HTTP Methods GET and POST in REST API Design
In this tutorial, you will learn about HTTP Methods GET and POST in REST API ilink "Api Design" >}}. We cover key concepts, practical examples, and best practices to help you master this topic.
HTTP GET retrieves data without side effects and POST creates new resources on the server, making them the most fundamental methods in REST API communication over HTTP.
flowchart TD A[Client] -->|GET /users| B[Server] B -->|200 OK + User List| A A -->|POST /users + Body| C[Server] C -->|201 Created + New User| A style A fill:#e1f5fe style B fill:#c8e6c9 style C fill:#c8e6c9
GET is a safe method. Safe means it does not change the server state. Reading a book does not modify the library catalog. POST is not safe. Creating a new book adds it to the catalog permanently.
GET is also idempotent. Making the same GET request 100 times produces the same result. POST is not idempotent. Creating the same resource 100 times produces 100 resources. This is why browsers warn you before resubmitting a form.
Think of GET like asking a librarian for a book. No matter how many times you ask, the book stays on the shelf. POST is like checking a new book into the library. Every time you do it, a new entry appears in the catalog.
Example: GET Requests
import requests
# Simple GET request
response = requests.get("https://api.example.com/users")
print(f"Status: {response.status_code}")
print(f"Users: {response.json()}")
Expected output:
Status: 200
Users: [{"id": 1, "name": "Alice"}, {"id": 2, "name": "Bob"}]
# GET with path parameter
response = requests.get("https://api.example.com/users/42")
print(response.json())
Expected output:
{"id": 42, "name": "Alice", "email": "alice@example.com"}
# GET with query parameters
response = requests.get(
"https://api.example.com/users",
params={"role": "admin", "active": True}
)
print(f"Filtered URL: {response.url}")
print(f"Results: {response.json()}")
Expected output:
Filtered URL: https://api.example.com/users?role=admin&active=True
Results: [{"id": 1, "name": "Admin User"}]
Example: POST Requests
import requests
# Create a new resource
new_user = {
"name": "Charlie",
"email": "charlie@example.com",
"role": "editor"
}
response = requests.post(
"https://api.example.com/users",
json=new_user
)
print(f"Status: {response.status_code}")
print(f"Location: {response.headers.get('Location')}")
print(f"New user: {response.json()}")
Expected output:
Status: 201
Location: /users/43
New user: {"id": 43, "name": "Charlie", "email": "charlie@example.com", "role": "editor"}
# POST returns 409 Conflict for duplicates
duplicate = {"name": "Charlie", "email": "charlie@example.com"}
response = requests.post("https://api.example.com/users", json=duplicate)
print(f"Status: {response.status_code}")
print(f"Error: {response.json()}")
Expected output:
Status: 409
Error: {"error": "User with email charlie@example.com already exists"}
Common Mistakes
- Using POST to retrieve data — If you are not creating a resource, use GET. POST for reads breaks Caching and violates REST semantics.
- Not returning 201 for successful POST — A successful creation should return 201 Created, not 200 OK, so clients know a resource was created.
- Missing Location header on POST — After creating a resource, include the Location header pointing to the new resource URI.
- Sending sensitive data in GET query parameters — GET parameters appear in server logs and browser history. Use POST for sensitive data.
- Making GET requests with a body — HTTP semantics allow GET bodies but most servers ignore them. Use query parameters instead.
Practice Questions
- What does it mean that GET is a safe method?
- Why is POST not idempotent?
- What status code should a successful POST return?
- What header should a POST response include to indicate the new resource location?
- Challenge: Write a Python script that fetches a list of posts from JSONPlaceholder, displays them, then creates a new post and prints the creation response.
FAQ
Mini Project
Write a Python script that interacts with the JSONPlaceholder API. Make 5 GET requests to different endpoints (/posts, /comments, /albums, /photos, /todos) and 3 POST requests to create new resources. Print status codes and response bodies.
What's Next
Now learn about PUT and PATCH methods in the next lesson on REST API Design.
Built by the developers of DodaTech
Doda Browser, DodaZIP & Durga Antivirus Pro