Inputs:
- State requirements
- Number of clients
- Security classification of data in the API request or response
- Peak volumes
- Service level distinctions for clients
- Availability requirements
- Latency expectations
- Business metrics
- Transactionality
Outputs (design considerations):
- HATEOAS vs CATEOAS vs [x]ATEOAS
- Versioning methodology
- Authentication, authorization, confidentiality, integrity (etc)
- Caching
- Rate limiting
- Infrastructure redundancy and clustering
- Infrastructure sizing
- Metering and reporting
- Persistence