this post was submitted on 30 Aug 2024
129 points (99.2% liked)

Programming

17022 readers
402 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 1 year ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
129
What is your preferred API error response and why? (lemy.lol)
submitted 2 weeks ago* (last edited 2 weeks ago) by iso@lemy.lol to c/programming@programming.dev
90 comments fedilink hide all child comments
 

I prefer simplicity and using the first example but I'd be happy to hear other options. Here's a few examples:

HTTP/1.1 403 POST /endpoint
{ "message": "Unauthorized access" }

HTTP/1.1 403 POST /endpoint
Unauthorized access (no json)

HTTP/1.1 403 POST /endpoint
{ "error": "Unauthorized access" }

HTTP/1.1 403 POST /endpoint
{
  "code": "UNAUTHORIZED",
  "message": "Unauthorized access",
}

HTTP/1.1 200 (๐Ÿคก) POST /endpoint
{
  "error": true,
  "message": "Unauthorized access",
}

HTTP/1.1 403 POST /endpoint
{
  "status": 403,
  "code": "UNAUTHORIZED",
  "message": "Unauthorized access",
}

Or your own example.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] lengau@midwest.social 11 points 2 weeks ago (1 children)

At a previous job we had an unholy combination of the last two:

HTTP/1.1 200 POST /endpoint 
{
  "data": null,
  "errors": ["403", "unauthorized"],
  "success": false
}
[โ€“] BrianTheeBiscuiteer@lemmy.world 1 points 2 weeks ago (1 children)

That really is unholy and I also couldn't work there long if they thought that was OK (pun intended).

[โ€“] lemmyvore@feddit.nl 1 points 2 weeks ago

It's a perfectly fine way of doing things as long as it's consistent and the spec is clear.

HTTP is a transport layer. You don't have to use its codes for your application layer. It's often done that way but it's not the only way.

In the example above the transport layer is saying "OK I've delivered your output" which is technically correct. It's not concerned with logical errors inside what it was transporting, just with the delivery itself.