Very good points, for example when it comes to auth you don't want to leak information about what kind of user data exists or doesn't with a 404. That enables to scan what data is there or not as a consumer of the API. Different status codes may be given to the same use cases depending on privacy or auth.
Good catch!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Very good points, for example when it comes to auth you don't want to leak information about what kind of user data exists or doesn't with a 404. That enables to scan what data is there or not as a consumer of the API. Different status codes may be given to the same use cases depending on privacy or auth.
Good catch!