CODEWITHSUNDEEP
httprestpostasp.net-web-apiput
meaning-matters
meaning-matters

Reputation: 22956

Which REST operation (GET, PUT, or POST) for validating information?

My users enter a few information fields in an iOS app. This information must be validated on my server, which has a RESTful API. After validation the UI of the iOS app changes to indicate the result.

Neither GET, PUT, or POST seem to be appropriate, because I'm not getting a resource, and neither is a resource created or updated.

What is the best fitting REST operation to implement this validation?

Upvotes: 60

Views: 38854

Answers (6)

arjun kumar
arjun kumar

Reputation: 545

I believe it is similar to GET entity but since we need to send data to validate and sending confidential data in URL is wrong habit as only payload data is ciphered by TLS, the only way left is POST or PUT.

However you may save or update the data in validate(eg. "verified":false). Based on requirement, you can go for POST or PUT (recommended POST if no update)

 POST /user/validate-something

Upvotes: 2

Vinay Pratap Singh
Vinay Pratap Singh

Reputation: 1

It seems like you're not doing it the correct way, if the validation is at the server-side then it should happen while submitting the data using a POST method. Then you'll validate that data, if validation fails then you can raise a 400 BAD REQUEST error, else you can create the resource.

This approach is more RESTful, as the POST method is properly used to create a resource or to raise 400 if validation fails

Upvotes: -2

Kamil Roman
Kamil Roman

Reputation: 1081

Google proposes use of Custom Methods for REST API

For custom methods, they should use the following generic HTTP mapping:

https://service.name/v1/some/resource/name:customVerb

The reason to use : instead of / to separate the custom verb from the resource name is to support arbitrary paths. For example, undelete a file can map to POST /files/a/long/file/name:undelete

Source: https://cloud.google.com/apis/design/custom_methods

So for validation the URL should be POST /resource:validate

Upvotes: 6

user1907906
user1907906

Reputation:

I recommend using a ValidationResource and two requests. Each instance of this resource represents the validation of a set of data. The workflow:

1. Create new ValidationResource

  • Request: POST /path/to/validations
    • data to validate as the body
  • Response: 201 Created
    • Location: /path/to/validations/<unique-id-of-this-validation>

2. Look up result

  • Request: GET /path/to/validations/<unique-id-of-this-validation>
  • Respons: 200 OK
    • body: {'valid': true} or {'valid': false}

This is a RESTful approach in which the Validation is a Resource with server state.

Upvotes: 10

Kristian
Kristian

Reputation: 21830

My users enter a few information fields in a iOS app. This information must be validated on my server, which has a RESTful API. After validation the UI of the iOS app changes to indicate the result....I'm not getting a resource, and neither is a resource created or updated.

Since you aren't saving anything (not modifying any resource), I'd think this is technically more RPC than RESTful to me.

The following is my opinion, so don't take it as gospel:

If the information is simply being submitted and you're saying yes or no, and you're not saving it, I'd say POST is fine..

If information were actually being saved / updated, then choosing the proper HTTP method would be a lot more relevant.

POST = CREATE / SUBMIT (in an RPC context)
PUT = UPDATE (or CREATE if there is nothing to UPDATE)

Upvotes: 15

Lukas K
Lukas K

Reputation: 6389

I use the same scenario as you and use PUT for it. You have to ask yourself: "when I send the same request twice, does this make a different state on server?" If yes, use POST, if no use PUT.

Upvotes: 19

Related Questions