re: Why you should use standard HTTP methods when designing REST APIs VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Yes, idempotence is important but it goes hand in hand with verbs. Browsers and API clients work on the assumption that a POST verb is never idempo...
 

What about checking for authorization before returning such GET requests? Wouldn't it be another way of protecting sensitive data.

I may be misunderstanding your point but it goes without saying that you always properly protect your API, no matter HTTP method is being used.

code of conduct - report abuse