Post one type but respond with another

I’m thinking of instances where there’s a relation of “request resource” and “response resource”. For example; sessions; I’m posting credentials (or “session request”) but am getting a session in return.

I’m making this distinction because they are not the same type of resource and often don’t overlap.

Following the same example; credentials have email and password, possibly a PIN, but a session has authorization token, an expiration date, a relationship with a user resource, etc.

I couldn’t find anything explicitly against it in the spec but I wanted to be sure; how should I handle cases like that?

Thanks in advance.


This is typical when POSTing to a resource. It often understands different representations. It creates resources that may not be represented at all as the representations it understand. A resource is not bound to a single representation. I am pretty sure json:api would not go against those principles.