Reputation: 2965
Proper REST response for current user when no user is logged in
I have an endpoint that requests the current logged in user.
GET /user/current
source
If a user is found, the server sends 200 OK and the user object.
But what if no one is logged in? Should the server send back 200 Ok with an empty object?
This post asked a similar question:
For example you run a GET request for users/9 but there is no user with id #9. Which is the best response code?
The top answer was 404 Not Found. But this doesn't seem correct to me for a current user request with no logged in user. In this case the answer was found- the answer is that no user is logged in.
Upvotes: 3
Views: 1114
Answers (2)
Reputation: 19939
401 would be valid only when authorization is required for making that call to that end point and it was not provided.
If that's an endpoint which doesn't require authentication then 404 is correct
You can also use 200 with current user as null if the response is usually a json string . If it's usually a json array return empty array with status 200 .
You can also use 204 no content
Upvotes: 1
Related Questions
- How to get current logged in user using Wordpress Rest Api?
- REST API responses based on authentication, best practices?
- REST - API design to get resources for current user
- Designing URI for current logged in user in REST applications
- How to get current logged user data in a RESTful way?
- How to design URL to return data from the current user in a REST API?
- Is leaving out the current user ID in a REST endpoint bad practice?
- Should I return a 401 or a 405 response code to a REST API user without sufficient access?
- Using GET method in RESTful API where authentication is required
- REST server response to authorization