Submit social housing lettings and sales data (CORE)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

640 B

parent
Architecture decisions

012: Controller HTTP return statuses

Controllers assess authentication by 3 criteria:

  1. Are you signed in at all?
  2. Are you signed in and requesting an action that your role/user type has access to?
  3. Are you signed in, requesting an action that your role/user type has access to and requesting a resource that your user has access to.

When these aren’t met they fail with the following response types:

  1. 401: Unauthorized. Redirect to sign-in page.
  2. 401: Unauthorized
  3. 404: Not found.

This helps make it harder to determine whether a resource exists or not just by enumerating ids.