Creating a new request should always use POST

By Gavin Morrice on 15 Jun 2025

A common misconception is that POST requests are only to be used to create a new resource (or a new database record).

The intention of the POST HTTP verb is to indicate a non-idempotent request. (RFC-XXX). This usually includes creating new resources, but can also apply to changes that we want to make to existing resources.

For example, consider an action to create a new admin approval for the products on our site:

POST products/1/approvals

The use of POST here communicates the intention that each request to this URL will create a new approval for product/1.

Let’s consider an alternative use case: we want to create a single approval for each product. If a product has an approval, then we will not create a second one.

In this case, PUT products/1/approvals is a more appropriate use case.