Skip to content

[C4GT Community] API Status Code Correction, Swagger Alignment & UI Error Handling in MMU-API & MMU-UI #114

New issue
New issue
Open
Open
[C4GT Community] API Status Code Correction, Swagger Alignment & UI Error Handling in MMU-API & MMU-UI#114
Assignees
tanmaykule
Labels
C4GT CommunityMMU-APIMMU-UI
@drtechie

Description

@drtechie
drtechie
opened on Dec 7, 2025

📄 Description

Fix improper use of HTTP 200 for error scenarios across AMRIT APIs (this ticket is created for MMU-API and MMU-UI), align all endpoints with REST standards, update Swagger/OpenAPI specifications, and ensure the UI correctly handles new status codes.

🚨 Problem Statement

Currently, many AMRIT APIs always return 200 OK, even in cases of:

  • Authentication failures
  • Authorization failures
  • Validation errors
  • Business logic failures
  • Server-side exceptions

Proper HTTP status codes like 401, 403, 400, 404, 409, and 500 are not consistently used.

This results in:

  • Broken REST semantics
  • UI relying on internal error flags instead of HTTP semantics
  • Inaccurate Swagger / OpenAPI documentation
  • Poor debuggability and error tracing
  • Increased risk of silent failures in production

🎯 Goal / Expected Outcome

  • ✅ All APIs return correct HTTP status codes
  • ✅ A standard error response structure is implemented
  • Swagger/OpenAPI documentation reflects real response behavior
  • Frontend/UI handles errors using 4xx and 5xx status codes
  • ✅ Final system delivers:
    • REST-compliant APIs
    • Accurate Swagger documentation
    • Reliable UI error handling and messaging

🔍 Current Issues Observed

  • APIs return 200 even when:
    • Session is expired
    • User lacks permission
    • Input validation fails
    • Backend throws exceptions
  • Error information is only embedded inside response bodies
  • Swagger shows incorrect response codes
  • UI cannot distinguish between:
    • Auth failures
    • Validation errors
    • Server crashes

🛠️ Scope of Work

1️⃣ Backend Changes

  • Identify APIs that incorrectly return 200 for error cases
  • Implement correct status codes:
    • 400 → Validation errors
    • 401 → Unauthorized
    • 403 → Forbidden
    • 404 → Not found
    • 409 → Conflict
    • 500 → Internal Server Error
  • Implement centralized exception handling using @ControllerAdvice
  • Enforce a standard error response format,

✅ Acceptance Criteria

  • APIs no longer return 200 for failure cases
  • Correct HTTP status codes implemented and verified
  • Centralized exception handling in place
  • Swagger/OpenAPI accurately reflects real behavior
  • UI handles 4xx and 5xx responses properly
  • No regression in existing production workflows

Metadata

Metadata

Assignees

Labels

C4GT CommunityMMU-APIMMU-UI

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions