Correct HTTP response code for Delete API if resource is in use and cannot be deleted

Question

I am working on a API which requests deletion of a resource. If the resource is in use i.e. has a reference with some other type of resource then it's not allowed to delete it. Also its highly unlikely that the resources in use will ever be freed up and would be eligible for deletion in future. What should be the response code of DELETE API in such scenarios ?

Answer 1

If disallowing deletion of a resource under certain circumstances is a business rule that the client should be aware of, an appropriate return code would be 400 (Bad request).

If the client can resolve the issue through action, by e.g. deleting the referencing resource first, another more specific code might be 409 (Conflict).

In either case the server should provide an explanation to the client as per https://www.rfc-editor.org/rfc/rfc7231#section-6.5.

According to RFC-7231 (6.5.5) the 405 (Method Not Allowed) response code is cacheable and therefore might not be suitable for an endpoint where the chances of a subsequent request returning a different response code is merely 'highly unlikely' rather than impossible (according to the systems rules).

The 500 class of codes would not be appropriate because these indicate that deletion of the resource should be possible (according to the systems rules), but that the server was incapable of doing it for some reason. see RFC-7231 (6.6)