As the title says - is it valid?
What do i mean
If i call an endpoint with GET
is it then valid to do
You can make valid HTTP requests but go against the design of HTTP. I'm focusing in my answer on correct HTTP design.
First, when you do a GET requests, you always receive a representation of a resource. Even if a URL represents something like a 'collection of resources', there is no strict definition of this in HTTP. That list of resources can still represent multiple 'entities' coming from your data-model.
So a call to
/users can return multiple user-entities.
DELETE to users could mean that you are deleting the entire
/users collection and everything in it.
One issue that I see, and don't have a great answer on is that you're using the the query string to delete multiple resources. I think this is fine for
HEAD, but I question whether it's correct for
DELETE as well. It definitely feels a bit 'weird' to me because I feel that a
/users?foo=bar should delete
/users and commonly it will due to how most frameworks work. Should it? I'm actually not sure. REST is not strictly a standard so we can't go and find answers there, so all I got is that it 'feels wrong'. I realize that you're not strictly asking for REST, so from a strict HTTP perspective it's definitely ok.
However, you could structure your urls to not look like:
but instead something like this:
I've seen others do this, and it feels a bit less wrong to me. But this is mostly conjecture.
Regardless if you do a
DELETE on multiple entities like that, the request should either succeed or do nothing at all. Partial success is not accepted, so you can just use the usual 200/204 response codes to indicate a successful delete.