what is the best Http code to identify idempotent operation conflict
Asked Answered
H

2

7

i develop res service at which it take unique id parameter each call, but when the same id used more than once it should retrieve the same response was retrieved the first time and status code specify error, i am looking for the best status code for that , some post use "409 Conflict" and some "406 Not Acceptable", which to use ?

Hypergolic answered 12/3, 2017 at 10:32 Comment(1)
As Asoul answer '409' should be closer to your need. But 409 means "the request is rejected, please correct" and you said it "it should retrieve the same response was retrieved the first time". How should the client react to this response ? What is the purpose of the unique id parameter ? Access control ? transaction ? Are you in a read request (GET) or an update request (POST/PUT) ? If it is for access control, you should return other codes like 401 Unauthorized.Pastiness
E
12

409 is better, because 406 is mostly used to represent header not acceptable.

406 Not Acceptable The requested resource is capable of generating only content not acceptable according to the Accept headers sent in the request.

409 (Conflict) means your request is duplicated.

409 Conflict Indicates that the request could not be processed because of conflict in the request, such as an edit conflict between multiple simultaneous updates.

Enlargement answered 12/3, 2017 at 10:41 Comment(0)
G
8

I would like to put a different opinion on the table. "Why should we return 409 always and bother client to handle these scenarios? Why should client be bothered about if item was created as part of current request or one of past tries?"

I feel for a simple scenarios like "POST on collection to create a resource instance" client could be simplified if server returns 201 even in the case of idempotent response.

However, we should also make sure that this simplification does not create confusion in some scenarios like: Resource was created with initial version V1 by POST request from a client. This resource then get updated and moves to version V2. Now for some reason the initial client retries POST request with the same Idempotency token. I believe the later one should be returned as 409, since this is a conflict.

POST is expected to create an initial version of the resource with the data present in request. Since this is duplicate request, we would rather fetch existing resource instance and return to client. That resource state may not have all fields as specified in the create request, and hence conflicting.

Gastrology answered 25/5, 2022 at 9:2 Comment(1)
Hi, I agree. Additionally what about if the first job is still in processing so not already successful processed or in error waiting for an retry. The client should be also aware about it, as long as it's not a status polling which should be on a different endpointKo

© 2022 - 2024 — McMap. All rights reserved.