Any other type of interaction with resources that are not safe nor idempotent, such as submitting data to a resource, or performing resource-specific actions, should be done using the POST method. We will use the POST method extensively for control actions or for web form submissions, to name a couple of examples. The POST method is not safe nor idempotent. This means proxies and web servers relay the request all the way to the underlying service for processing every time a POST request is received and accepted.
Technically, you could implement idempotent control actions using the PUT method. But that would require knowledge of impotence from the client on a control-parameter basis. It's simpler to just assume no control operations are idempotent at the HTTP level and use the POST method for all.
An example of an idempotent control action is the setting of absolute parameter values. Changing a control parameter using relative values, such as a change in percent, or toggling a digital output, is not idempotent. Counting operations are not idempotent either.
The following table summarizes the most common methods in HTTP:
|
Method |
Safe |
Idempotent |
|
HEAD |
✓ |
✓ |
|
GET |
✓ |
✓ |
|
PUT |
✓ |
|
|
DELETE |
✓ |
|
|
POST |