How to create REST API in Apex

Let's look at how to create REST API in Apex. We would need this when we have a bit more customized requirements than performing basic DML on the sObject.

When a third-party developer wants to send data to Salesforce and perform some business logic on the Salesforce end, preferably a DML into any object, then, there are two ways we can handle it.

First, the developer can use the standard out-of-the-box REST API that salesforce provides or create a REST API based on the business requirement.

In case you are interested in how to use the out-of-the-box REST API Salesforce provides, you can follow this blog post.

Second, if the business requirement is a bit customized then we rely on custom REST API using Apex.

Let me walk you through the later use case.

@RestResource(urlMapping='/Account/*')
global public with sharing class AccountsRESTController{

    // get method will be invoked when a get request is received
	@HttpGet
    global static void doGet() {
        
        // instantiate rest request so that we can extraxt the recrord
        // from the endpoint
        RestRequest req = RestContext.request;

        // grab the record id (which is going to be 18 digits id) from the 
        // last forward slash ("/")      
        String accountId = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);

        Account result = [SELECT Id, Name, Phone, Website FROM Account WHERE Id = :accountId];

        return result;
    }
    
    // post method will be invoked when a http post request is received
	@HttpPost
    global static account doPost(String name, String phone, String website) {

    	Account account = new Account();
        account.Name = name;
        account.phone = phone;
        account.website = website;

        insert account;

        return account;
    }
    
    // put method will be invoked when a http put request is received
	@HttpPut
    global static Account doPut(String name) {
    
        RestRequest req = RestContext.request; 
        String accountId = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);

        Account result = [SELECT Id, Name, Phone, Website FROM Account WHERE Id = :accountId];

        // put method is going to perform an update operation. by architecture
        // it will take all the fields, though we are updating only a 
        // single field
        Account account = new Account();
        account.Id = accountId;
        account.Name = name; // only modifying the account name
        account.phone = result.phone;
        account.website = result.website;
        update account;

        return account;
    }

    // patch method will be invoked when a http patch request is received
    @HttpPut
    global static Account doPatch(String name, String phone, String website) {
    
        RestRequest req = RestContext.request; 
        String accountId = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);

        // patch method is also going to perform an update operation. 
        // by architecture it will take only the fields that has to be 
        // modified or updated
        Account account = new Account();
        account.Id = accountId;
        account.Rating = 'Hot';
        update account;

        return account;
    }
    
    // delete method will be invoked when a http delete request is received
	@HttpDelete
    global static void doDelete() {
    	
        RestRequest req = RestContext.request;        
        String accountId = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);

        Account account = [SELECT Id FROM Account WHERE Id = :accountId];
        delete account;
    }
}
Apex REST API performing DML on Account object
For a simple usecase like mentioned above we don't have to go for Apex REST API we can go ahead with out of the box endpoints that salesforce provides. We will be reaching out to this option only when there a bit more customization required.

In case you want to test it, then you need to make a callout from apps like the postman or insomnia and check the response.

The next question will be, what's going to be the endpoint?

It's going to look something like this https://instance.salesforce.com/services/apexrest/Account/001XXXXXXXXXXXXXXX

Replace the instance (mentioned in the above URL with your org-specific instance) and make sure a valid account record is passed in the endpoint.

Hope this is helpful!