API design

See also

Library and Web API

• Use the parameter id only for application IDs, to avoid accidental errors.

• Don’t use status.HTTP_400_BAD_REQUEST. FastAPI uses it for request validation errors, which are reported to Sentry. Instead, use:

  • status.HTTP_403_FORBIDDEN, if not authenticated or authorized

    Note

    401 is only relevant to HTTP authentication. RFC 7325 states: “The server generating a 401 response MUST send a WWW-Authenticate header field”

  • status.HTTP_404_NOT_FOUND, if the resource is not found

  • status.HTTP_409_CONFLICT, if the resource already exists

  • status.HTTP_501_NOT_IMPLEMENTED, if the code path is not implemented

  • status.HTTP_422_UNPROCESSABLE_ENTITY for problems with the request, otherwise

  See also

  • 422 Unprocessable Content (MDN)

  • Choosing an HTTP Status Code