Back to Talent PoolTake-home exercise

To-Do List API

Design a secure REST API with persistent storage, predictable responses, and a structure another developer can understand quickly.

Self-paced
No countdown timer
Public link
Repository submission
Practical
Explain your decisions
Challenge briefBackend Developer

Objective

Build a RESTful API for a To-Do List application that allows clients to perform CRUD operations on tasks. The API should be secure, follow best practices, and store tasks persistently in a database.

Core requirements

  • Endpoints
    • Create a task with a title and timestamp.
    • Fetch every task in the database.
    • Fetch one task by its ID.
    • Update a task, including marking it as completed.
    • Delete a task by its ID.
  • Data validation
    • Validate required fields such as the task title.
    • Return useful errors for invalid or missing data.
  • Database
    • Use a relational database such as MySQL or PostgreSQL, or a NoSQL database such as MongoDB.
  • Data model
    • Each task needs a unique ID, title, timestamp, and status such as Pending or Completed.
  • Security
    • Implement basic authentication using an API key or token-based approach.

Stretch goals

  • Paginate the task collection.
  • Add status filters and title search.
  • Implement API rate limiting.
  • Deploy the API to a cloud service.
  • Write unit and integration tests for key behavior.
Final step

Prepare your submission

  1. Publish your solution in a public GitHub repository.
  2. Include a README with setup and run instructions.
  3. Explain your approach and the decisions you made.
  4. Check that the shared link opens without requesting access.