I've done it a lot of times (and seen many people do so), but I start to wonder if it is appropriate :
if @record.save   # status 200 else   # failure of validations => status 422 end Now I see that 422 unprocessable entity means the request was well-formed, but not semantically correct. As I understood it, a validation error may not be a semantic error.
Note: I'm talking about uniqueness validations, so I'm not sure this qualifies as a user error, as in this question : What's an appropriate HTTP status code to return by a REST API service for a validation failure?
To sum up: should I stop using status 422 ? If so, what should I use instead ?
In most cases Eloqua's APIs will respond to requests with the standard HTTP status code definitions. If the API fails to validate a request, it will respond with a validation error message (JSON or XML) describing the issue. 400: "There was a parsing error."
The HyperText Transfer Protocol (HTTP) 422 Unprocessable Entity response status code indicates that the server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions.
The most common cause of the 422 Unprocessable Entityerror code is poorly written or corrupt database tables– these need to be repaired or deleted and recreated. This 422 error can also happen because a script is trying to run, but the server does not have permission for that particular file.
To solve this, you should always make sure to set the correct content type when posting data. In this case, you should set the Content-Type header to application/json when sending any JSON-formatted data to Redmine. Note that in principal, you can send XML data to Redmine and get JSON back.
NB: tried to do a detailed answer below poke's one, but it doesn't seem to be possible, so I will answer here.
I think using 422 for validation errors is fine.
The Webdav RFC doesn't say 422 means "semantic errors", it says the server was "unable to process the contained instructions" (see https://www.rfc-editor.org/rfc/rfc4918#section-11.2). "Semantic errors" are just quoted as an example use case.
500 is reserved for "an unexpected condition which prevented it from fulfilling the request" (https://www.rfc-editor.org/rfc/rfc2616#section-10.5.1).
500 is usually reserved for real errors, e.g. things that are not handled at all in your code, like crashes. Validation errors are handled, they are not "unexpected", and the client has to change the request so it can be processed (or not). In that sense, the client made the error (for instance submitting a malformed email address will throw a validation error but obviously it's not a server error, right?).
Most APIs I've seen use 400 or 422 for such cases. Maybe there's not one true answer to this, but saying that 500 is the obvious way to go seemed wrong to me.
Hope this helps.
I agree with jbbarth that it's not as simple as 422 vs 500.
422 is good for validation errors, but you don't want to be catching the db errors also.
This is the pattern I use:
if @record.invalid?   # failure of validations => status 422 elsif @record.save   # status 200 else   # failure when saving => status 500 end If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With