What would the expected/proper HTTP status code on an action given the following:
400
)401
)403
)404
)501
)5xx
)The resource is currently disabled thus preventing the action from completing with the expected result. The user has the ability to change the state of the resource and retry the same request. Information on the why the resource could not do what was asked would be included in the response body.
My thought is that 409 Conflict
would be the best response as user could potentially change the state of the resource and resubmit the request, but maybe there's something better out there to indicate "This method is generally allowed by you, but the resource is currently in a state that prevents it from completing as expected."
HTTP response status codes indicate whether a specific HTTP request has been successfully completed. Responses are grouped in five classes: Informational responses (100–199) Successful responses (200–299) Redirects (300–399) Client errors (400–499) Server errors (500–599)
This error occurs when you enter HTTP instead of HTTPS in the connection. This error means that the system is under heavy load and your request can't be processed at this time. Important: In this case, we highly recommend that your client code back off and wait before retrying.
This response code means the expectation indicated by the Expect request header field can't be met by the server. 418 I'm a teapot The server refuses the attempt to brew coffee with a teapot. 421 Misdirected Request The request was directed at a server that is not able to produce a response.
This code is sent in response to an Upgrade request header from the client and indicates the protocol the server is switching to. This code indicates that the server has received and is processing the request, but no response is available yet.
Seems like that is the Internet's consensus, and I see nothing better here. See here for another similar question
409
This code is used in situations where the user might be able to resolve the conflict and resubmit the request. Source
This is then followed up
Conflicts are most likely to occur in response to a PUT request. For example, if versioning were being used and the representation being PUT included changes to a resource that conflict with those made by an earlier (third-party) request
That seems more like the entity shifted underneath the client while the client constructed a call, perhaps the assumption is the client asks for the allowed actions, before making the call(s). If you implemented that, I would say 409 is perfectly valid for your API since you provide the ability for clients to make only valid requests, unless someone else changes the entity.
Clearly you should be consistent, and document the response codes and their usage.
According to RFC 4918 (https://www.rfc-editor.org/rfc/rfc4918#section-11.2), you could use code 422 (Unprocessable Entity) to handle situations like it.
422 Unprocessable Entity
The 422 (Unprocessable Entity) status code means the server
understands the content type of the request entity (hence a
415(Unsupported Media Type) status code is inappropriate), and the
syntax of the request entity is correct (thus a 400 (Bad Request)
status code is inappropriate) but was unable to process the contained instructions. For example, this error condition may occur if an XML
request body contains well-formed (i.e., syntactically correct), but
semantically erroneous, XML instructions.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With