API Specification Template

Example of a Prompt

Agent: Document Agent

Design the API using the @Member Information Update Screen Specifications screen design document as a reference, and output it according to the @API Specification Template format.

</aside>

Template

# API Specification

## 1. Overview

### 1.1 Purpose

\\[Briefly describe the purpose and main features of the API]

### 1.2 Target Users

\\[Describe the intended user base and usage scenarios for this API]

### 1.3 Technical Specifications

- **API Type**: \\[REST, GraphQL, SOAP, gRPC, etc.]
- **Data Format**: \\[JSON, XML, Protocol Buffers, etc.]
- **Protocol**: \\[HTTP/HTTPS, WebSocket, etc.]

## 2. Authentication and Access Control

### 2.1 Authentication Method

\\[Describe the authentication method for the API (API Key, OAuth 2.0, JWT, etc.)]

Example: Authorization: Bearer {token}


### 2.2 Access Permissions

\\[Describe the available permission levels and the scope of operations for each permission]

### 2.3 Rate Limiting

| Plan | Request Limit | Period            |
| ---- | ------------- | ----------------- |
| Free | \\[e.g., 100]  | \\[e.g., per hour] |
| Paid | \\[e.g., 1000] | \\[e.g., per hour] |

## 3. Endpoint Information

### Base URL

https://api.example.com/v1


### 3.1 Resource: \\[Resource Name]

#### \\[HTTP Method] \\[Path]

\\[Describe the functionality of this endpoint]

**URL**: `[Full URL Path]`

## 4. Request Specifications

### 4.1 Query Parameters

| Parameter Name | Required | Type   | Description    | Default Value |
| -------------- | -------- | ------ | -------------- | ------------- |
| \\[param1]      | Yes      | string | \\[Description] | -             |
| \\[param2]      | No       | number | \\[Description] | \\[Value]      |

### 4.2 Request Headers

| Header Name   | Required | Description                |
| ------------- | -------- | -------------------------- |
| Content-Type  | Yes      | \\[e.g., application/json]  |
| Authorization | Yes      | \\[Describe authentication] |

### 4.3 Request Body

\\[Describe the format of the request body (if applicable)]

```json
{
  "property1": "value1",
  "property2": 123,
  "nestedObject": {
    "nestedProperty": "value"
  }
}

Property Details

Property Name	Required	Type	Description	Constraints
property1	Yes	string	\[Description]	\[e.g., max 50 chars]
property2	No	number	\[Description]	\[e.g., integer 1-100]
nestedObject	No	object	\[Description]	-

5. Response Specifications

5.1 Success Response

Status Code: 200 OK

{
  "status": "success",
  "data": {
    "id": "12345",
    "name": "Sample Name",
    "createdAt": "2023-01-01T12:00:00Z"
  }
}

Response Fields

Field Name	Type	Description
status	string	Request processing status
data	object	Response data object
data.id	string	Unique resource identifier
data.name	string	Resource name
data.createdAt	string	Creation date (ISO 8601 format)

5.2 Error Response

Status Code: [Appropriate error code (400, 401, 403, 404, 500, etc.)]

{
  "status": "error",
  "code": "ERROR_CODE",
  "message": "Error message",
  "details": {
    "field": "Field where error occurred",
    "reason": "Detailed reason for error"
  }
}

6. Error Handling

6.1 Error Code List

HTTP Status	Error Code	Description	Solution
400	INVALID\_REQUEST	Invalid request parameters	Check the request contents
401	UNAUTHORIZED	Authentication failed	Check authentication information
403	FORBIDDEN	No permission	Obtain appropriate permissions
404	RESOURCE\_NOT\_FOUND	Resource not found	Check the ID
429	RATE\_LIMIT\_EXCEEDED	Rate limit exceeded	Reduce request frequency
500	INTERNAL\_ERROR	Internal server error	Contact support

7. Resource Definition

7.1 \[Resource Name]

\[Resource overview description]

Properties

Property Name	Type	Description	Example
id	string	Unique resource identifier	"12345"
name	string	Resource name	"Sample Name"
type	enum	Resource type	"standard", "premium"
createdAt	string	Creation date	"2023-01-01T12:00:00Z"

8. Implementation Examples

8.1 cURL

curl -X GET "<https://api.example.com/v1/resources?param1=value1>" \\
     -H "Authorization: Bearer YOUR_API_TOKEN" \\
     -H "Content-Type: application/json"

8.2 JavaScript (fetch)

fetch('<https://api.example.com/v1/resources?param1=value1>', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer YOUR_API_TOKEN',
    'Content-Type': 'application/json'
  }
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));

9. Version Management

9.1 Current Version

API Version: v1

9.2 Change History

Version	Release Date	Change Description
v1.0.0	2025-05-01	Initial release

9.3 Deprecated Features

Feature	Deprecated Version	Removal Version	Alternative
`/v1/old-endpoint`	v1.1.0	v2.0.0	Use `/v1/new-endpoint`

10. Limitations

10.1 Performance Limitations

Concurrent connections: \[e.g., 100 connections/IP]
Timeout: \[e.g., 30 seconds]
Maximum payload size: \[e.g., 5MB]

10.2 Terms of Use

\[Describe the terms of use for the API]

10.3 Security Notes

Store tokens securely; do not save them in public repositories
Use HTTPS connections
\[Other security recommendations]

11. Support

11.1 Contact

Email: [email protected]
Support site: https://support.example.com

11.2 Documentation

API Documentation: https://docs.example.com/api
Tutorials: https://docs.example.com/tutorials


## Output Image

