REST APIs use HTTP response codes to communicate status information. An API consumer should be able to inspect the HTTP response code and understand the status of its request.
Required Response Codes
The following response codes mustbe used when responding to requests.
Table 6. Response and Status Codes
HTTP Response Code
Returned after a successful operation when a response contains a body.
Returned after a successful POST. The response from a POST will also include a location in the header pointing to the newly added resource. A POST response will not contain a body.
Returned when the server has fulfilled the request, but does not return an entity body.
Returned when the client includes the “If-None-Match” header containing the requested resource’s last known entity tag.
Returned if the request is malformed. The body of the response may contain a descriptive error message.
Returned if the access token is invalid. The response will not contain a body.
Returned when the server is refusing to fulfill a request in situations such as the requesting client is not authorized to execute the requested action on the requested resource
Returned if a resource is not found. The response will not contain a body.
Returned when there is any type of referential integrity violation.
Returned if an “If-Match” header pre-condition fails.
Internal Server Error
Returned if the server encountered an unexpected error during the operation.
If an error occurs on the server, a 500 (Internal Server Error) code must be returned. A message in the body, containing the error details, should be provided. However, raw errors generated by system failures must not returned to the client to avoid inadvertently exposing any sensitive data or technical information to an attacker.
“code”: 500, “type”: “Internal Server Error”, “message”: “Unable to communicate with database”
API Guidelines Contents
Find out more about the Ed-Fi API Design & Implementation Guidelines: