Harvey's Blog

Activity 30: HTTP Status Codes

Harvey Funda's photo
Harvey Funda
·

3 min read

Funda, Mark Harvey D. BSIT 4TH Year

Introduction to HTTP Status Codes

HTTP status codes in RESTful APIs are used to communicate the outcome of a client's request to the server. They provide clarity and standardization for both clients (users or applications) and servers about what happened during the interaction.

Here's an explanation of when and why these status codes are typically used:

1xx (Informational)

When used: Rarely in RESTful APIs; typically in more complex communication protocols.
Why used: To indicate that a request has been received and is in progress, or that the server is transitioning protocols (e.g., upgrading to WebSocket).

Example: 100 Continue might be sent if the server wants the client to proceed with sending a large payload after validating initial headers.

2xx (Success)

These codes indicate successful processing of the client's request.

  • 200 OK
    When used: For successful GET, POST, PUT, or PATCH requests where the response includes data.
    Why used: To confirm the request was received and processed without issues.

  • 201 Created
    When used: After a POST request that results in the creation of a new resource.
    Why used: To explicitly inform the client that a resource was successfully created. The response often includes a Location header with the URI of the new resource.

  • 204 No Content
    When used: For successful DELETE requests or other actions where no additional data is required in the response.
    Why used: To signal success without unnecessary data transfer, saving bandwidth.

3xx (Redirection)

Used when the client needs to take additional steps to complete the request.

  • 301 Moved Permanently
    When used: When an API endpoint changes permanently, redirecting the client to the new endpoint.
    Why used: To ensure backward compatibility and guide clients to the updated resource.

  • 304 Not Modified
    When used: In response to GET requests with caching headers (e.g., If-Modified-Since or ETag).
    Why used: To save bandwidth by avoiding redundant data transfer when the resource hasn’t changed.

4xx (Client Error)

Used to indicate problems with the client’s request.

  • 400 Bad Request
    When used: When the server cannot process the request due to invalid syntax, missing parameters, or unsupported formats.
    Why used: To prompt the client to correct their request. Example: Missing a required field in a JSON payload.

  • 401 Unauthorized
    When used: When the request requires authentication, but the client either didn’t provide it or used invalid credentials.
    Why used: To secure sensitive resources and enforce authentication.

  • 403 Forbidden
    When used: When the client lacks permission to access the resource, even with valid authentication.
    Why used: To enforce access control and indicate insufficient privileges.

  • 404 Not Found
    When used: When the requested resource doesn’t exist or the URL is incorrect.
    Why used: To inform the client that the resource is unavailable or nonexistent.

5xx (Server Error)

Indicates that the server encountered an issue while processing the request.

  • 500 Internal Server Error
    When used: When the server encounters an unexpected condition that prevents it from fulfilling the request.
    Why used: To indicate server-side issues, such as unhandled exceptions or misconfigurations.

  • 503 Service Unavailable
    When used: When the server cannot handle the request due to temporary overload or maintenance.
    Why used: To signal that the issue is temporary and might resolve after some time.

Why Status Codes Are Important in RESTful APIs

  1. Clarity: They provide a clear, standardized way to communicate outcomes.

    • Example: 404 Not Found avoids ambiguity when a resource is missing.

  2. Client Guidance: They help clients understand what went wrong or how to proceed.

    • Example: 401 Unauthorized prompts the client to supply credentials.

  3. Efficiency: Codes like 204 No Content and 304 Not Modified optimize responses, saving bandwidth.

  4. Debugging: 4xx and 5xx codes help identify whether issues are on the client or server side.

  5. Interoperability: Consistent use of HTTP status codes ensures that APIs can be easily consumed by various clients (e.g., browsers, mobile apps).