Suggested HTTP REST status code for 'request limit reached'
Posted
by
Andras Zoltan
on Programmers
See other posts from Programmers
or by Andras Zoltan
Published on 2012-01-05T11:36:03Z
Indexed on
2012/07/11
15:23 UTC
Read the original article
Hit count: 313
I'm putting together a spec for a REST service, part of which will incorporate the ability to throttle users service-wide and on groups of, or on individual, resources. Equally, time-outs for these would be configurable per resource/group/service.
I'm just looking through the HTTP 1.1 spec and trying to decide how I will communicate to a client that a request will not be fulfilled because they've reached their limit.
Initially I figured that client code 403 - Forbidden
was the one, but this, from the spec:
Authorization will not help and the request SHOULD NOT be repeated
bothered me.
It actually appears that 503 - Service Unavailable
is a better one to use - since it allows for the communication of a retry time through the use of the Retry-After
header.
It's possible that in the future I might look to support 'purchasing' more requests via eCommerce (in which case it would be nice if client code 402 - Payment Required
had been finalized!) - but I figure that this could equally be squeezed into a 503 response too.
Which do you think I should use? Or is there another I've not considered?
© Programmers or respective owner