https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20407
Martin Renvoize <martin.renvo...@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com --- Comment #3 from Martin Renvoize <martin.renvo...@ptfs-europe.com> --- The slightly more accepted way of doing this to date that I have seen is to reduce the default response to only contain public fields and set the private fields to need explicitly requesting in the api call. This way, rather than sending back a 200 with varying content you send back either a 200 with what the consumer has asked for (or is expecting) or you send back a 401 Unauthorized and the client knows to authenticate). The principle of Least Surprise. I do like the x-public way of defining it in the spec though.. :) -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/