Is HTTP 501 appropriate for an unimplemented API?
Is an HTTP 501 error appropriate for functionality which the server plans to support, but does not currently, such as a particular case of an API? For instance, if I was designing a webmail app and I couldn't yet delete emails with attachments, would it be appropriate to give 501 if I got a DELETE request on an email with an attachment?
The RFC says that it should be used for an unknown method (e.g. a PARTY request), but it's not clear whether it should be used for other functionality as well.
Answer
appropriate
No:
6.6.2. 501 Not Implemented
The 501 (Not Implemented) status code indicates that the server does not support the functionality required to fulfill the request. This is the appropriate response when the server does not recognize the request method and is not capable of supporting it for any resource.
6.5.5. 405 Method Not Allowed
The 405 (Method Not Allowed) status code indicates that the method received in the request-line is known by the origin server but not supported by the target resource. The origin server MUST generate an Allow header field in a 405 response containing a list of the target resource's currently supported methods.