Skip to content

[C4GT Community] API Status Code Correction, Swagger Alignment & UI Error Handling in HWC-API & HWC-UIΒ #115

New issue
New issue
Open
Open
[C4GT Community] API Status Code Correction, Swagger Alignment & UI Error Handling in HWC-API & HWC-UI#115
Labels
C4GT CommunityHWC-APIHWC-UI
@drtechie

Description

@drtechie
drtechie
opened on Dec 7, 2025

πŸ“„ Description

Fix improper use of HTTP 200 for error scenarios across AMRIT APIs (this ticket is created for HWC-API and HWC-UI), align all endpoints with REST standards, update Swagger/OpenAPI specifications, and ensure the UI correctly handles new status codes.

🚨 Problem Statement

Currently, many AMRIT APIs always return 200 OK, even in cases of:

  • Authentication failures
  • Authorization failures
  • Validation errors
  • Business logic failures
  • Server-side exceptions

Proper HTTP status codes like 401, 403, 400, 404, 409, and 500 are not consistently used.

This results in:

  • Broken REST semantics
  • UI relying on internal error flags instead of HTTP semantics
  • Inaccurate Swagger / OpenAPI documentation
  • Poor debuggability and error tracing
  • Increased risk of silent failures in production

🎯 Goal / Expected Outcome

  • βœ… All APIs return correct HTTP status codes
  • βœ… A standard error response structure is implemented
  • βœ… Swagger/OpenAPI documentation reflects real response behavior
  • βœ… Frontend/UI handles errors using 4xx and 5xx status codes
  • βœ… Final system delivers:
    • REST-compliant APIs
    • Accurate Swagger documentation
    • Reliable UI error handling and messaging

πŸ” Current Issues Observed

  • APIs return 200 even when:
    • Session is expired
    • User lacks permission
    • Input validation fails
    • Backend throws exceptions
  • Error information is only embedded inside response bodies
  • Swagger shows incorrect response codes
  • UI cannot distinguish between:
    • Auth failures
    • Validation errors
    • Server crashes

πŸ› οΈ Scope of Work

1️⃣ Backend Changes

  • Identify APIs that incorrectly return 200 for error cases
  • Implement correct status codes:
    • 400 β†’ Validation errors
    • 401 β†’ Unauthorized
    • 403 β†’ Forbidden
    • 404 β†’ Not found
    • 409 β†’ Conflict
    • 500 β†’ Internal Server Error
  • Implement centralized exception handling using @ControllerAdvice
  • Enforce a standard error response format,

βœ… Acceptance Criteria

  • APIs no longer return 200 for failure cases
  • Correct HTTP status codes implemented and verified
  • Centralized exception handling in place
  • Swagger/OpenAPI accurately reflects real behavior
  • UI handles 4xx and 5xx responses properly
  • No regression in existing production workflows

Metadata

Metadata

Assignees

No one assigned

    Labels

    C4GT CommunityHWC-APIHWC-UI

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions