The smallest unit of a service contract: one URL and method pair that exposes a single operation to other software.
An API endpoint is a single addressable point of contact on a network interface: a URL plus a method that a service exposes so that other software can ask it to do one specific thing. It is the smallest unit of a contract between systems, and the place where most production failures, breaking changes, and security incidentsIncidentDevOps & PlatformA production incidentView reference → actually surface.
The endpoint as a first-class design object grew out of the move to the web. Roy Fielding's 2000 doctoral dissertation, Architectural Styles and the Design of Network-based Software Architectures, introduced Representational State Transfer (REST) and argued that a distributed system should be organised around uniformly addressed resources, each identified by a URI and manipulated through a small, fixed set of methods. The endpoint is where that idea becomes concrete: GET /orders/42 names a resource and an operation in one breath.
The thinking has shifted as the constraintsConstraintStrategyA limit, requirement, or ceiling the product must respect, whether a self-imposed principle or an externally imposed boundaryView reference → changed. REST treats the endpoint as a resource you act on; the rise of mobile and microservices exposed its weaknesses, such as over-fetching and chatty round trips. GraphQL collapsed many resource endpoints into one query endpoint, and gRPC reframed the unit as a typed remote procedure. The industry response was the OpenAPI SpecificationSpecificationFoundationsA canonical open standard or specification that primitives and products conform toView reference →, which made the endpoint a machine-readable, versioned artefact that tooling could validate, mock, and generate clients from. The endpoint stopped being an implementation detail and became a published interface with its own lifecycle.
Mark Masse's REST API Design Rulebook codified the practical conventions that follow from Fielding's constraints: how to name resource URIs, which HTTP methods map to which operations, and how to structure response representations so that the endpoint's intent is unambiguous to any client. Where Fielding's dissertation describes an architectural style, Masse translates that style into a set of applied rules a team can follow when deciding what a specific endpoint should look like.
A payments team owns a ServiceEngineeringA deployable service or microserviceView reference → called servicecheckout-api. One of its endpoints is POST /v2/charges. The contract is explicit: it accepts an amount in minor units, a currency, and an idempotency key; it returns a charge object or a typed error. The team measures this single endpoint at the 99th percentile latency and tracks its error rate separately from the rest of the service, because a slow /charges costs revenue while a slow /health costs nothing.
When a mobile client starts sending amounts as decimals, the endpoint rejects them with a 422 and a machine-readable error code. The breakage is contained to one endpoint and one contract version. The team ships v3 alongside v2, deprecates the old route with a sunset header, and watches the traffic migrate. Nothing else in the service has to change, because the endpoint is the boundary.
Phil Sturgeon's Build APIs You Won't Hate works through this kind of lifecycle management at the endpoint level: it surveys the real-world approaches to versioning and treats each as a trade-off rather than a solved problem, and it argues that error responses should carry appropriate status codes and a unique, documented error code so callers can branch on failures programmatically instead of parsing free-form strings. By that reading, the typed 422 and the versioned route in the example above are the endpoint doing exactly the jobJobUserJob To Be Done: what the user is trying to accomplishView reference → Sturgeon assigns it — being the stable, machine-readable boundary at which a contract change is contained.
In the Unified Product Graph, API EndpointEngineeringA specific API endpoint is a leaf in the Engineering and Platform region, whose anchor is the api_endpointServiceEngineeringA deployable service or microserviceView reference →. Two hierarchy edges place it: serviceServiceservesAPI Endpointhierarchy ties it to the running service, and service_serves_api_endpointAPI ContractcontainsAPI Endpointhierarchy ties it to the published contract, so the same endpoint sits under both the thing that runs it and the thing that documents it. The cross-domain edge api_contract_contains_api_endpointAPI EndpointservesFeaturecross-domain reaches into Product and Delivery, which is what lets you ask the query no single tool answers: if this endpoint breaks, which user-facing features go dark?api_endpoint_serves_feature
Type-specific fields on BaseNode
http_methodenumHTTP method
pathstringURL path (e.g. "/api/v1/products/:id")
auth_requiredbooleanWhether authentication is required
rate_limitstringRate limit description (e.g. "100/min")
idstringrequiredUnique identifier (UUID)
typeNodeTyperequiredDiscriminator for the entity type
titlestringrequiredDisplay name
descriptionstringOptional detailed description
statusstringLifecycle status
tagsstring[]Freeform tags for filtering
6 edge types connected to this entity.
service_serves_api_endpointapi_contract_contains_api_endpointapi_endpoint_serves_featureapi_ecosystem_exposes_api_endpointapi_endpoint_references_domain_entityapi_endpoint_participates_in_data_flow