Minor changes to Machines API contract - best way to handle?


Our automated tests highlighted a minor change to the Machines API contract: when performing certain operations (delete, create machines etc.) on apps that don’t exist, we now receive a 401 instead of a 404.

Example request:

  • DELETE /v1/apps/<app_name>

Earlier, if app_name didn’t exist we’d get a 404 with “Could not find App” in the body. Now we seem to be getting a 401 back with no body.

Would it be possible to send a body back so that we know the 401 is not related to a bad token? Something like “This app either doesn’t exist or you don’t have access to it”.

I’d like to use this in our API client that does something like this:

  def delete_app(app_name)
    response = with_retries(max_tries: 3, rescue: [Net::OpenTimeout]) do
      perform_request(Net::HTTP::Delete, "#{@api_url}/v1/apps/#{app_name}?force=true", headers: authorization_headers)


    if response.code.eql?(202)
    elsif response.code.eql?(404) && response.parsed_response["error"] =~ /Could not find App/
      raise FlyIO::Errors::AppNotFound
      raise "Error deleting app. Status: #{response.code}, Body: #{response.body}"

Hey, we did release a change yesterday with this new behavior. I’ll take a look at adjusting back to the old behavior now.

1 Like

Ok, we’re deploying the change now. The error message will be slightly different though, “App not found”.

1 Like

Thanks! Just checked now, and looks like a body is returned but it says “invalid authentication” (confirmed that my token is valid and the request succeeds for valid apps).

Here’s the exact response I’m seeing:

Status: 401
Body: {"error":"invalid authentication"}

Ok, sorry it took me a bit to get back to this. We’ve rolled out another change that should give you the correct status code and error message now.

Confirmed that this works!