Archived 2022.11.20. Content moved to error scenarios and responses.
Question
The HTTP methods supported by a Data Holder (DH) are GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, and TRACE. The HTTP methods not supported are COPY, LINK, UNLINK, PURGE, LOCK, UNLOCK, PROPFIND, and VIEW.
If the DH receives a request for an unsupported HTTP method, the HTTP specification suggests the response should be a 501 error. See RFC 7231, 6.6.2.
The CDS Get Accounts API specifies that in the event of a client error, a 4xx error should be sent, along with the x-fapi-interaction-id
.
Is it correct to send the 4xx error for client errors that use a supported HTTP method, and the 501 error for client errors that use an unsupported HTTP method? Should the x-fapi-interaction-id
be sent with the 501 error?
Answer
This comes down to whether the server recognises the method requested or not. If the DH server implementation does recognise the method, but does not support it, the RFC states a 405 is required.
Some interpretation is necessary, and there are specific considerations with respect to implementation. Whether you return a 405 or 501 is at your discretion.
In 5xx cases, the x-fapi-interaction-id
SHOULD be included if it is possible to do so.
See:
Comments
0 comments
Please sign in to leave a comment.