Issue
I’m writing a microservice that processes data from public API. It goes like the following:
- User sends request to my service
- Service sends request for data to API using arguments from user’s request
- API fetches data
- Service processes data and sends result to user
User may send bad request with wrong arguments or with insufficient amount of them. The API already has functionality to handle bad requests and fetch error in response. Now, I wonder if my service should:
a) Handle bad request on it’s own thus disallowing sending such requests to API
b) Send bad request to API anyway and then return error from API to the user
Solution
From the perspective of traffic, you should ensure the security and stability of the api service as much as possible.
We generally verify the parameters once at the upper layer.
Answered By – golandscape
Answer Checked By – Dawn Plyler (GoLangFix Volunteer)