All geek questions in one place

Understanding REST Response and HTTP Status Code

I wanted to know how I should respond in my REST API.

Valid example:

http://blah.com/api/v1/dosomething/123

The above request is valid and I currently have a HTTP status of 200 with a JSON response

 { "dosomething": { "status": "OK", "results": "123" } }

Now my question is: if the passed parameter is invalid (I expect a string of integers), do I return an HTTP 200 out of 200 response and pass the error status to a JSON response or should something pass as an HTTP 400 response (invalid request) and a list of errors / problems with request in JSON response?

Error example:

 http://blah.com/api/v1/dosomething/123a

JSON answer:

 { "dosomething": { "status": "ERROR", "errors": [ "Value passed: |123a| must be a integer." ] } }

Again my question is, should I pass 200 or 400 HTTP status in the request, where the passed parameter is not what I expect? Or will it always be 200 response when the request is working?

What is considered best practice?

+1
source share
3 answers

Use 404. Always. 404. In other words, it is wrong to understand the nature of the URI and the resource. If http://blah.com/api/v1/dosomething/ identified the resource, and 123a was just a parameter for it, then other codes might make sense. But this is not so: http://blah.com/api/v1/dosomething/123 identifies the resource. If there is no such resource, return 404 Not Found .

You may have some implementation details that handle both http://blah.com/api/v1/dosomething/123 and http://blah.com/api/v1/dosomething/123a resources, but this is not a resource . From Roy Fielding dissertation :

"A resource is not a storage object. A resource is not a mechanism used by a server to process a storage object. A resource is a conceptual mapping - the server receives an identifier (which identifies the mapping) and applies it to its current mapping implementation (usually a combination of a deep tree specific to collections bypass and / or hash table) to find the handler implementations and the handler implementations then selects the appropriate action + response based on the contents of the request. associated with the implementation, hidden behind a web interface, and their nature can not be perceived by the client, which has access through "web interface.

+5
source

Edited by: 422 - wrong answer. I misunderstood the original question and gave an invalid answer. See Reply from @fumanchu: fooobar.com/questions/956149 / .... My answer below is incorrect.

I would suggest using "422 Unprocessable Entity" and include the failure information in the body of your response.

Status code 422 (raw entity) means server
understands the content type of the request object (therefore, 415 (Unsupported media type) is not suitable), and the syntax of the request object is correct (thus 400 (invalid request)
status code is not appropriate), but could not process the contained instructions. For example, this error condition may occur if the XML body of the request contains well-formed (i.e., syntactically correct), but
semantically erroneous XML instructions.

It is not acceptable to use “200 Ok” or any other status codes when dealing with errors.

PS List of status codes: http://www.iana.org/assignments/http-status-codes/http-status-codes.xml

+4
source

HTTP 400 is used to indicate a problem with the HTTP request itself (for example, an invalid HTTP header). Although you are not getting the expected parameters, the request is still a valid HTTP request, so I would respond to 200 responses, but include the missing parameter data in your JSON.

-2
source

Source: https://habr.com/ru/post/956149/

More articles:


All Articles