REST API: Wrong schema vs wrong data

Question

Let's suppose we have a REST API that accept the following body for a create-user request:

{
  "username": "joe",
  "email" : "joe@domain.com"
  ...
}

Now I'm a bit confused and don't know when to use HTTP status 400 and when to use HTTP status 422.

When the schema is wrong (e.g. usernamexx instead of username) is it correct to return 400?

when the schema is correct but the data isn't (e.g. invalid email format like @dummy) is it correct to return 422?

Answer 1

I am unable to post a comment on this post, so am writing a short response instead.

When the schema is wrong (e.g. usernamexx instead of username) is it correct to return 400?

A 422 response is the correct to return in this case as the syntax is incorrect. This is described in further in this post.

When the schema is correct but the data isn't (e.g. invalid email format like @dummy) is it correct to return 422?

A 400 should be returned in the case of a malformed/incorrect entity. This is further described in the post mentioned above. You could further improve the response message by including a body to further explain the error.