Execution API: Normalize error response formats

[henry3260]

What

Standardized Execution API error responses to use structured detail payloads (with reason and message) instead of mixed string/dict formats.
Updated affected routes in variables, xcoms, and task_instances to return consistent error shapes.

Was generative AI tooling used to co-author this PR?

• Yes (please specify the tool below)

---

• Read the Pull Request Guidelines for more information. Note: commit author/co-author name and email in commits become permanently public when merged.
• For fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
• When adding dependency, check compliance with the ASF 3rd Party License Policy.
• For significant user-facing changes create newsfragment: {pr_number}.significant.rst, in airflow-core/newsfragments. You can add this file in a follow-up commit after the PR is created so you know the PR number.

[jason810496]

Would it be better to add a subclass like ExecutionAPIHTTPException (or ExecutionHTTPException for the shorthand) to enforce the error response format in the future?

[henry3260]

Would it be better to add a subclass like ExecutionAPIHTTPException (or ExecutionHTTPException for the shorthand) to enforce the error response format in the future?

That's a good idea!

[Copilot]

Pull request overview

Standardizes Execution API error responses to a consistent structured detail payload (e.g., {reason, message}) by introducing an ExecutionHTTPException wrapper and updating multiple routes/tests to use it.

Changes:

• Added ExecutionHTTPException to normalize detail into a consistent {reason, message} shape.
• Replaced multiple fastapi.HTTPException usages across Execution API routes with ExecutionHTTPException.
• Updated task instance unit tests to assert the new structured error detail format.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
airflow-core/tests/unit/api_fastapi/execution_api/versions/head/test_task_instances.py	Updates assertions to match new structured error response shapes.
airflow-core/src/airflow/api_fastapi/execution_api/routes/xcoms.py	Normalizes error responses by switching to ExecutionHTTPException.
airflow-core/src/airflow/api_fastapi/execution_api/routes/variables.py	Switches to ExecutionHTTPException and adds additional validation branches.
airflow-core/src/airflow/api_fastapi/execution_api/routes/task_instances.py	Replaces mixed string/dict error details with consistent structured payloads.
airflow-core/src/airflow/api_fastapi/execution_api/routes/hitl.py	Switches to ExecutionHTTPException for not-found/conflict cases.
airflow-core/src/airflow/api_fastapi/execution_api/routes/dags.py	Converts DAG not-found response to ExecutionHTTPException structured detail.
airflow-core/src/airflow/api_fastapi/execution_api/routes/dag_runs.py	Converts DAG/DAG run errors to ExecutionHTTPException structured detail.
airflow-core/src/airflow/api_fastapi/execution_api/routes/connections.py	Converts connection not-found response to ExecutionHTTPException.
airflow-core/src/airflow/api_fastapi/execution_api/routes/assets.py	Converts asset not-found response to ExecutionHTTPException.
airflow-core/src/airflow/api_fastapi/execution_api/routes/asset_events.py	Converts parameter-validation error to ExecutionHTTPException.
airflow-core/src/airflow/api_fastapi/common/exceptions.py	Introduces ExecutionHTTPException to enforce consistent {reason, message} error detail format.

Comments suppressed due to low confidence (1)

airflow-core/src/airflow/api_fastapi/execution_api/routes/asset_events.py:1

• The reason value ("Missing parameter") is not normalized (it contains spaces and capitalization) and is inconsistent with the other routes’ machine-readable tokens (e.g., not_found, invalid_request). Use a stable token (e.g., missing_parameter) and keep the human-readable text in message.

# Licensed to the Apache Software Foundation (ASF) under one

[Copilot]

variable_key is a path parameter, so an “empty string” value won’t match the route (the segment can’t be empty). These branches are effectively unreachable and also return 404 Not Found, which is not an appropriate status for an invalid/missing path parameter. Consider removing these checks; if you want explicit validation, enforce it at the parameter level (e.g., Path(min_length=1)) so FastAPI returns a 422 validation error with the normalized detail shape.

[Copilot]

variable_key is a path parameter, so an “empty string” value won’t match the route (the segment can’t be empty). These branches are effectively unreachable and also return 404 Not Found, which is not an appropriate status for an invalid/missing path parameter. Consider removing these checks; if you want explicit validation, enforce it at the parameter level (e.g., Path(min_length=1)) so FastAPI returns a 422 validation error with the normalized detail shape.

