Stateless

Server contains no client state

“Each request from client to server must contain all of the information necessary to understand the request, and cannot take advantage of any stored context on the server.” – Roy Fielding

When to use

Always for REST APIs.

Why it matters

Scalability: Any server can handle any request. You don’t need “sticky sessions”.
Visibility: Intermediaries (proxies) can look at a request and know exactly what to do without needing to know previous requests.

Signs of Violation

Storing “Current Page” in the session.
Multi-step wizards where Step 2 fails if you didn’t call Step 1 on the same server.

Explanation

Problem

If Server A remembers “User X is on page 2”, and User X sends the “Next Page” request to Server B (via Load Balancer), Server B will be confused.

Solution

The client must send “I am on page 2, give me page 3” or include the session token in every request.

Real world analogy

The Internet itself (IP). Each packet finds its own way. The router doesn’t remember the previous packet.

Pros and Cons

Pros	Cons
Horizontal Scaling Reliability	Network bandwidth (sending repetitive info like Auth Headers)

Stateless

When to use

Why it matters

Signs of Violation

Explanation

Problem

Solution

Real world analogy

Pros and Cons

Comparison

Code example

Typescript

Bad (Violation)

Good (Adherence)

PHP

Bad (Violation)

Good (Adherence)