CODEWITHSUNDEEP
.netweb-serviceshttp
user11937
user11937

Reputation:

HTTP Web Service and HTTP Response codes

I'm writing a Plain Old XML HTTP request/response service and am looking for advice as to how to respond to the caller.

Given that the response is XML, would you advise:

  1. Return HTTP Status 200 all the time, and embed the response success/failure inside the XML, using a kind of "return code" approach? e.g. <myResponse><returnCode></returnCode><myPayload/></myResponse>

  2. Use the HTTP Status Codes to indicate success or failure.

This may be similar to this question.

Upvotes: 2

Views: 1674

Answers (2)

Erik Philips
Erik Philips

Reputation: 54656

Google and Amazon services use returning 200 only if your request was valid AND the response is valid.

For example using Google Contact API

  • If you request a Contact that exists: 200 + XML/Json of Contact
  • If you request a Contact that does not exists: 404 + Xml/Json with Details
  • If your request is formatted improperly: 400 + Xml/Json with Details
  • If you have not sent the authorization token: 401 + Xml/Json with Details
  • If you attempt to Insert a contact using Get or Put: 405
  • If you Attempt to Insert a Contact using Post: 200 (assuming the request contant was valid)
  • If you Attempt to Update a Contact using Get or Post: 405
  • If you attempt to Update a Contact using Put: 200 (assuming the request contant was valid)
  • If you Attempt to Delete a Contact using Get, Put, Post: 405
  • If you attempt to Delete a contact using Delete: 200 (assuming the request contant was valid)

I would highly recommend you do NOT always return a 200. The HTTP Status codes are designed around a response code result that represents the request. As shown above, if you request is not correct, then using HTTP Status codes is a valid solution.

I would recommend using a 5XX if there is a problem on your end. I really wish Google would do this. (At one point their Experimental OAuth 2.0 endpoint was not working, and instead of throwing a 503 - Service Unavailable, I was getting a 400 - Bad Request, which made me thing I was doing something wrong....)

For descriptions of the HTTP Status Codes check out RFC2616.

Upvotes: 1

spullen
spullen

Reputation: 3317

I would think that you'd want to go with option 1 because your request could be successful but something fails on the backend in your api. I wouldn't return a response code of 200 all the time though, you could run into a case where say the url for the web service doesn't exist, in that case you'd want to return the appropriate response code.

Upvotes: 0

Related Questions