0

Creating a system which will responsible to allow clients to upload their receipts. I have to create a url that the client will call to generate a unique ID i.e., /system/generate_id. The question is that should this url be GET or POST.

A little bit on this system. The generated url will be valid for few hours and then it will expire. The generated id will not be used to uniquely identify the receipts. The receipts will be read by another system to do some OCR processing and will be stored in some new place (where they will be corelated with user-id). The generated url can't be used to access the uploaded receipt i.e., system/<generated_id> wouldn't exist. As a matter of fact, the system in question will be a lambda whose sole purpose is to generate the ID and that generated ID is not dependend on user, its just unique.

I know a POST request is something which ends up creating a Child at given url and GET is something which just returns the info. So in this case, what should be the URL type. Should it be GET or POST

Em Ae
  • 8,167
  • 27
  • 95
  • 162

2 Answers2

0

Basically in good design GET is a read-only operation, GET request shouldn't change system state. From the other hand POST is for changing system state. If during ID generation the code writes some data to database or somewhere I suggest to use POST, if it is just pure read-only then GET.

p.s. If you forget all that rules then GET looks much logical like 'GET me new unique id'

Aleksei Semidotskii
  • 1,385
  • 1
  • 10
  • 18
  • thats my main argument, in this specific case even though the url returns a new unique id on each call, that id doesn't get persisted etc at the backend. Nothing has changed in our system. Even after million calls to the url, the backend system would remain the same. – Em Ae Aug 06 '20 at 15:54
  • Considering this, I think GET is reasonable. Id generation here is a pure, stateless function. – Aleksei Semidotskii Aug 06 '20 at 16:18
0

A REST endpoint that generates a unique id, should it POST or GET

https://www.uuidgenerator.net/ is an example of a REST endpoint that generates a unique id (specifically, a version 4 UUID). Invoking it works just the way that you would expect: your browser sends a GET request, and you get an HTML document back with a unique identifier embedded in the middle of it.

The important element here is that the semantics of the request are safe. The fact that the implementation requires consuming some random numbers on the server is just an implementation detail, and not in any way part of the semantics of the request.

Community
  • 1
  • 1
VoiceOfUnreason
  • 52,766
  • 5
  • 49
  • 91