Hello,
Out current pattern is to ignore all input fields which doesn't have any semantic meaning to the API.
For example
Let's say to auth a user I need to specify fields: "username" and "password". The client POSTs to the API fields: "name" and "password" instead. The API will respond with an error that "username" field was not specified, but the fact that "name" field was specified in the request would be completely ignored.
Question
Should the API also send an error stating that "name" was not a valid field?
Our developer community is split on opinion whether an error or warning should be send back when an invalid field is included in the request or whether the API should only "react" to the fields it know what to do with.
A more complicated use case is when we up-version the API. If the latest version introduces a new field that changes behavior, the pattern is for the previous version to ignore the new field as if it doesn't exist.
Any best practices around this?
Thanks,
igtsvi