> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ziik.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Best practices

> Common best practices for using REST APIs effectively and reliably.

## Use HTTPS

Always call the API over HTTPS. Never send credentials or sensitive data over plain HTTP.

## Handle errors and status codes

* Check the HTTP status code on every response (e.g. 2xx success, 4xx client error, 5xx server error).
* Read the response body on errors; it often contains a message or error code to help you retry or fix the request.
* Implement retries with backoff for transient failures (e.g. 429 Too Many Requests, 503 Service Unavailable).

## Respect rate limits

* Throttle your requests and avoid bursts; use exponential backoff when you hit limits.
* Cache responses where it makes sense to reduce the number of calls.

## Authenticate correctly

* Store tokens securely (e.g. environment variables or a secrets manager) and never commit them to source control.
* Send the token in the `Authorization` header as specified (e.g. `Bearer <token>`).
* Refresh or renew tokens before they expire to avoid failed requests.

## Use pagination

* For list endpoints, use the provided pagination parameters (e.g. `page`, `limit`, or cursor) instead of fetching everything at once.
* Follow the documented page size limits to avoid timeouts and unnecessary load.

## Use appropriate HTTP methods and URLs

* Use `GET` for reading, `POST` for creating, `PUT`/`PATCH` for updating, and `DELETE` for removing resources.
* Prefer resource-oriented URLs (e.g. `/users/123`) and avoid unnecessary query parameters for identifiers.

## Logging and monitoring

* Log request/response metadata (e.g. endpoint, status code, request ID) for debugging, without logging full credentials or sensitive payloads.
* Monitor success rates, latency, and error types so you can react to issues quickly.
