[openstack-dev] [all] HTTP REST API error status code for out of quota errors

Ken'ichi Ohmichi ken1ohmichi at gmail.com
Tue Jun 3 00:58:27 UTC 2014

2014-06-03 9:21 GMT+09:00 Christopher Yeoh <cbkyeoh at gmail.com>:
> Hi,
> There's been a few patches like this floating around recently which fix the
> incorrect use of 413 as the http error code when a request fails because of
> the requestor is out of quota.
> https://review.openstack.org/#/c/95671/
> Now 413 is definitely wrong, but sometimes the change is made to 400 or 403.
> Having had a look around at different REST APIs (non openstack) out there,
> 403 does seem to be the most popular choice.
> Its not totally clear from the rfc (http://www.ietf.org/rfc/rfc2616.txt)
> what it should be, but 403 to me does seem to the most appropriate, and
> whilst its not a big thing I think we should at least be consistent about
> this across all our openstack REST APIs.

+1 for 403.
The 403 words
  "The server understood the request, but is refusing to fulfill it.
  Authorization will not help and the request SHOULD NOT be repeated."
would fit to out of quota.

Ken'ichi Ohmichi

More information about the OpenStack-dev mailing list