# Error Handling in APIs

Proper error handling is essential for robust APIs. It helps clients understand what went wrong and how to fix it.

## HTTP Status Codes

### 2xx Success

- 200 OK: Request succeeded
- 201 Created: Resource created successfully
- 204 No Content: Request succeeded but no content to return

### 3xx Redirection

- 301 Moved Permanently: Resource moved to new URL
- 302 Found: Resource temporarily moved
- 304 Not Modified: Resource not modified since last request

### 4xx Client Errors

- 400 Bad Request: Invalid request syntax or parameters
- 401 Unauthorized: Authentication required
- 403 Forbidden: Access denied
- 404 Not Found: Resource not found
- 405 Method Not Allowed: HTTP method not supported
- 409 Conflict: Request conflicts with current state
- 422 Unprocessable Entity: Validation errors
- 429 Too Many Requests: Rate limit exceeded

### 5xx Server Errors

- 500 Internal Server Error: Unexpected server error
- 502 Bad Gateway: Invalid response from upstream server
- 503 Service Unavailable: Server temporarily unavailable
- 504 Gateway Timeout: Upstream server timeout

## Error Response Format

Consistent error response format helps clients handle errors programmatically.

### Standard Error Response Structure:

```json
{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "The request contains invalid data",
    "details": {
      "field": "email",
      "issue": "Invalid email format"
    }
  }
}
```

### Alternative Format:

```json
{
  "success": false,
  "error": {
    "type": "validation_error",
    "message": "Email is required",
    "field": "email"
  }
}
```

## Error Handling Best Practices:

- **Use appropriate HTTP status codes**
- **Provide descriptive error messages**
- **Include error codes for programmatic handling**
- **Don't expose internal system details**
- **Log errors for debugging**
- **Handle exceptions gracefully**
- **Validate input data**
- **Implement proper logging**

## Common Error Scenarios:

- **Validation Errors**: Invalid input data
- **Authentication Errors**: Invalid or missing credentials
- **Authorization Errors**: Insufficient permissions
- **Resource Not Found**: Invalid resource ID
- **Rate Limiting**: Too many requests
- **Server Errors**: Database connection issues, external service failures

## Error Handling in Python (Flask example):

```python
from flask import Flask, jsonify
from werkzeug.exceptions import HTTPException

@app.errorhandler(HTTPException)
def handle_http_exception(e):
    return jsonify({
        'error': {
            'code': e.code,
            'message': e.description
        }
    }), e.code

@app.errorhandler(Exception)
def handle_generic_exception(e):
    return jsonify({
        'error': {
            'code': 500,
            'message': 'Internal server error'
        }
    }), 500
```
