Apex REST exposes a method as an HTTP endpoint that external systems can call.
`apex @RestResource(urlMapping='/orders/*') global with sharing class OrderRestService { @HttpGet global static OrderResponse doGet() { RestRequest req = RestContext.request; String orderId = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1); Order__c order = [SELECT Id, Name, Status__c FROM Order__c WHERE Id=:orderId]; return new OrderResponse(order); }
@HttpPost global static String doPost(String orderName, String customerId) { Order__c o = new Order__c(Name=orderName, Customer__c=customerId); insert o; return o.Id; }
public class OrderResponse { public String id; public String name; public String status; public OrderResponse(Order__c o) { this.id=o.Id; this.name=o.Name; this.status=o.Status__c; } } } `
URL: /services/apexrest/orders/<orderId>. Authentication: OAuth bearer token via Connected App.
Error handling: set RestContext.response.statusCode = 500 and serialise an error object as the response body.
Critical considerations: with sharing enforces user record access; governor limits apply per request; request size cap; versioning is mandatory (/orders/v1/, /orders/v2/); document via OpenAPI; rate limits eat into the org's daily API quota.
Testing: build RestRequest/RestResponse mocks in test methods, call the static method directly, assert results.
Clean, versioned, well-tested REST endpoints are foundational deliverables for Salesforce integration work.