On 2021-10-29 15:47, Icke Bins wrote:
> My question was not if these rel's should used but if they should
> always included in responses.
> When the user is already authenticated - why should I provide him an
> authenticate-rel? He is already authenticated.
> And vise versa: When the user is NOT authenticated why should I
> provide him a logout rel? He cannot logout because he is not
Personally I find this difficult to answer. I think there's a lot of
different degrees and ways people adopt HAL/HATEOAS. There's a large
number of people that keep most their logic client-side, and just use
links for relationships between data and discovering endpoints, and I've
seen *some* that are on the other end of this, and they try to
comprehensively describe the full application state in each response.
I find that people who are in the latter category tend to use HATEOAS
for simpler/constraint user experiences. For example, this could be a
great fit if you are building a survey system. I also feel that for
these cases, you probably want to follow what is sometimes called a
"Backend for frontend" pattern.
Anyway, all of this cruft is just to sum up... I don't think there's a
great universal recommendation for this, because it depends on what your
goals are and the type of clients you want to serve.