That doesn't make any sense. The line was already drawn, in the HTTP spec. Follow it. Returning 200 OK for everything and then putting an error in the the body is completely useless. The whole point is that there are common, well defined errors which HTTP specifies codes for. Clients can properly handle those errors regardless of what the backend is like. Nobody wants to have to write millions of different solutions to parse your JSON error responses and figure out what they mean and what to do with them.