restcontent-typehttp-status-codes

Create request with POST, which response codes 200 or 201 and content


Suppose I write a REST service whose intent is to add a new data item to a system.

I plan to POST to

http://myhost/serviceX/someResources

Suppose that works, what response code should I use? And what content might I return.

I'm looking at the definitions of HTTP response codes and see these possibilities:

200: Return an entity describing or containing the result of the action;

201: which means CREATED. Meaning *The request has been fulfilled and resulted in a new resource being created. The newly created resource can be referenced by the URI(s) returned in the entity of the response, with the most specific URI for the resource given by a Location header field. The response SHOULD include an entity containing a list of resource characteristics and location(s) from which the user or user agent can choose the one most appropriate. The entity format is specified by the media type given in the Content-Type header field. *

The latter sounds more in line with the Http spec, but I'm not at all clear what

The response SHOULD include an entity containing a list of resource characteristics and location(s)

means.

Recommendations? Interpretations?


Solution

  • The idea is that the response body gives you a page that links you to the thing:

    201 Created

    The 201 (Created) status code indicates that the request has been fulfilled and has resulted in one or more new resources being created. The primary resource created by the request is identified by either a Location header field in the response or, if no Location field is received, by the effective request URI.

    This means that you would include a Location in the response header that gives the URL of where you can find the newly created thing:

    HTTP/1.1 201 Created
    Date: Sat, 02 Apr 2016 12:22:40 GMT
    Location: http://stackoverflow.com/a/36373586/12597
    

    Response body

    They then go on to mention what you should include in the response body:

    The 201 response payload typically describes and links to the resource(s) created.

    For the human using the browser, you give them something they can look at, and click, to get to their newly created resource:

    HTTP/1.1 201 Created
    Date: Sat, 02 Apr 2016 12:22:40 GMT
    Location: http://stackoverflow.com/a/36373586/12597
    Content-Type: text/html
    
    Your answer has been saved! 
    Click <A href="/a/36373586/12597">here</A> to view it.
    

    If the page will only be used by a robot, then it makes sense to have the response be computer readable:

    HTTP/1.1 201 Created
    Date: Sat, 02 Apr 2016 12:22:40 GMT
    Location: http://stackoverflow.com/a/36373586/12597
    Content-Type: application/xml
    
    <createdResources>
       <questionID>1860645</questionID>
       <answerID>36373586</answerID>
       <primary>/a/36373586/12597</primary>
       <additional>
          <resource>http://stackoverflow.com/questions/1860645/create-request-with-post-which-response-codes-200-or-201-and-content/36373586#36373586</resource>
          <resource>http://stackoverflow.com/a/1962757/12597</resource>
       </additional>
    </createdResource>
    

    Or, if you prefer:

    HTTP/1.1 201 Created
    Date: Sat, 02 Apr 2016 12:22:40 GMT
    Location: http://stackoverflow.com/a/36373586/12597
    Content-Type: application/json
    
    { 
       "questionID": 1860645, 
       "answerID": 36373586,
       "primary": "/a/36373586/12597",
       "additional": [
          "http://stackoverflow.com/questions/1860645/create-request-with-post-which-response-codes-200-or-201-and-content/36373586#36373586",
          "http://stackoverflow.com/a/36373586/12597"
       ]
    }
    

    The response is entirely up to you; it's arbitrarily what you'd like.

    Cache friendly

    Finally there's the optimization that I can pre-cache the created resource (because I already have the content; I just uploaded it). The server can return a date or ETag which I can store with the content I just uploaded:

    See Section 7.2 for a discussion of the meaning and purpose of validator header fields, such as ETag and Last-Modified, in a 201 response.

    HTTP/1.1 201 Created
    Date: Sat, 02 Apr 2016 12:22:40 GMT
    Location: http://stackoverflow.com/a/23704283/12597
    Content-Type: text/html
    ETag: JF2CA53BOMQGU5LTOQQGC3RAMV4GC3LQNRSS4
    Last-Modified: Sat, 02 Apr 2016 12:22:39 GMT 
    
    Your answer has been saved! 
    Click <A href="/a/36373586/12597">here</A> to view it.
    

    And ETag s are purely arbitrary values. Having them be different when a resource changes (and caches need to be updated) is all that matters. The ETag is usually a hash (e.g. SHA2-256). But it can be a database rowversion, or an incrementing revision number. Anything that will change when the thing changes.