Return a 404 or 403 instead of 401 if record can not be found
When an API call is made to read or update a record that does not exist, a
401 is returned with the following message in the body:
DENIED!!! - Record: 99999 either does not exist or you do not have access to it.
Either scenario described in the error message would better fit for a
403 (forbidden) or a
404 (resource not found) instead of a
The reason this is a problem is because now if a record does not exist and a 401 is returned, it makes it difficult to programmatically determine if the record simply does not exist, or if the credentials to access it are not valid or have expired (a genuine 401).
I've gotten around this so far by reading the error message string and checking for words or phrases that let me know what happened - but this is brittle and can be non-deterministic.
Should that error message change some of my logic would break, but I need a way to tell if the record simply doesn't exist, or if my token expired and I need to exchange my credentials for a new one before retrying.
Return a 404 or 403 depending on the result of the request, and only return a 401 if credentials are invalid.
Thank you for the feedback. I can certainly see how needing the workaround isn't ideal, and returning a different response would be preferable. We'll bring this up to our engineering team, and will let you know if/when this changes in a future release.