API Design – 100+ Lab Exercises (Basic, Intermediate, Advanced)

🔰 Basic Level (30+ Exercises)

 

Goal: Understand REST principles, build foundational APIs, and apply CRUD operations.

 

REST Fundamentals

  • Design a RESTful API for a Todo App (CRUD operations).

  • Define HTTP verbs (GET, POST, PUT, DELETE) with use-case examples.

  • Build a User Registration and Login API.

  • Create a blog API with pagination and search.

  • Implement status codes: 200, 201, 204, 400, 401, 403, 404, 500.

  • Handle query parameters, path parameters, headers, and request bodies.

API Resources & Models

  • Design resource naming conventions.

  • Create JSON response structure with success and error metadata.

  • Model nested resources (e.g., /users/{userId}/posts).

  • Implement validation for input data.

Basic Authentication & Rate Limiting

  • Build basic authentication using API keys.

  • Implement rate limiting (fixed window).

  • Setup CORS policy and explain preflight requests.

 

🚀 Intermediate Level (40+ Exercises)

 

Goal: Build scalable, modular, and secure APIs with documentation and error handling.

 

API Versioning & Standards

  • Implement URI-based versioning (/api/v1/...).

  • Compare header vs query parameter-based versioning.

  • Standardize API response format using JSend or JSON:API.

API Documentation

  • Use Swagger/OpenAPI to document endpoints.

  • Generate API docs with Postman or Redoc.

  • Create sample request-response mockups.

Middleware & Modular Design

  • Build middleware for:

    • Logging

    • Authentication

    • Response compression

  • Structure modular route controllers and service layers.

Error Handling

  • Design a custom error object with error codes.

  • Handle global exception handling.

  • Implement fallback responses for service unavailability.

Advanced Security

  • Implement OAuth2 login via Google/Facebook.

  • Use JWT (JSON Web Tokens) for session management.

  • Add role-based access control (RBAC).

 

🧠 Advanced Level (40+ Exercises)

 

Goal: Create robust, fault-tolerant APIs supporting microservices, GraphQL, async events, and real-world scalability.

 

Asynchronous APIs & Event-Driven Design

  • Build an event-driven API with Kafka or RabbitMQ.

  • Create webhooks for event notifications (e.g., Stripe-style).

  • Implement async email/SMS job queue after signup.

GraphQL & gRPC

  • Build a GraphQL server with queries, mutations, and nested relationships.

  • Create a gRPC API for internal service communication.

  • Compare REST vs GraphQL vs gRPC.

Microservices & API Gateways

  • Create an API Gateway using Express/Nginx/Kong.

  • Setup service discovery with Consul or Eureka.

  • Handle cross-service authentication with OAuth2 + introspection.

Pagination, Filtering, Sorting

  • Build cursor-based pagination.

  • Add filters using query parameters.

  • Add sorting using dynamic keys.

Performance & Monitoring

  • Perform load testing with Postman, JMeter, or k6.

  • Analyze latency vs throughput trade-offs.

  • Add Prometheus metrics endpoints.

  • Integrate API tracing (OpenTelemetry).

 

🎓 Capstone Projects (Choose 2–3)

 

  • Build a Multi-Tenant SaaS API for project management.

  • Design a Banking Transaction API (internal service calls + validation + audit trail).

  • Build a Food Delivery API with restaurant search, cart, order, delivery.

  • Develop a Healthcare API for appointment booking, EHR access, and patient login.

 

Tools & Technologies

 

Languages

  • Python (FastAPI), Node.js (Express/Nest), Java (Spring Boot), Go

Standards

  • OpenAPI, OAuth2, REST, gRPC

Documentation

  • Swagger UI, Redoc, Postman Collections

Monitoring

  • Prometheus, Jaeger, ELK Stack

Testing

  • Postman, k6, Newman, REST Assured

Download Syllabus 👇
Scroll to Top