```markdown
# API Specification

## 1. Overview

### 1.1 Purpose

A set of APIs for updating member information (email address, password, profile image). These APIs securely transmit the information entered on the "Member Information Update Screen" to the server, enabling update processing, validation, and session management.

### 1.2 Target Users

Logged-in users who can change their own member information. The main use cases are updating one's own email address, password, or profile image.

### 1.3 Technical Specifications

- **API Format**: REST
- **Data Format**: JSON (images use Multipart)
- **Protocol**: HTTPS

## 2. Authentication and Access Control

### 2.1 Authentication Method

Authentication via JWT
Example:
Authorization: Bearer {token}

### 2.2 Access Permissions

Only executable by logged-in users.
Operations are limited to the user's own member information.

### 2.3 Rate Limiting

| Plan      | Request Limit | Period   |
| --------- | ------------- | -------- |
| All Users | 100           | Per hour |

## 3. Endpoint Information

### Base URL

https://api.example.com/v1


#### 3.1 Change Email Address

- **POST** `/member/email`
- Update to a new email address

#### 3.2 Change Password

- **POST** `/member/password`
- Change to a new password

#### 3.3 Change Profile Image

- **POST** `/member/image`
- Upload a new profile image

## 4. Request Specifications

### 4.1 Query Parameters

- None (all sent in the body)

### 4.2 Request Headers

| Header Name   | Required | Description                             |
| ------------- | -------- | --------------------------------------- |
| Content-Type  | Yes      | application/json or multipart/form-data |
| Authorization | Yes      | Bearer token authentication             |

### 4.3 Request Body

#### `/member/email`

```json
{
  "newEmail": "[email protected]"
}

Property Name	Required	Type	Description	Constraints
newEmail	Yes	string	New email address	Email format, must be unique

`/member/password`

{
  "currentPassword": "currentPass123!",
  "newPassword": "newPass456!",
  "confirmPassword": "newPass456!"
}

Property Name	Required	Type	Description	Constraints
currentPassword	Yes	string	Current password	Required, must be valid
newPassword	Yes	string	New password	At least 8 characters, alphanumeric and symbols
confirmPassword	Yes	string	New password (confirm)	Must match newPassword

`/member/image`

Form data

Item Name	Required	Type	Description	Constraints
profileImage	Yes	File	New profile image	jpg/png, max 2MB

5. Response Specifications

5.1 Success Response

Status Code: 200 OK

{
  "status": "success",
  "message": "Member information updated."
}

5.2 Error Response

Status Codes: 400, 401, 422, 500

{
  "status": "error",
  "code": "VALIDATION_ERROR",
  "message": "Invalid input value",
  "details": {
    "field": "newEmail",
    "reason": "Already registered."
  }
}

6. Error Handling

HTTP Status	Error Code	Description	Solution
400, 422	VALIDATION\_ERROR	Validation error	Correct input values
401	SESSION\_EXPIRED	Session expired	Log in again
500	INTERNAL\_ERROR	Internal server error	Retry, contact support

7. Resource Definitions

Email address: Email format, must be unique
Password: At least 8 characters, alphanumeric and symbols
Profile image: jpg/png, max 2MB

8. Implementation Examples

8.1 cURL

Change Email

curl -X POST "<https://api.example.com/v1/member/email>" \\
-H "Authorization: Bearer {TOKEN}" \\
-H "Content-Type: application/json" \\
-d '{ "newEmail": "[email protected]" }'

Change Password

curl -X POST "<https://api.example.com/v1/member/password>" \\
-H "Authorization: Bearer {TOKEN}" \\
-H "Content-Type: application/json" \\
-d '{ "currentPassword": "curr", "newPassword": "new", "confirmPassword": "new" }'

Change Profile Image

curl -X POST "<https://api.example.com/v1/member/image>" \\
-H "Authorization: Bearer {TOKEN}" \\
-F "[email protected]"

9. Version Control

Version	Release Date	Changes
v1.0.0	2025-08-13	Initial release

10. Limitations

Concurrent connections: 100/IP
Timeout: 30 seconds
Maximum image size: 2MB
Strict password requirements
Input value encryption recommended

11. Support

Email: [email protected]
Support site: https://support.example.com