Tutorial: API Development

Build a robust REST API with authentication, validation, rate limiting, and documentation.

What You'll Build#

• RESTful CRUD endpoints
• API key authentication
• Request validation with Zod
• Rate limiting
• Error handling
• OpenAPI documentation

Prerequisites#

• Next.js project with App Router
• Prisma configured
• Bootspring initialized

Time Required#

Approximately 35 minutes.

Step 1: Design the API#

Ask the api-expert:

The agent provides:

• Resource structure
• Endpoint patterns
• Authentication approach
• Error handling strategy

Step 2: Apply API Skills#

Step 3: Create API Key Authentication#

Database Schema#

API Key Utilities#

API Authentication Middleware#

Step 4: Implement Rate Limiting#

Install lru-cache:

Rate Limit Middleware#

Step 5: Create Validation Schemas#

Step 6: Build CRUD Endpoints#

Tasks API#

Single Task Endpoint#

Step 7: Add Error Handling#

Step 8: Create API Documentation#

Step 9: Test the API#

Using curl#

Verification Checklist#

• API key authentication works
• Rate limiting enforced
• Validation errors return proper messages
• CRUD operations work correctly
• Pagination works
• Error handling is consistent

Security Review#

What You Learned#

• API key authentication
• Rate limiting implementation
• Request validation with Zod
• RESTful design patterns
• Error handling strategies
• OpenAPI documentation

Next Steps#

• Add webhooks
• Implement caching
• Add versioning