Reputation: 3773
REST HTTP status code for error with side effects
I've got an HTTP POST method that has numerous validations. Some mean the request is flat out invalid, and we return a 400 Bad Request.
However, for some of them, even in the case of the request being invalid, we need to create a resource and return a representation in the body. What would be the correct status code to use?
200 OK seems wrong because the request was invalid
400 Bad Request seems wrong because we have created a resource as a result
Edit: the request is to link two objects in the system, in this case a member to a ticket. However, even if the request is invalid, for example because the ticket is already assigned to another member, we want to store a record of the request against the ticket in a 'ticketLink' table with a status of 'ticket-already-assigned', and return that validation message in the response.
Upvotes: 0
Views: 296
Answers (1)
Reputation: 57249
the request is to link two objects in the system, in this case a member to a ticket. However, even if the request is invalid, for example because the ticket is already assigned to another member, we want to store a record of the request against the ticket in a 'ticketLink' table with a status of 'ticket-already-assigned', and return that validation message in the response.
Short answer: 200.
Slightly longer answer
The POST method requests that the target resource process the representation enclosed in the request according to the resource's own specific semantics.
Since the API did that, successfully, the correct way to signal this is 200 with a content body providing additional information.
As is often the case in REST - the correct analog to use is that of a web site. Human being fills out a form, and hits the submit button to apply for a ticket. What comes back is an HTML document saying, "we're sorry, that's no longer available, here are some links to other options."
The status code 200 signals to the browser (and the intermediaries) that the document transport was successful.
The 4xx series all indicate that there was an error in the document transport; specifically that the request sent by the client was broken in some way. That's not the case here (where you are dealing with an error in the domain model).
Frankly, it's not even an error in the domain model, right? The model's not supposed to let you claim a ticket that has been claimed by somebody else; so it did the right thing.
The REST API consumer uses the message in the response, not the transport status code, to understand what the result of the processing was, and what protocols are now available.
Upvotes: 1
Related Questions
- What is the appropriate HTTP Status code to use in this scenario?
- What is the suitable HTTP status code when request is successful but has warning messages?
- HTTP status code for a partial successful request
- Correct HTTP Status Code for requests that has something wrong with the process but not an exception
- HTTP status code for inability to process request
- HTTP status code for failed serialization
- HTTP Response for Unsuccessful Handling of Request
- HTTP Status 200 with warnings?
- Correct HTTP status code for a not satisfiable REST request
- HTTP status code for "success with errors"?