http structure - Notes By ShariqSP
Understanding HTTP Request and Response Properties in Postman
HTTP (Hypertext Transfer Protocol) is the foundation of communication on the web, and it consists of requests and responses that pass between clients and servers. When using Postman, a tool for testing and automating API requests, it’s essential to understand the structure and properties of HTTP requests and responses to make effective API calls.
1. HTTP Request Properties
An HTTP request is a message from a client (like Postman) to a server to perform an action, such as retrieving or updating data. The key properties of an HTTP request include:
- HTTP Method: Defines the type of operation to be performed. Common methods include:
- GET: Requests data from a server. Example: Retrieving user details.
- POST: Submits data to be processed. Example: Adding a new user.
- PUT: Updates existing data. Example: Modifying a user’s information.
- DELETE: Deletes specified data. Example: Removing a user.
- URL (Uniform Resource Locator): The endpoint where the request is sent. It consists of the server's address and, optionally, a path to the resource (e.g., `https://api.example.com/users`). In Postman, the URL can be entered directly into the request bar.
- Headers: Metadata providing information about the request. Common headers include:
- Content-Type: Specifies the data type being sent, such as `application/json` or `application/xml`.
- Authorization: Used for authentication, often containing a token.
- Accept: Indicates the response format expected (e.g., `application/json`).
- Body: Data sent with the request, especially for methods like POST and PUT. In Postman, you can choose the format of the body (JSON, XML, form-data, etc.). For instance:
{ "name": "John Doe", "email": "johndoe@example.com" } - Query Parameters: Key-value pairs appended to the URL, typically used for filtering or sorting results. Example: `https://api.example.com/users?age=25&status=active`.
2. HTTP Response Properties
The server sends back an HTTP response after processing the client’s request. Key properties of an HTTP response include:
- Status Code: A three-digit code that indicates the result of the request. Common status codes are:
- 200 OK: The request was successful.
- 201 Created: The request was successful, and a new resource was created (common for POST requests).
- 400 Bad Request: The server couldn’t understand the request due to invalid syntax.
- 401 Unauthorized: Authentication is needed, or it failed.
- 404 Not Found: The requested resource could not be found.
- 500 Internal Server Error: The server encountered an error.
- Headers: Provide metadata about the response. Examples include:
- Content-Type: The format of the returned data (e.g., `application/json`).
- Server: Information about the server handling the request.
- Cache-Control: Directs caching mechanisms to store or not store the response.
- Body: The main content of the response. For example, a GET request to retrieve user data might return:
{ "id": 1, "name": "John Doe", "email": "johndoe@example.com" }In Postman, the response body is displayed in different formats like JSON, HTML, or plain text. - Cookies: Some responses may contain cookies, which are stored on the client side and may be used for session management or tracking.
3. Example Usage in Postman
Let’s go through an example of sending a POST request using Postman to create a new user:
- HTTP Method: POST
- URL: `https://api.example.com/users`
- Headers:
- Content-Type: `application/json`
- Authorization: `Bearer {token}`
- Body (JSON format):
{ "name": "Jane Doe", "email": "janedoe@example.com", "password": "securepassword" }
When you send the request in Postman, the server may respond with:
- Status Code: 201 Created
- Headers:
- Content-Type: `application/json`
- Location: `https://api.example.com/users/2` (indicates where the new resource can be accessed)
- Body:
{ "id": 2, "name": "Jane Doe", "email": "janedoe@example.com" }
Understanding these request and response properties will allow you to effectively use Postman for API testing and debugging, ensuring that your requests are properly structured and responses are interpreted accurately.
