POST to API/tokens takes care of new tokens, How to return data to the caller?

Question

I've been doing some study on REST API design best practices. I come from an RPC client/server background. I have the following questions:

My service revolves around a single object - a Token.

On creating a new token, a unique tokenID is automatically generated for that token, which is all that needs to be sent back to the client.

The other fields that make up a token are its value, ownerId and status. At the point of creation, the token status is 'new'.

I understand that a POST to /API/tokens should take care of creating a new token, but what data do i return to the caller?

1. 201 created header
2. a json object representing the token with all it's fields
3. a json object with just the new tokenID and status (which is all the caller really needs)
4. a link to the new "token resource" - this seems silly, as it would require a further GET to return the actual token

At this point i'm considering 1) and 3)

Answer 1

The w3c spec for POST has:

If a resource has been created on the origin server, the response SHOULD be 201 (Created) and contain an entity which describes the status of the request and refers to the new resource, and a Location header

So I'd go for a) and c) too...