I have a resource which cannot be updated (events). Hence I am allowing only Post & Get operations. (I haven't chosen PUT because the eventId is generated at server end and returned as part of response).
I already have a combination of three fields in the input which can be used to identify a unique resource.
Given this, if someone posts same request twice, this is what I am expecting to return
What should be the correct response code to return in both case 1 & case 2.
Thanks, Harish
If the call is idempotent, meaning case 1, I would expect it to return a 200 OK because it did not really fail, it's the same as updating with the same values when doing a PUT.
If the call is not idempotent, meaning case 2, then I would expect a 409 Conflict even if the user should not actually retry the call. That's because by what you said, a user is actually allowed to send a request with the same identifiers, provided that all of the other parameters are also the same.
Also, but this is just my gut feeling, if a user tried different parameters to see the different kind of response code, he could determine the current status of a resource even if maybe he was not allowed to read it. So, depending on the scope of your application, you may want to give the same response back.