In a project that we're working on, we're consuming REST APIs delivered by services built by another team working for the same customer. We had a discussion about what were appropriate error codes to return for various situations. The discussion boiled down to: should a service return a 500 error code or a 400 error code when a request cannot be processed?
I took a quick look at the documentation for a couple of the larger REST API providers and they are using the 500 code only for catastrophic failure and using the 400 code for anything related to query-input validation errors.
The request was invalid or cannot be otherwise served. An accompanying error message will explain further.
Something is broken. Please post to the group so the Twitter team can investigate.
General error when fulfilling the request would cause an invalid state. Domain validation errors, missing data, etc. are some examples.
A generic error message, given when no more specific message is suitable. The general catch-all error when the server-side throws an exception. Use this only for errors that the consumer cannot address from their endnever return this intentionally.
For input validation failure: 400 Bad Request + your optional description. This is suggested in the book "RESTful Web Services".
Sign up for our Newsletter