users/123" -d '{"first_name":"Brian","last_name":"Ratke","email":"lew19@roberts.com","status":"active"}'
3. Delete user with id 123
curl -i -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization: Bearer YOUR-ACCESS-TOKEN" -XDELETE "https://gorest.co.in/public-api/users/123"
The following list summarizes the HTTP status codes that are used.
200: OK. Everything worked as expected.201: A resource was successfully created in response to a POST request. The Location header
contains the URL pointing to the newly created resource.204: The request was handled successfully and the response contains no body content (like a DELETE request).304: The resource was not modified. You can use the cached version.400: Bad request. This could be caused by various actions by the user, such as providing invalid JSON
data in the request body, providing invalid action parameters, etc.401: Authentication failed.403: The authenticated user is not allowed to access the specified API endpoint.404: The requested resource does not exist.405: Method not allowed. Please check the Allow header for the allowed HTTP methods.415: Unsupported media type. The requested content type or version number is invalid.422: Data validation failed (in response to a POST request, for example). Please check the response body for detailed error messages.429: Too many requests. The request was rejected due to rate limiting.500: Internal server error. This could be caused by internal program errors.