Http status code to a client when downstream provides invalid data

Question

There is a case when in order to fulfill API consumers' requests we are making a call back to a consumer to get additional data and it's possible that the additional data can be invalid. In that cases what is the best practice should we respond with 400 Bad Request HTTP status code or 500 Internal Server, because we got a valid request but we are not able to fulfill the request because of the wrong state? Thanks in advance.

Answer 1

If there was nothing wrong with the formatting of the request itself, but the state of some other resource was wrong, I think there's 2 possible ways to think about this:

1. If the client is responsible for "Additional data", and it's something they can repair, 409 Conflict might be the most appropriate. 409 effectively signals that the request a client sent could be correct in the future, if the bad state of 'Additional data' is repaired.
2. If 'Additional data' is an internal piece of the system that the client has little control over, I feel that a 5xx-category error is the most correct. The request was fine, but internal problems caused it to fail. The client doesn't care if it involved an a different system or not. The fact that it does, is an implementation detail.