HTTP response codes

Following your webservice request, you will obtain a HTTP code in order to inform you of the status of the request. If the request failed, it will be an error code which will help you determine what to do in order to rectify this error.

For each operation, the status code typically expected will be indicated at the bottom of the interface. This is however not a comprehensive list. Codes that might be encountered are explained in the following practical guide:

Response codes

200 OK

This is the general success code. This is the most common code, which indicates that the request was processed successfully.

201 CREATED

This code signals that the creation happened successfully (through a POST or PUT method). The 'Location header' field will contain a link towards the newly created resource. According to the case, there might be content in the 'Response body' field.

204 NO CONTENT

This code signals that the request was processed successfully but that there is no content in the "Response body" field. This is typically the case with the DELETE and PUT methods.

400 BAD REQUEST

This the general code to signal that the request leads to an invalid result. This might be because of validation domain errors, missing data,...

Repeating the request without modifying its syntax is useless, as it would result in the same error code.

401 UNAUTHORIZED

This code signals that the authentication parameters required for using the API are missing or invalid.

403 FORBIDDEN

This code is used when the user is not authorized to carry out the operation. This is not an authentication problem.

It might also mean that the resource is not available anymore for some reasons (such as time constraints,...)

404 NOT FOUND

This code is used when the requested resource could not be found.

It may also act as a general error code, for instance if the service does not want to display a 401 or 403 code for security reasons.

405 METHOD NOT ALLOWED

This code signals that the request URL exists, but that the HTTP method of your call cannot be applied. For instance, a 405 code will be obtained if one tries to use a POST method when the API does not accept this kind of method. In such a case, the 'Allow' field will display the authorized methods. In our example, we could obtain: 'Allow: GET, PUT, DELETE'.

409 CONFLICT

This code signals that complying to this request will create a conflict when it comes to the resource. This might for example involve duplicates, such as trying to create two profiles with the same information through a PUT method, or when one tries to delete a root object when cascade deletion is not supported.

The source of the conflict will be indicated in the response to the request.

429 TOO MANY REQUESTS

This code signals that you submitted too many requests concurrently or within a too short time span.

500 INTERNAL SERVER ERROR

This is the general error message when the server encounters an unexpected condition that prevent it from complying with the request. This code is never displayed intentionally, but only for errors that you cannot influence on your side.