Closed robknapen closed 4 years ago
I discussed this last week with Inge. Beside the status 500 also a valid message (json) is returned indicating the problem. So her suggestion was return a http 200 and a valid message (json) indicating issue. In many cases when a non http 200 code is returned textual results are either unexpected or no accessible.
I would prefer using the standardized http status codes (such as 400, 401, 403, 404) where appropriate.
If we do deviate from that we have to clearly document how we use the http codes and what custom json status messages clients should expect. And maybe make them more machine processable by adding an error code.
Will not be solved due to existence of V2
Currently when no token, an invalid or expired token, or a token with exceeded limits, is send in the request the server responds with a http 500 status (Internal Server Error). A 4xx error such as 401 makes more sense.