Why choose Axum over Actix-web for Rust web development?

Axum is built on top of Tower middleware and Hyper, making it composable with the broader Rust async ecosystem. Its extractor system is type-safe and ergonomic. Actix-web uses the actor model and has historically had higher raw throughput benchmarks, but Axum's compile-time safety and Tower integration make it the preferred choice for new projects in 2026. Both are excellent production-ready options.

What is an extractor in Axum?

An extractor is a type that implements FromRequest or FromRequestParts and can be placed as a handler parameter to extract data from an HTTP request. Json extracts and deserialises a JSON body. Path extracts URL path parameters. Query extracts query string parameters. State provides access to shared application state. Axum validates all extractors at compile time — wrong handler signatures are compiler errors, not runtime panics.

How does Serde work with Axum for JSON?

Serde is Rust's serialisation framework. Adding #[derive(Serialize, Deserialize)] to a struct enables automatic JSON conversion. Axum's Json extractor calls serde_json to deserialise the request body into T; returning Json(value) serialises it back. Add serde = { version = '1', features = ['derive'] } and serde_json to Cargo.toml. Serde supports JSON, TOML, YAML, MessagePack, and many other formats with the same derive macros.

How do you share database connection pools in an Axum application?

Wrap the pool in an Arc and add it to Axum's application state with .with_state(). In handlers, use State(pool): State > as a parameter. Axum clones the Arc for each request — cheap (just an atomic increment). The pool itself is shared because Arc points to the same underlying pool. For sqlx: let pool = PgPool::connect(url).await?; let app = Router::new().route('/', get(handler)).with_state(Arc::new(pool));

← Back to Rust Mastery Hub

Building REST APIs with Axum: Safe, Concurrent Routing

When you are architecting a backend microservice, performance metrics dictate costs. If you write an API in Express (Node.js), handling 10,000 requests per second requires spinning up massive load balancers and horizontal scaling groups. Conversely, a framework written in Rust can often handle that exact traffic threshold sitting on a single $20/month Ubuntu cloud instance.

Over the past decade, the Rust community has built several phenomenal web frameworks—Rocket pioneered ease of use, while Actix-Web continuously topped competitive benchmarks globally.

However, the modern era belongs to Axum.

Created directly by the maintainers of the Tokio async runtime, Axum is structurally brilliant. It operates natively using the underlying Tower ecosystem, meaning it integrates flawlessly with middleware without massive compilation overhead.

In this module, we construct a production REST API, examine route execution, learn how to extract incoming payloads securely, and deploy shared Mutex state.

1. Initializing an Axum Server

Building with Axum requires exactly two primary crates: axum itself, and tokio to provide the asynchronous execution runtime engine to host the TCP server physically.

toml

[dependencies]
axum = "0.7"
tokio = { version = "1.x", features = ["full"] }

Constructing the server is elegantly concise. You define a Router, bind it rigidly to a TCP Port configuration, and hand the listener directly to the axum extraction engine.

rust

use axum::{routing::get, Router};

#[tokio::main]
async fn main() {
    // We build our application domain, routing the root "/" to a handler!
    let app = Router::new()
        .route("/", get(baseline_handler));

    // Bind to arbitrary internal localhost port 3000
    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    
    println!("Server launched on port 3000.");
    axum::serve(listener, app).await.unwrap();
}

// A Handler is any asynchronous function that returns something implementing 
// the IntoResponse trait. A pure string automatically evaluates cleanly.
async fn baseline_handler() -> &'static str {
    "Axum Architecture Online!"
}

2. API Routes and Extractors

A REST API is meaningless if it cannot consume dynamic incoming data securely.

In Express or Django, you pull data out of a massive global request object (req.body.id). This approach relies entirely on runtime interpretation; if the body was malformed, the app crashes downstream.

Axum utilizes Extractors. An extractor is a Type you place directly into your function parameters. The Axum framework sees the physical type signature, intercepts the incoming HTTP Request, extracts the data perfectly, and injects it mapped directly into your function parameters natively ahead of time!

Path and Query Extractors

rust

use axum::{extract::{Path, Query}, routing::get, Router};
use std::collections::HashMap;

// We map '/users/:user_id' -> to this handler!
// Axum sees `Path(user_id)` and structurally extracts the URL Variable cleanly.
async fn specific_user(Path(user_id): Path<u32>) -> String {
    format!("Fetching data for User ID: {}", user_id)
}

// Axum sees `Query` and rips apart the `?sort=desc&limit=10` string.
async fn retrieve_items(Query(params): Query<HashMap<String, String>>) -> String {
    let limit = params.get("limit").unwrap_or(&"10".to_string());
    format!("Querying generic items with limit: {}", limit)
}

3. High-Speed Serialization with `serde`

When building APIs, JSON is the universal data format. The Rust ecosystem is monopolized by Serde (Serialize/Deserialize)—arguably the most powerful data serialization framework implemented in any language globally.

