Comments (4)
throwing in my 2 cents - i'm guessing either 400 or 403 would be the right code
status 400
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.
your question sounds like you think 400 might not be right since the JSON syntax was not malformed.
status 403
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.
i lean towards 403 because the server has understood the JSON but is refusing to use it and it's not an authorization issue. also, with 403, the server is permitted to provide a reason for refusal in the response.
from http-api-design.
I could go either way (400 or 403). It is well formed JSON but it is malformed or at least non-validating compared to the schema. I believe we presently are using 400 within the platform API, along with a json body that has an error id and error message in plain text. You can see some examples of that in committee's README here: https://github.com/interagent/committee#committeemiddlewarerequestvalidation
from http-api-design.
I think I landed on 400's in Committee, but I'm open to suggestions on the
issue if that's not quite theoretically correct.
On Fri, May 30, 2014 at 10:55 PM, Wesley Beary [email protected]
wrote:
I could go either way (400 or 403). It is well formed JSON but it is
malformed or at least non-validating compared to the schema. I believe we
presently are using 400 within the platform API, along with a json body
that has an error id and error message in plain text. You can see some
examples of that in committee's README here:
https://github.com/interagent/committee#committeemiddlewarerequestvalidation—
Reply to this email directly or view it on GitHub
#13 (comment)
.
from http-api-design.
I've been using 422 (along with an explanation in the response code), but I'm not sure how well that follows RFC 4918.
from http-api-design.
Related Issues (20)
- uuid in doubt HOT 4
- Dead link in about section HOT 1
- Guidance on implementing REST interfaces for state machine HOT 21
- I'm curious to know the reasoning for going with JSON Schemas instead of Swagger HOT 5
- How are you modeling authentication operation? HOT 1
- Using 409 Conflict for uniqueness checks HOT 2
- Create a website (Gitpage) HOT 3
- Traditional Chinese version, and add "List of Translations" HOT 5
- Consider adding language specific resources for implementing these principles HOT 1
- consider expanding error messaging as per white house guide HOT 7
- include more examples for main points HOT 9
- detail expansions
- Consider compatibility with jsonapi.org? HOT 8
- Why use UUID? HOT 12
- Paginating/ranging over non-unique fields HOT 15
- Pagination using Range cannot be consistent HOT 8
- Test Framework HOT 1
- The used time format is actually RFC5424, a subset of ISO8601 HOT 2
- Json with PLSQL ( PLJSON) HOT 1
- Links in README.md are 404 when viewed on Gitbook HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from http-api-design.