0

If I have a method to create a "car" entity, and as part of that it requires a "manufacturerID" but the manufacturer doesn't exist, what status code should I return?

400 to indicate that the request was invalid

or 404 to indicate that something related to the request doesn't exist?

I'm hesitating against 404 because it may imply that the endpoint doesn't exist, which isn't true, it's one of the parameters that doesn't exist.

Would 404 with an explanation of what doesn't exist be most appropriate? Or the more vague 400?

Steviebob
  • 1,705
  • 2
  • 23
  • 36

2 Answers2

0

400 because the request is malformed if it contains a none existent manufacture.

hardillb
  • 54,545
  • 11
  • 67
  • 105
  • Would that still apply if the manufacturer did exist when the request was performed, but was deleted by the time the server checked for it? (Not that you'd be able to differentiate between those scenarios I guess - probably splitting hairs at this point). – Steviebob Jan 11 '17 at 22:29
  • At if there is a race condition between the request being formed and the server processing it then it's still an error that should be flagged. I'd say it's world still be 400 as the server couldn't tell if it had been there in the first place – hardillb Jan 11 '17 at 22:32
-1

409 might be applicable (https://greenbytes.de/tech/webdav/rfc7231.html#status.409) -- the request would become valid once another resource is created.

Julian Reschke
  • 40,156
  • 8
  • 95
  • 98
  • 409 is meant for edit conflicts I don't it applies in this case – hardillb Jan 12 '17 at 09:00
  • The term "edit" does not appear in the definition of status code 409. – Julian Reschke Jan 12 '17 at 12:26
  • Thank you. After having a quick look at w3.org (https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.10) I found this line particularly relevant: "This code is only allowed in situations where it is expected that the user might be able to resolve the conflict and resubmit the request." In my scenario, the end user wont be able to resolve the issue themselves (it's an ajax request on a web page), so I think in this case 409 probably isn't the correct one to use (But would be if it was a more exposed api I guess). In light of this I think 400 might be more appropriate for my case. – Steviebob Jan 12 '17 at 20:48
  • OK. FWIW, RFC 2616 is outdated and irrelevant (but that doesn't affect this question). – Julian Reschke Jan 13 '17 at 06:28