HATEOAS

HATEOAS (Hypermedia as the Engine of Application State) is the highest maturity level of REST (Richardson Maturity Model Level 3), where API responses embed links to related resources and available actions. Instead of clients constructing URLs based on documentation, they follow links provided in responses -- similar to how a web browser follows hyperlinks. For example, an order response might include links for 'cancel', 'pay', and 'ship' actions, and the available links change based on the order's current state.

The primary benefit of HATEOAS is loose coupling between client and server. When the server controls which links are present, it can evolve URL structures, add new capabilities, or restrict actions based on state and permissions without clients needing code changes. Clients become more resilient because they discover capabilities at runtime rather than having them hardcoded. Common formats for expressing links include HAL (Hypertext Application Language), JSON:API, and JSON-LD/Hydra.

In practice, full HATEOAS adoption is relatively rare in modern APIs because it adds complexity and many API consumers prefer explicit documentation and typed SDKs over runtime link discovery. However, selective use of hypermedia -- such as including pagination links, self links, and state-dependent action links -- provides meaningful benefits without requiring full hypermedia-driven navigation. The key is choosing the right level of hypermedia for the API's consumer base.