There is a case when in order to fulfill API consumers' requests we are making a call back to a consumer to get additional data and it's possible that the additional data can be invalid. In that cases what is the best practice should we respond with 400 Bad Request HTTP status code or 500 Internal Server, because we got a valid request but we are not able to fulfill the request because of the wrong state? Thanks in advance.

CodePudding user response：

If there was nothing wrong with the formatting of the request itself, but the state of some other resource was wrong, I think there's 2 possible ways to think about this:

1. If the client is responsible for "Additional data", and it's something they can repair, 409 Conflict might be the most appropriate. 409 effectively signals that the request a client sent could be correct in the future, if the bad state of 'Additional data' is repaired.
2. If 'Additional data' is an internal piece of the system that the client has little control over, I feel that a 5xx-category error is the most correct. The request was fine, but internal problems caused it to fail. The client doesn't care if it involved an a different system or not. The fact that it does, is an implementation detail.

CodePudding user response：

HTTP error codes can be defined based on the action the service going to perform with the additional data provided by the client. If it is for a search operation then you can use 404 for the resource not found or 400 for the malformed or invalid data. 5xx series are very sensitive in nature, that means your client may have many additional work flows defined if 5xx returned, such as retries (Standard or Long), which may end up in cumbersome issues when processing real time data.