See below the request headers and response codes of File API.
Header Name |
Description |
Content-Type |
The content type of the resource in case the request has content in the body. Example: Content-Type:multipart/related;boundary=foo_bar_baz |
Authorization |
The information required for authentication |
Accept |
The Accept request-header can be used to specify the media types which are acceptable for the response. Example: Accept:application/octet-stream |
Response codes
Type |
Responses |
Situation |
Success Codes |
200 OK |
Synchronous read, update, and delete operations |
201 Created |
Synchronous create requests |
|
202 Accepted |
A-synchronous operations |
|
204 No Content |
Referring to non-existing entity (e.g. after delete) |
|
Redirection Codes |
304 Not Modified |
Resource has not been modified. |
308 Permanent redirect |
Resource has permanently moved. |
|
Invalid Request Errors |
400 Bad request |
Bad Request (e.g. validation errors) |
401 Unauthorized |
Not Authorized: Missing or invalid access token |
Reasons for having authentication errors are:Wrong credentials, Expired credentials, Unauthorized access tokens, Expired access tokens |
403 Forbidden |
Not Authorized: Authenticated, but user has no access to the API |
|
404 Not Found |
Invalid URL: Item does not exist (anymore). The canonical identifier (collection/{canonical id}) cannot be found. Not Authorized: Authenticated, access to api, but user has no access to to the resource (data authorization). From a security standpoint we don’t expose the reason why the object could not be found because an attacker can use this to figure out the internals of our system. |
|
409 Conflict |
Concurrency problem: Record changed by another user |
|
Server Errors |
500 Internal server error |
Server Error (e.g. database failure, event could not be send) |
503 Service unavailable |
Server Error (resource temporary not available) |
|