Complete List of HTTP Status Codes and Their Meanings
| Status Code | Meaning | Description |
|---|---|---|
| 1xx Informational | ||
| 100 | Continue | Indicates that the initial part of a request has been received and the client should continue. |
| 101 | Switching Protocols | Server is switching protocols as requested by the client. |
| 102 | Processing | Server has received the request but no response is available yet. |
| 103 | Early Hints | Provides hints to the client before the server's final response. |
| 2xx Successful | ||
| 200 | OK | Request succeeded, and the server returned the requested data. |
| 201 | Created | Request succeeded, and a new resource was created as a result. |
| 202 | Accepted | Request has been accepted for processing, but not yet completed. |
| 203 | Non-Authoritative Information | Returned meta-information is not from the origin server. |
| 204 | No Content | Request succeeded but no content to return. |
| 205 | Reset Content | Client should reset the document view. |
| 206 | Partial Content | Partial content delivered as per range request. |
| 207 | Multi-Status | Conveys multiple status codes for different parts of a multi-part response. |
| 208 | Already Reported | Already enumerated in a previous response. |
| 226 | IM Used | Server fulfilled the request using instance-manipulations. |
| 3xx Redirection | ||
| 300 | Multiple Choices | Request has multiple possible responses. |
| 301 | Moved Permanently | Resource permanently moved to a new URI. |
| 302 | Found | Resource temporarily moved to a different URI. |
| 303 | See Other | Directs the client to get the requested resource at another URI using GET. |
| 304 | Not Modified | Resource not modified since last request. |
| 305 | Use Proxy | Must access the requested resource through a proxy. |
| 306 | Switch Proxy | No longer used; reserved. |
| 307 | Temporary Redirect | Resource temporarily available at a different URI. |
| 308 | Permanent Redirect | Resource permanently available at a different URI. |
4xx Client Error Status Codes
| Status Code | Meaning | Description |
|---|---|---|
| 400 | Bad Request | The server could not understand the request due to invalid syntax. |
| 401 | Unauthorized | Authentication is required and has failed or has not been provided. |
| 402 | Payment Required | Reserved for future use. Often used for digital payment systems. |
| 403 | Forbidden | The client does not have access rights to the content. |
| 404 | Not Found | The server can not find the requested resource. |
| 405 | Method Not Allowed | The request method is known by the server but is not supported by the target resource. |
| 406 | Not Acceptable | The server cannot produce a response matching the list of acceptable values defined in the request's headers. |
| 407 | Proxy Authentication Required | The client must authenticate itself with a proxy. |
| 408 | Request Timeout | The server would like to shut down this unused connection. |
| 409 | Conflict | The request conflicts with the current state of the server. |
| 410 | Gone | The content requested has been permanently deleted from the server. |
| 411 | Length Required | The server refuses to accept the request without a defined Content-Length header. |
| 412 | Precondition Failed | The client has indicated preconditions in its headers which the server does not meet. |
| 413 | Payload Too Large | The request entity is larger than the server is willing or able to process. |
| 414 | URI Too Long | The URI requested by the client is longer than the server is willing to interpret. |
| 415 | Unsupported Media Type | The media format of the requested data is not supported by the server. |
| 416 | Range Not Satisfiable | The range specified by the Range header field in the request can't be fulfilled. |
| 417 | Expectation Failed | The expectation given in the request's Expect header could not be met. |
| 418 | I'm a Teapot | A humorous response code indicating the server is a teapot; defined in RFC 2324. |
| 421 | Misdirected Request | The request was directed at a server that is not able to produce a response. |
| 422 | Unprocessable Entity | The request was well-formed but was unable to be followed due to semantic errors. |
| 423 | Locked | The resource being accessed is locked. |
| 424 | Failed Dependency | The request failed due to failure of a previous request. |
| 425 | Too Early | Indicates that the server is unwilling to risk processing a request that might be replayed. |
| 426 | Upgrade Required | The client should switch to a different protocol such as TLS/1.0. |
| 428 | Precondition Required | The origin server requires the request to be conditional. |
| 429 | Too Many Requests | The user has sent too many requests in a given amount of time ("rate limiting"). |
| 431 | Request Header Fields Too Large | The server is unwilling to process the request because its header fields are too large. |
| 451 | Unavailable For Legal Reasons | The user requests an illegal resource, such as a web page censored by a government. |
5xx Server Error Status Codes
| Status Code | Meaning | Description |
|---|---|---|
| 500 | Internal Server Error | A generic error message indicating that the server encountered an unexpected condition that prevented it from fulfilling the request. |
| 501 | Not Implemented | The server either does not recognize the request method, or it lacks the ability to fulfill the request. |
| 502 | Bad Gateway | The server was acting as a gateway or proxy and received an invalid response from the upstream server. |
| 503 | Service Unavailable | The server is currently unable to handle the request due to temporary overloading or maintenance of the server. |
| 504 | Gateway Timeout | The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server. |
| 505 | HTTP Version Not Supported | The server does not support the HTTP protocol version used in the request. |
| 506 | Variant Also Negotiates | Transparent content negotiation for the request results in a circular reference. |
| 507 | Insufficient Storage | The server is unable to store the representation needed to complete the request. |
| 508 | Loop Detected | The server detected an infinite loop while processing a request. |
| 510 | Not Extended | Further extensions to the request are required for the server to fulfill it. |
| 511 | Network Authentication Required | The client needs to authenticate to gain network access. |