This is a short and nice read: Some REST best practices.
I especially like the versioning part, which I’ve been (trying to) tell for years.
API versions should be mandatory. This way, you will be futureproof as the API changes through time. One way is to do is to pass the API version in the URL (/api/v1/…).
An alternative method to that, if you already have an API in place and can’t change the URL structure for legacy reasons, is to just a different (sub-)domain for each version. If you’re running your API at api.domain.tld, you can prefix it with the version you want, like v1.api.domain.tld. The domain/path to the API should at the very least be a configuration option (or a hard-coded constant, defined once) in your code that’s easily changed. The URL’s usually aren’t.
Adding the version to the URL has the additional benefit of you being able to move the API to a new server easily (it’s just a DNS change), you can separate your codebase, you can have an entirely different HTTP vhost configuration since you can refer to a new VirtualHost, …
Adding versioning information after your API has hit production isn’t impossible.