When designing RESTful APIs, one of the fundamental decisions is choosing the appropriate HTTP verb for creating resources. While the HTTP standard doesn't explicitly specify whether POST or PUT should be preferred for a Create operation, understanding the nuances between these verbs is crucial for designing an effective API. Let's delve into the considerations and implications of using POST and PUT verbs for resource creation.
- Surrogate and Natural Keys: The choice between POST and PUT for resource creation can be elucidated by examining the distinction between Surrogate and Natural Keys. The server typically generates surrogate keys, while the client supplies Natural Keys. POST: Creates a sub-resource under the request URI. It is suitable when the server needs to return the URI of the created resource. Utilized in scenarios where the URI of the resource is determined by the server, such as in the Cash Card API where the URI depends on the generated ID. PUT: Creates or replaces a resource at a specific request URI. Appropriate when the resource URI is known at creation time.
- Resources and Sub-Resources: Another perspective to discern between POST and PUT is by considering resources and sub-resources. POST: Creates a sub-resource under or within the request URI. Applied in scenarios where the client initiates the creation of a child resource. PUT: Creates or replaces a resource at a specific request URI. Suitable for directly creating or updating a resource.
Response Body and Status Code:
Deciding whether to allow PUT for resource creation also involves determining the appropriate response status code and body.
Option 1:
Return 201 CREATED (for object creation) or 200 OK (for object replacement).
Recommended to include the object in the response body, especially if server-side data modifications are made.
Option 2:
Return 204 NO CONTENT and an empty response body.
Suitable when the client doesn't require any information back after the PUT operation.
In summary, while both POST and PUT can be utilized for creating resources, understanding the nuances and implications of each verb is essential for designing a robust and intuitive API. By carefully considering factors such as key types, resource relationships, and response handling, API designers can make informed decisions to ensure the effectiveness and clarity of their APIs.
Top comments (3)
I think one of the important distinctions, apart of what you mention and the origin of some those choices, is that, as per the RFC, PUT is idmepotent and POST is not. And PUT requests cannot be cached (but idempotent, huh!) but POSTS can be cached (setting the proper headers).
That means that repeating a PUT request must not create a different resource (hence the need for PUT to include its own identifying data) whereas POST requests are allowed to create a different resource if they are called with the same data (hence being able to create surrogate keys).
Just my 2ec
Just throwing this in here 😁
htmx.org/essays/how-did-rest-come-...
Great resource