GET: Fetches data
POST: Creates new resources
PUT: Updates existing resources (entire record)
PATCH: Partially updates a resource
DELETE: Removes resources
Laravel provides Passport, Sanctum, and JWT for API authentication. Sanctum is preferred for SPAs and mobile apps, while Passport is used for OAuth authentication.
| Status Code | Meaning | Usage Example |
|---|---|---|
| 200 OK | Success | When retrieving data (GET /users) |
| 201 Created | Resource created | After successful POST /users request |
| 204 No Content | Success, but no data returned | After DELETE /users/1 |
| 400 Bad Request | Invalid request data | Missing required fields in POST request |
| 401 Unauthorized | Authentication failure | User not logged in |
| 403 Forbidden | User has no access | Role-based restrictions |
| 404 Not Found | Resource doesn’t exist | GET /users/999 when user 999 doesn't exist |
| 405 Method Not Allowed | Wrong HTTP method used | POST /users/1 instead of PUT |
| 422 Unprocessable Entity | Validation error | Invalid email format in registration |
| 500 Internal Server Error | Server-side issue | Unhandled exception in Laravel |
To build a REST API in pure PHP without using any framework, you need to manually handle:
Routing
HTTP methods (GET, POST, PUT, DELETE)
Input validation
Database connection
Authentication with tokens (JWT or basic auth)
Rate limiting or CORS headers
Response formatting (usually in JSON)
index.php)get, post, put, patch etc methods)