I am writing rest api which takes transaction id as a input and processes refund for the specified transaction. So there can be case where I received multiple refund requests for the same transaction. But refund can be processed only once. In the case what should be the response code if refund is already done and I received duplicate request for refund of same transaction ?
403(Forbidden) status code indicates that the server understood the request but refuses to authorize it. A server that wishes to make public why the request has been forbidden can describe that reason in the response payload (if any). [...]
409(Conflict) status code indicates that the request could not be completed due to a conflict with the current state of the target resource. This code is used in situations where the user might be able to resolve the conflict and resubmit the request. The server SHOULD generate a payload that includes enough information for a user to recognize the source of the conflict. [...]
It's essential to return a good description of the error in the response paylod. You could use the RFC 7807 as reference.