Http status for error response because of business exception. Syntax is correct and request makes sense

Question

There are many questions about proper response status, but I couldn't understand which status should I use for normal business exception. I've read definition of 400 and it seems to me like it for errors in communication.

The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

Lets say client wants to confirm some operation. He sends me absolutely correct, valid request which I understand and process. But confirmation code is not correct. So it's an error, but this error is normal and expected, our communication is correct. Or another example: client wants to withdraw some money from account. Again, request is correct and valid, but account doesn't have enough money. I'm going to use 400 now, but 400 seems to me for errors in communication between client and server, not in application logic. Maybe there is a more appropriate status for such errors? What do you use?

Answer 1

You can use HTTP 422 (Unprocessable Entity) for these cases. I prefer this rule to pick the http status codes:

• HTTP 200, 201, 204 when request processed successfully
• HTTP 422 when request violates some business rules
• HTTP 500 when unexpected exceptions are occured while processing request

Resource: A nice blog