139
votes
Accepted
Should "No Results" be an error in a RESTful response?
When there are results, the output is a (JSON, based on your comment) list. For queries with no results, the output should be exactly the same. The list simply has 0 items in it.
So if your response ...
- 1,681
111
votes
Why do so many standards for JSON API response formats contain a "success" property in the response body instead of just using HTTP status codes?
Many people take HTTP status code as “successful communication with the server”.
Now if a customer wants to buy a US$200 item and has only US$100 in their account, the JSON response will be “failure, ...
- 49.4k
100
votes
Accepted
Should a REST API return a 500 Internal Server Error to indicate that a query references an object that does not exist?
I think a 404 response is the best semantic match here, because the resource you were trying to find (as represented by the URI used for the query) was not found. Returning an error payload in the ...
- 6,046
88
votes
Any technical reason not to use my own HTTP response code TEXT if I develop both server & Client?
The “status text” doesn't exist anymore in HTTP/2. There is only the numeric code. So you won't be able to use HTTP/2 (or later versions).
According to section 8.1.2.4 Response Pseudo-Header Fields of ...
- 909
58
votes
Accepted
Why do so many standards for JSON API response formats contain a "success" property in the response body instead of just using HTTP status codes?
A few potential reasons why you may wish to do this are:
the fact that some HTTP clients treat anything other than 2xx as an "exception" to be thrown, which can hide differences between ...
- 1,365
50
votes
Any technical reason not to use my own HTTP response code TEXT if I develop both server & Client?
While you may control all the clients and servers, you also has a third end you need to be aware of: the intermediates.
The intermediates are web servers, proxies, caches, web application firewall, ...
- 12.5k
46
votes
Should "No Results" be an error in a RESTful response?
Whenever deciding on an HTTP code, you should always ask this question:
What can/will/should any arbitrary client do with the response?
Should the client always treat the response as a failure? Then ...
- 5,578
44
votes
Accepted
Any technical reason not to use my own HTTP response code TEXT if I develop both server & Client?
An alternative approach would be to include a response body containing the detailed failure reason, for example in a JSON object. This would be comparable to the customized 404 pages which are often ...
- 18.6k
35
votes
Should a REST API return a 500 Internal Server Error to indicate that a query references an object that does not exist?
I will use your examples.
http://example.com/restapi/deviceinfo?id=123
If the endpoint returns a json array, the best choice for is 200 OK with a empty array if no result were found.
If the ...
- 2,504
28
votes
Should a REST API return a 500 Internal Server Error to indicate that a query references an object that does not exist?
HTTP 404 is correct, because the server understands what resource the client is asking for, but it doesn't have that resource.
The fact that you're working with a "REST API" is the key. The API ...
- 445
28
votes
Use 404 or 200 when null result (REST)
HTTP status codes in the 4xx range signify client errors. So I don't think that using a 404 is applicable here. If you were to consider it a client error, then you also say that the client must have ...
- 9,036
20
votes
Should "No Results" be an error in a RESTful response?
No. the use of 404 to indicate 'your query was processed but there were no matches' is awful because:
conditional flow based on exception handling (ie. forcing a non exceptional result to create and ...
- 84.6k
18
votes
Why do so many standards for JSON API response formats contain a "success" property in the response body instead of just using HTTP status codes?
There are inherent shortcomings in trying to fit a nuanced, complete API into the limitations of HTTP. The above examples provide some good points to why that's the case.
Here's another scenario we ...
- 189
17
votes
Accepted
Not prohibited, but disallowed -- which http error code should I return?
That sounds like a straightforward 403
You are implementing a rule to ban access to a resource for an unauthorised user - that's a 403
- 304
13
votes
Should a REST API return a 500 Internal Server Error to indicate that a query references an object that does not exist?
A 5xx error is typically used to indicate that the server encountered an error and cannot complete the request. If the server takes the request, can successfully parse it, and then does its work, that ...
- 85.9k
12
votes
Accepted
Error or not error?
Your manager is conflating an unexpected error with a willful refusal by the application to perform a requested action. What he says is correct about the former, but not the latter.
Anything that's ...
- 59.5k
10
votes
Should "No Results" be an error in a RESTful response?
Beyond @Ewan's very good answer:
If the query is the kind that returns a set of results, then the empty set is logically just as appropriate as a set of one, or a set of more. Generally speaking for ...
- 34.8k
7
votes
Accepted
Meaningful response to the user after his uploaded CSV was processed?
This depends on the way the CSV is created, maintained or fixed in case of errors, and on how the imported data will be processed after.
Let's start with the question of "all or nothing" vs. "reject ...
- 221k
7
votes
How to handle different json response for the same api rest endpoint and different http status
How you handle this depends on what you can do with the response data in the case you get a 401 from the server. REST does not obligate you to parse the response from the server. You won't get any ...
- 46.6k
6
votes
Should a REST API return a 500 Internal Server Error to indicate that a query references an object that does not exist?
A 500-series HTTP error indicates a server malfunction. Apart from 501 Not Implemented and 505 HTTP Version Not Supported, using these error codes carries the implication that retrying the request at ...
- 378
6
votes
Accepted
HTTP status 500 for missing file
Technically, if there's never a reason why this file should be unavailable when your application is configured and running properly, you probably should return a 500 (or 500 class error). It's an ...
- 31.1k
6
votes
Accepted
How do I create an HTTP PUT request that modifies the resource in many ways
A PUT request should completely replace the resource, so this is essentially a non-issue. If you want to update multiple aspects while keeping some information, PATCH is the right verb to use, and you ...
- 18.6k
6
votes
Accepted
Should I use http status code 402 in my api specification for api methods that allow payment?
No. 402 is quite non-standard, but if it was used, it would be used if a payment was required to connect to the server, and you couldn't connect to the server because you didn't pay for access to the ...
- 49.4k
6
votes
Why do so many standards for JSON API response formats contain a "success" property in the response body instead of just using HTTP status codes?
The other answers are good and cover most of the reasons I know of for this pattern. I'll add one more from experience: in some cases the request may be indirect (i.e. proxied from the initial ...
- 169
5
votes
Should "No Results" be an error in a RESTful response?
You're assuming the code has to take a special action when there is no data returned, but that might not be the case. The code might simply be looking for a product count, or appending the results to ...
- 135
5
votes
Which HTTP code has higher priority: 403 or 415?
From a security viewpoint, you want to disclose as little information as possible to an attacker.
By responding with a 415 code until they hit a supported format and sending a 403 then, you are ...
4
votes
Accepted
Most appropriate HTTP return code when record locked for update due to invalid data
Since this is a violation of a business rule (the format of a name does not conform to business requirements), the most appropriate code is probably 422 Unprocessable Entity.
On
developer.mozilla.org
...
- 10.4k
4
votes
Accepted
What's the most appropiate http status code for 'not possible' or 'not available'
409 conflict is often used for this sort of situation. It means your request conflicts with the current state of the resource.
It's also relatively common to use eTags and If-Match headers to make ...
- 149k
4
votes
Error or not error?
The HTTP protocol has a specific code for rate limiting 429.
Non-protocol errors should return 500 with a reason, which your client can then turn into an exception.
Here though I would simple silently ...
- 84.6k
4
votes
Error or not error?
The HTTP standard describes the status classes this way:
1xx (Informational): The request was received, continuing process.
2xx (Successful): The request was successfully received, understood, and ...
- 795
Only top scored, non community-wiki answers of a minimum length are eligible