I prefer simplicity and using the first example but I’d be happy to hear other options. Here’s a few examples:

HTTP/1.1 403 POST /endpoint
{ "message": "Unauthorized access" }
HTTP/1.1 403 POST /endpoint
Unauthorized access (no json)
HTTP/1.1 403 POST /endpoint
{ "error": "Unauthorized access" }
HTTP/1.1 403 POST /endpoint
{
  "code": "UNAUTHORIZED",
  "message": "Unauthorized access",
}
HTTP/1.1 200 (🤡) POST /endpoint
{
  "error": true,
  "message": "Unauthorized access",
}
HTTP/1.1 403 POST /endpoint
{
  "status": 403,
  "code": "UNAUTHORIZED",
  "message": "Unauthorized access",
}

Or your own example.

  • traches
    link
    fedilink
    English
    arrow-up
    6
    ·
    4 months ago

    Probably not great to return server stack traces. Otherwise, yeah

    • Tellore@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      It’s ok for internal admin panels and their backends as there are no security concerns in this case.