RESTful APIs and Server Responses

Introduction

RESTful APIs

HTTP Requests

We can think of HTTP requests working similarly to how an online library system functions. It is possible to create searches that access the library’s database and return all books by a certain author or keyword. This is analogous to a GET request. We can request a book to check out, which will send information to the library, and is similar to a POST. And, if we’ve decided that we have chosen too many books to read, we can remove a book from our checkout list, much like a DELETE request would work.

What were to happen if we were requesting a book to checkout, but in the time that we were reading the book’s description, another user had reserved that same book? Let’s dive under the hood and explore how servers react to requests. In general, 200 level HTTP status codes represent successful requests, 300 level codes represent redirection, 400 level errors represent something wrong with the client request, and 500 level errors represent something wrong with the server.

Upon a successful search for a book in our online library website, we would likely get back a 200 OK message. Creating new resources in the server, such as when successfully completing a hold for a book, yields a 201 Created message. A common 300 level message is 301 Moved Permanently. This could happen if the library had a resource in the past, but the book was moved to a different branch.

400 level errors are a bit wider in scope. 401 Unauthorized messages result when authorization credentials are not present. Imagine not being logged in as a user but still requesting a book from the library. No bueno! 403 Forbidden requests happen when a user is authenticated but does not have permission for the particular resource. Think Harry Potter being a Hogwarts student and being able to access the library, but not any just book he pleased located in the restricted section (without permission from a professor). 404 Not Found errors happen when requesting unavailable resources. We can think back to our example here of requesting a book that has already been checked out, or books that were returned damaged and are currently being restored or repurchased and not currently available.

A request to the Youtube API will yield a 403 error without a valid API key.

Conclusion

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store