An Interest In:
Web News this Week
- March 24, 2024
- March 23, 2024
- March 22, 2024
- March 21, 2024
- March 20, 2024
- March 19, 2024
- March 18, 2024
Blank spaces : how to deal with nothing in API design
Consider the following HTTP endpoint:
GET /{user}/appointments
How do we deal with nothing?
Nothingman
If the user doesnt currently exist, return 404 this informs the caller that nothing can be done with this resource until it is created or recreated.
If the user exists, but we want to protect against username enumeration, return 404 this removes a route for malicious agents to identify actual users, perhaps prior to a password brute force. They may decide this endpoint is less likely to have the full protections afforded to the login endpoint. This endpoint should also avoid indirect enumeration, for example, returning immediately for user doesnt exist and delayed for user exists but were pretending because security
If the user exists but the caller doesnt have permission to see their appointments, return 403 the caller will have to log in or ask someone who has access.
Empty time
Given the selected user exists
If this user does not support appointments, return 404 these resources cant be found.
If this user does support appointments, but there are none, return an empty list.
_ note : some APIs will return 204 No Content
in this scenario. 204 should only be used for POST or PUT requests to indicate server action was a success, and theres no data to send back_
Empty space
Given the selected user exists
And they have at least 1 valid appointment (see the business rules for what valid means)
If the appointment has no location (because online conference links are saved elsewhere in the appointment body) then no location property should be returned
If the appointment has no location (because it is unknown) then the location property should be returned with no data (the empty string)
Original Link: https://dev.to/craignicol/blank-spaces-how-to-deal-with-nothing-in-api-design-185n
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To