See below the request headers and response codes of File API.
| Header Name |
Description |
| Content-Type |
The content type of the resource in case the request has content in the body. Example: Content-Type:multipart/related;boundary=foo_bar_baz |
| Authorization |
The information required for authentication |
| Accept |
The Accept request-header can be used to specify the media types which are acceptable for the response. Example: Accept:application/octet-stream |
Response codes
| Type |
Responses |
Situation |
| Success Codes |
200 OK |
Synchronous read, update, and delete operations |
| 201 Created |
Synchronous create requests |
|
| 202 Accepted |
A-synchronous operations |
|
| 204 No Content |
Referring to non-existing entity (e.g. after delete) |
|
| Redirection Codes |
304 Not Modified |
Resource has not been modified. |
| 308 Permanent redirect |
Resource has permanently moved. |
|
| Invalid Request Errors |
400 Bad request |
Bad Request (e.g. validation errors) |
| 401 Unauthorized |
Not Authorized: Missing or invalid access token |
Reasons for having authentication errors are:Wrong credentials, Expired credentials, Unauthorized access tokens, Expired access tokens |
| 403 Forbidden |
Not Authorized: Authenticated, but user has no access to the API |
|
| 404 Not Found |
Invalid URL: Item does not exist (anymore). The canonical identifier (collection/{canonical id}) cannot be found. Not Authorized: Authenticated, access to api, but user has no access to to the resource (data authorization). From a security standpoint we don’t expose the reason why the object could not be found because an attacker can use this to figure out the internals of our system. |
|
| 409 Conflict |
Concurrency problem: Record changed by another user |
|
| Server Errors |
500 Internal server error |
Server Error (e.g. database failure, event could not be send) |
| 503 Service unavailable |
Server Error (resource temporary not available) |
|