Reputation: 429
RESTful API: What METHOD/HEADER combo to use for validation-only
I would like my API to have a validation-only request. For example, if I have a URL such as:
http://api.somesite.com/users/12345
and the user is filling out a form of information on a client that I will eventually PATCH/PUT/POST to that resource. As the user is filling out the form, I might want to send over their partially-complete updated representation over to the server periodically so I can display realtime validation of their input (e.g., "That username is already taken", "That password is too short").
There isn't a standard HTTP METHOD or HEADER that seems to allow for this behavior on that same resource. It seems my options are:
- Create a new subordinate resource for validation
- Use a custom header (x-somesite-validation-only) and PUT indicating that I want to validate but not save
Upvotes: 8
Views: 5217
Answers (2)
Reputation: 2878
Some options
1) Use custom header
2) Put something in the query string indicating to validate only
3) Use Action URl e.g. \IndividualClient\123\actions\Validate\Invoke {section 19 here http://restfulobjects.files.wordpress.com/2011/11/restful-objects-spec-052.pdf}
4) Hierarchical URL e.g. \IndividualClient\123\Validation
From this post I find this advice
Do use POST whenever you have to do something that feels RPC-like Do use GET for things like calculations, unless your input is large, in which case use POST
With regard to your specific question, POST should be used for #4 and #5. These operations fall >under the "RPC-like" guideline above. For #5, remember that POST does not necessarily have to >use Content-Type: application/x-www-form-urlencoded. This could just as easily be a JSON or CSV >payload.
Here is what I'm considering:
This is the add of a resource :
user/validation
POST
Request:UserResource
Response:ValidationResult
Response Codes 200, 400. 404. 500
This is the update of a resource
user/204/validation
POST
Request:UserResource,
Response:ValidationResult
Response Codes 200, 400. 404. 500
Upvotes: 5
Reputation: 6814
Thrid option would be to implement a validation function on the client. This function would then send specific request when it need specific information.
For example, you don't really need to send a request to check if a password is too short. But you could send a single request to check if a username exists.
This is how validation is done with Ajax, which btw is using Restful API (HTTP):)
Upvotes: 0
Related Questions
- How to expose a validation API in a RESTful way?
- Best Approach for Http Request Handling from Api
- What is the correct REST method for performing server side validation?
- POST or GET for a validation of some data endpoint in REST?
- RESTful way of performing validation
- REST API + Frontend - Validation Best Practices
- RESTful service, how to respond if validation failed?
- REST practices for validating a resource
- Recommended pattern for REST service which requires HTTP headers?
- Web service API for validating parameters, REST or else?