[Copilot]

Passing a string detail here will be normalized by ExecutionHTTPException, but it will default reason to "error". For consistency with the PR goal (“structured detail payloads with reason and message”), provide an explicit dict with a specific reason (e.g., already_exists) and the string as message.

Suggested change

	f"Human-in-the-loop detail for Task Instance with id {task_instance_id} already exists.",
	detail={
	"reason": "already_exists",
	"message": (
	f"Human-in-the-loop detail for Task Instance with id {task_instance_id} already exists."
	),
	},

[Copilot]

Introducing ExecutionHTTPException only normalizes errors for call sites that explicitly use it. In this same module, some existing handlers (e.g., DagErrorHandler) still raise HTTPException with string detail, which will continue producing mixed formats. To fully enforce consistency, either (1) update Execution API error handlers to raise ExecutionHTTPException, or (2) register a FastAPI exception handler for HTTPException under the Execution API app/router that wraps/normalizes exc.detail into the {reason, message} shape.

[pierrejeambrun]

As mentioned by copilot, some other utility function can still raise mixed content exception.

If we want to catch everything a global exception handler is probably better. And we could have this registered at the top app level, because we have the same issue with the public API.

Always returning a 'dict' for 'details' with at least 'reason/message' seems cool.

[jason810496]

Thank for the update.

[jason810496]

Thanks for the update, I will defer to @pierrejeambrun regarding the exception response breaking change.

[jason810496]

Is it acceptable to introduce RestAPI breaking change for 3.3.0?
cc @pierrejeambrun

Since the normalization for the HTTPException is breaking change for users who rely on the response body.

[pierrejeambrun]

I'm having second thought on this.

First the global exception handler is obfuscating the code. Someone reading the code won't understand at first why the response he's seeing is different from what the code raises. (a global exception handler is re modeling the response shape afterwards) So actually fixing the response at all different places is probably a more maintainable 'long term goal'.

Also as mentioned this is a breaking change (might be small but still breaking). I would say it's worth considering for a critical reason (security fix, global design shift, or huge maintainability gain), but just for cleaning the code / changing response format for consistency, i don't think it's worth the trouble. I would just accept that error response format isn't normalized...

And I would advocate for closing this.

Curious to see what other think.

edit: After double checking it appears that public/ui/auth managers apis are all consistent returning a 'string'. The problem is only located in the execution_api which uses both a mixture of 'str' and struct 'dict' for the details.

So the problem is only for that execution_api, and I'd say the repartition is half half, so it's not clear what was the original intent. But moving to fully struct seems good. I'd say we need to:

• Check if the client sdk (consuming that execution API) is using those error messages.
• If not then it means that we won't break generated client sdk by updating the error messages. (people most likely do not use the execution api directly without using the sdk client) And we can probably go ahead and do the change directly at the different places not returning the structure dict. (If we accept the risk)
• If the client sdk do use some of the error message, I'd say we close this PR, we can't break it

[ashb]

The exception handling and munging code is too complex given we control all the raise sites.

If we are unifying this, maybe we should do what the TODO in routes/t_i.py says:

        # TODO: Pass a RFC 9457 compliant error message in "detail" field
        # https://datatracker.ietf.org/doc/html/rfc9457
        # to provide more information about the error

(Note: that is not a "we must do this", but we should either do it now, or remove that comment now)

[ashb]

Why is this in common if it's specific to the Execution API?

[henry3260]

Why is this in common if it's specific to the Execution API?

yes, if now we focus on execution API we can move this to others.

[ashb]

What is the point of this? Is it logged anywhere to be able to correlate it against the exception when it's not sent to the client.

[ashb]

Give this is JSON, we shouldn't put multiple things into a single string should we -- we've got structure, lets use it?

[ashb]

This probably shouldn't be done in line here, but put in ERROR_HANDLERS instead -- makes register fn single purpose and much smaller.

[ashb]

Why do we need a new dict?

[ashb]

Why force it to a string.

This entire function feels like backcompat that we shouldn't need given we are in control of all of the callers.

[ashb]

You could do this by having extra be **extra, then this block can go.

[ashb]

people most likely do not use the execution api directly without using the sdk client

It's a private API, so the only thing we have to about is compat with python or beta Go Task SDKs.

[ashb]

If the client sdk do use some of the error message, I'd say we close this PR, we can't break it

We can likely handle this via a Cadwyn migration. It can mutate payloads ig needed.

[henry3260]

I'd prefer to close this PR since it contains too many unrelated changes. I’ll open a new, cleaner PR to address the specific comments we discussed. Thanks for the guidance!