CODEWITHSUNDEEP
javaspringspring-boot
ayush
ayush

Reputation: 714

How to choose correct HTTP Response code for REST API endpoint: Spring Boot

I am working on Spring Boot Applications to develop REST APIs for Mobile Applications.
Examples of endpoints are-

  1. When creating an entity-
@PostMapping("/new-user")
    public ResponseEntity<SuccessResponse<UserDto>> createUser(
            @Valid /* Enable validation */ @RequestBody UserDto userDto) {
        UserDto createdUserDto = this.userService.createUser(userDto);
        SuccessResponse<UserDto> successResponse = new SuccessResponse<>(AppConstants.SUCCESS_CODE,
                AppConstants.SUCCESS_MESSAGE, createdUserDto);
        return new ResponseEntity<>(successResponse, HttpStatus.OK);
    }

Response in this case is like-

{
    "data": {
        "userId": 2,
        "token": "eyJhbGciOiJIUzI1NiJ9.eyJzd3-WIiOiJheXVzaDIwYXBydwaWxAZ21haWwuY29tIiwiZXhwIjoxNjc4NzEyNjIyLCJpYXQiOjE2Nzg3MTI1NjJ9.xLNdJ4L4JjmnN3pkkp3gm3RrzLU6lBG2-mGLHn4f_Pg"
    },
    "status": "Success",
    "code": "2000"
}
  1. When an exception occurs-
 @ExceptionHandler(DuplicateResourceException.class) // add comma separated list of Exception classes
    public ResponseEntity<ApiResponse> duplicateResourceFoundException(DuplicateResourceException ex) {
        ApiResponse apiResponse = new ApiResponse(ex.getMessage(), AppConstants.ERROR_CODE, AppConstants.ERROR_MESSAGE);
        return new ResponseEntity<ApiResponse>(apiResponse, HttpStatus.OK);
    }

Response in this case is like-

{
    "message": "2002",
    "code": "Token is expired",
    "status": "Error"
}

My question-
The above APIs work as expected, giving the response with status code 200 in both cases. I have added a custom status code as part of the API response.
Now, my question is, is it right to provide custom status code and check it on the client side (like 2000 for success, 2001 for failure and 2002 for error), or should I use the Http Status like 200 for success, 201 for created, 404 for not found in ResponseEntity?
I want to ensure that I follow the right convention.

Upvotes: 0

Views: 551

Answers (1)

VoiceOfUnreason
VoiceOfUnreason

Reputation: 57257

Now, my question is, is it right to provide custom status code and check it on the client side (like 2000 for success, 2001 for failure and 2002 for error), or should I use the Http Status like 200 for success, 201 for created, 404 for not found in ResponseEntity?

HTTP status codes are meta-data of the transfer-of-documents-over-a-network domain. They are used to communicate to general-purpose HTTP components (browsers, proxies, etc) the semantics of the response message.

You almost never want to be using bespoke status codes in the HTTP response line - because general purpose components aren't going to know what they mean, and are therefore going to interpret them in some general way (so you don't gain much advantage from using a standardized code).

Using bespoke codes, messages, identifiers in the response body is fine. The HTTP application protocol really doesn't care very much about the semantics of the documents you are passing over the network.

Upvotes: 0

Related Questions