2

Let's say I have a single resource of employee that belongs to user:

{
 "id": 1, "name": "John Doe", "userId: 1
}

When making a GET request to /employees/1, I'm using a JWT which contains the userId.

Any user can fetch this record regardless of their userId (as long as they're authenticated), however, I want to indicate that the requester actually owns that employee.

I was thinking that on the server I could do an if (employee.userId === jwt.userId) and add the result as a property "isOwner": true in the result like this:

{
 "id": 1, "name": "John Doe", "userId: 1,
 "isOwner": true
}

Does this break REST principles as the same resource will return different results depending on the user making the request?

asked Mar 11, 2022 at 10:34
0

1 Answer 1

2

No, it doesn't.

As long as the concept behind the URI is the same (some gray area of course) the server is free to return different representations of the same thing best suited for the client or the user making the request.

The same way the resource at amazon.com will return a slightly different page for me than for you.

answered Mar 11, 2022 at 10:56

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.