Menu
I am building an application with a REST-based API and have come to the point where I am specifying status codes for each requests.
What status code should i send for requests failing validation or where a request is trying to add a duplicate in my database?
I've looked through http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html but none of them seems right.
Is there a common practice when sending status codes?
564
409 Conflict - Client attempting to create a duplicate record, which is not allowed. 410 Gone - The requested resource has been deleted. 411 Length Required - The server will not accept the request without the Content-Length Header.
If the request syntax is correct but the server does not want to execute it due to validation errors : use 422.
The HTTP 201 Created success status response code indicates that the request has succeeded and has led to the creation of a resource.
The HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource.
For input validation failure: 400 Bad Request + your optional description. This is suggested in the book "RESTful Web Services". For double submit: 409 Conflict
Update June 2014
The relevant specification used to be RFC2616, which gave the use of 400 (Bad Request) rather narrowly as
The request could not be understood by the server due to malformed syntax
So it might have been argued that it was inappropriate for semantic errors. But not any more; since June 2014 the relevant standard RFC 7231, which supersedes the previous RFC2616, gives the use of 400 (Bad Request) more broadly as
the server cannot or will not process the request due to something that is perceived to be a client error
90
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
