Show a consistent approach: "Every endpoint validates input, returns a consistent JSON envelope with data and meta keys, uses proper HTTP status codes, and returns structured error objects with a code and message. I generate OpenAPI docs from code annotations."
Routing: framework routers (Symfony, Laravel, Slim) map HTTP methods and paths to controllers. Validation: validate input at the boundary — use form requests (Laravel), Symfony validators, or dedicated validation libraries. Response formatting: return consistent JSON structures with proper HTTP status codes, use serialisation libraries for transforming entities to API resources, and implement pagination for collections. Versioning: URL prefix (/api/v1) is simplest, header-based is cleaner but harder to test. Error handling: return structured error responses with machine-readable codes and human-readable messages, never leak stack traces in production. Strong candidates discuss: content negotiation, HATEOAS links, rate limiting, OpenAPI documentation generation, and the trade-off between REST and GraphQL.
Tests API architecture skills. Candidates who return inconsistent responses or leak internal errors build frustrating APIs. Those who discuss validation, consistent error formats, and documentation build APIs that other developers want to use.