Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the HTTP status code for License limit reached

I want to know what is the ideal HTTP status code an API should return when a user's license has reached?

Initially I was thinking its 402 (Payment Required) but this is not my scenario. My case is if my user has a limit to add 10 plugins, if she tries to add the 11th plugin they should get an error that their limit has reached.

Please help me with the appropriate HTTP status code for this.

Thanks in advance

like image 494
Phantom007 Avatar asked Aug 30 '16 07:08

Phantom007


Video Answer


2 Answers

There's no HTTP status code for quota exceeded, however there are a few HTTP status code that would be suitable for this situation provided you add a good description in the response payload.

If the quota of requests has been exceeded, but more requests could be performed upon a payment, you could consider the 402 status code (even though the documentation says it's reserved for future use, its reason phrase is pretty clear and defines well its purpose):

6.5.2. 402 Payment Required

The 402 (Payment Required) status code is reserved for future use.

You could use 403 to indicate the request is forbidden when the quota of requests has been exceeded. A good description in the request payload is always welcome:

6.5.3. 403 Forbidden

The 403 (Forbidden) status code indicates that the server understood the request but refuses to authorize it. A server that wishes to make public why the request has been forbidden can describe that reason in the response payload (if any). [..]

If you are applying restrictions on the number of requests per hour/day, the 429 status code may be suitable for your needs (however this status code is used by a server to indicate that too many requests have been received in a short amount of time, that is, the client is throttling):

4. 429 Too Many Requests

The 429 status code indicates that the user has sent too many requests in a given amount of time ("rate limiting").

The response representations SHOULD include details explaining the condition, and MAY include a Retry-After header indicating how long to wait before making a new request.

For example:

HTTP/1.1 429 Too Many Requests
Content-Type: text/html
Retry-After: 3600

<html>
   <head>
      <title>Too Many Requests</title>
   </head>
   <body>
      <h1>Too Many Requests</h1>
      <p>I only allow 50 requests per hour to this Web site per
         logged in user.  Try again soon.</p>
   </body>
</html>

Note that this specification does not define how the origin server identifies the user, nor how it counts requests. For example, an origin server that is limiting request rates can do so based upon counts of requests on a per-resource basis, across the entire server, or even among a set of servers. Likewise, it might identify the user by its authentication credentials, or a stateful cookie.

Responses with the 429 status code MUST NOT be stored by a cache.

The HTTP status codes are extensible. If the aboved mentioned status codes do not fit your needs, you could create your own status. Since it's a client error, the new status code should be in the 4xx range.

like image 106
cassiomolin Avatar answered Nov 17 '22 14:11

cassiomolin


422 Unprocessable Entity should work in this case. The request itself is well formed sytactically. The problem is in the current conditions, because the user reached the limit. The error response should be helpful how to solve this status quo. https://httpstatuses.com/422

My second bet is 409 Conflict but is tied to versioning and colliding changes. https://httpstatuses.com/409

like image 30
Szabolcs Heilig Avatar answered Nov 17 '22 12:11

Szabolcs Heilig