Standard conventions for API design, response formats, and error handling in the platform-go project.
All API responses follow a consistent JSON structure.
{
"data": {
"id": 1,
"name": "example"
}
}{
"error": "Resource not found",
"code": "NOT_FOUND"
}{
"data": [
{"id": 1, "name": "item1"},
{"id": 2, "name": "item2"}
],
"pagination": {
"page": 1,
"limit": 20,
"total": 100
}
}Errors are returned with appropriate HTTP status codes and descriptive messages.
error: Human-readable error messagecode: Machine-readable error codedetails: Optional additional context
| Code | Description |
|---|---|
VALIDATION_ERROR |
Input validation failed |
NOT_FOUND |
Resource does not exist |
UNAUTHORIZED |
Authentication required |
FORBIDDEN |
Insufficient permissions |
CONFLICT |
Resource already exists |
INTERNAL_ERROR |
Server error |
Standard HTTP status codes used throughout the API.
200 OK- Request successful201 Created- Resource created204 No Content- Delete successful
400 Bad Request- Invalid input401 Unauthorized- Authentication failed403 Forbidden- Permission denied404 Not Found- Resource not found409 Conflict- Resource conflict
500 Internal Server Error- Unexpected error503 Service Unavailable- Service down
List endpoints support pagination with query parameters.
page- Page number (default: 1)limit- Items per page (default: 20, max: 100)
GET /api/users?page=2&limit=50{
"data": [...],
"pagination": {
"page": 2,
"limit": 50,
"total": 150,
"pages": 3
}
}API uses token-based authentication.
Authorization: Bearer <token>
- Default token lifetime: 24 hours
- Refresh endpoint:
/api/auth/refresh
- Use appropriate HTTP methods (GET, POST, PUT, DELETE)
- Include
Content-Type: application/jsonheader - Validate input before sending requests
- Handle rate limiting (429 status code)
- Always check HTTP status code
- Parse error messages for user feedback
- Handle pagination for large datasets
- Implement retry logic for 5xx errors
- Never expose tokens in URLs
- Use HTTPS in production
- Validate and sanitize all inputs
- Implement request timeouts