By appending the Serialize and Deserialize procedural macros above a custom Struct, Serde automatically generates blistering fast compilation logic mapping JSON text keys physically into typed binary Struct fields natively.

toml

[dependencies]
serde = { version = "1.0", features = ["derive"] }

rust

use axum::{extract::Json, routing::post, Router};
use serde::{Deserialize, Serialize};

// The Payload mapped natively from incoming JSON
#[derive(Deserialize)]
struct CreateUserPayload {
    username: String,
    email: String,
}

// The outgoing structural response mapping 
#[derive(Serialize)]
struct UserCreatedResponse {
    id: u64,
    status: String,
}

// The Json<T> Extractor consumes the Request Body!
// If the structural shape is invalid, Axum automatically sends a 400 Bad Request
// backward dynamically without this function ever executing!
async fn process_user_creation(
    Json(payload): Json<CreateUserPayload>,
) -> Json<UserCreatedResponse> {
    
    println!("Database write processing for: {}", payload.username);
    
    // We return our structurally typed response. 
    // Axum physically converts this into HTTP application/json strings natively.
    Json(UserCreatedResponse {
        id: 99451,
        status: String::from("PROCESSED"),
    })
}

4. State Management (Sharing Database Pools)

Your individual route handlers cannot instantiate entire database connections from scratch when invoked. You must initialize a global Data Pool at the server root, and structurally share it securely across all threads running the handlers.

We accomplish this using Axum’s .with_state() architectural bounding, typically wrapping our data in an Arc to allow thread-safe reference counting.

rust

use axum::{extract::State, routing::get, Router};
use std::sync::{Arc, Mutex};

// A highly generic Application State Configuration
struct AppState {
    global_visitor_count: Mutex<u64>,
}

#[tokio::main]
async fn main() {
    // 1. We allocate the State exactly once on the heap globally.
    let shared_state = Arc::new(AppState {
        global_visitor_count: Mutex::new(0),
    });

    // 2. We inject it into the Router configuration.
    let app = Router::new()
        .route("/tracker", get(hit_tracker))
        .with_state(shared_state); // Bootstrapped into the execution boundaries!

    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

// 3. We use the State Extractor mathematically to pull it into the route natively!
async fn hit_tracker(State(state): State<Arc<AppState>>) -> String {
    // Standard Mutex locking procedures!
    let mut count = state.global_visitor_count.lock().unwrap();
    *count += 1;
    
    format!("You are visitor number: {}", count)
}

Axum Framework Mechanics

	Example	Description
Extractors	`Json<T>, Path<T>, Query<T>`	Structs placed into Handler arguments. Instructs Axum to automatically parse the HTTP incoming Request before executing logic.
IntoResponse	`Json<Serialize\>, StatusCode`	The core generic Return Trait defining how internal data mappings correspond natively to standardized HTTP Response structures.
Shared State	`.with_state(Arc::new(T))`	The mechanism for deploying isolated singletons (like DB connections) structurally into concurrently mapped routing components securely.

Summary and Next Steps

Axum is a revolutionary web framework because it relies entirely on the Rust Compiler to perform heavily typed HTTP validations. By utilizing Extractors, you simply define the pure typed parameters your function mathematically requires, and if the incoming JSON packet or Query String breaks those boundaries, Axum implicitly halts the route independently and rejects the TCP packet structurally with 400 Bad Request.

However, an API isn't particularly useful without persistent storage. In our state example above, we incremented a local Mutex memory block. We need to structurally execute connections into PostgreSQL directly. But instead of relying on slow interpreted ORMs (like Hibernate or Prisma), we will exploit Rust Macros.

In the next module, we investigate SQLx to execute lightning-fast native queries that the Rust compiler actually physical tests against your Postgres clusters during execution builds!

Quick Knowledge Check

When architecting an endpoint taking a massive JSON payload using async fn post_data(Json(custom_struct): Json<Data>), what happens if the incoming JSON structurally lacks a required object key defined natively in Data?

The function executes normally, but the implicit missing parameter natively receives a 'null' mapping pointer inside the struct.
The Axum framework crashes the spawned tokio thread violently, propagating an unrecoverable Panic stack trace to the log matrix.
Axum safely intercepts the serialization failure before the function ever begins and automatically returns a standardized HTTP 400 Bad Request error string back to the client gracefully. ✓
The generic trait parameter requires the 'Default' impl block; it injects empty string allocations dynamically so the system can proceed.

Explanation: Axum evaluates Extractors (like Json<T\>) before it triggers your business logic handler. If the macro parsing step fails to deserialize perfectly (due to a missing key), Axum handles the structural failure internally, returning an HTTP 'Bad Request' error automatically.

Building REST APIs with Axum: Safe, Concurrent Routing

Building REST APIs with Axum: Safe, Concurrent Routing

1. Initializing an Axum Server

2. API Routes and Extractors

Path and Query Extractors

3. High-Speed Serialization with serde

4. State Management (Sharing Database Pools)

Summary and Next Steps

3. High-Speed Serialization with `serde`