In an ideal RESTful API that supports multiple accounts, should each resource have it’s

Question

0

Asked: May 26, 20262026-05-26T08:44:54+00:00 2026-05-26T08:44:54+00:00

In an ideal RESTful API that supports multiple accounts, should each resource have it’s

0

In an ideal RESTful API that supports multiple accounts, should each resource have it’s unique identifier across the entire system, or it is OK if that identifier is unique for the specific account that it belongs to.

Are there any pros and cons for each scenario?

To give an example.

Would this be fine from the REST principles?

http://api.example.com/account/1/users/1
...
http://api.example.com/account/50/users/1

or would this approach be recommended?

http://api.example.com/account/1/users/{UNIQUE_IDENTIFIER}
...
http://api.example.com/account/50/users/{ANOTHER_UNIQUE_IDENTIFIER}

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T08:44:55+00:00

Editorial Team

2026-05-26T08:44:55+00:00Added an answer on May 26, 2026 at 8:44 am

You reveal valid user numbers by always having the first user as 1. Someone then knows that any account will also have a user 1. I’m not saying that you should hide user IDs just through obscurity but why make it easy for someone to find the user IDs in another account?

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In an ideal RESTful API that supports multiple accounts, should each resource have it’s

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply