This question is about how to respond to retried POST
requests.
Although POST
doesn't have to guarantee idempotency, often we have to. For example, orders created by POST
ing to an /orders
resource should be able to be safely retried as the request or response can fail for many reasons (Stripe https://stripe.com/blog/idempotency recommends handling this via unique idempotency keys with each request).
Should the API respond with 201 Created
with the retried requests too or should it be 200 OK
? What is the recommended approach?
Returning 201
for a retried request doesn't seem correct as a preceding request may have actually created the resource and the retried one had no effect (eg. in the case of client not receiving the response when the resource was initially created which caused it to retry)
via ubi
No comments:
Post a Comment