400 vs 422 response to POST that references an unknown entity

Question

I\'m trying to figure out what the correct status code to return on different scenarios with a \"rest-like\" API that I\'m working on.

This example is borrowed from

Answer 1

Case 1 : Account number doesn't exist. This is a standard case for 404.

Case 2 : Account is closed. This has do with the logic if you keep the account details when you close it. If you donot keep the account details when the account is closed, you can give 404. If you keep the account details after it is closed, you must be marking it (like raising some flag) (or whatever logic you have). In this case, Status code 400 with a proper message of why it is failed and possibly remediation will do.

Case 3 : Account identified is not the right kind of account. 403, as the account is not authorised for completing any purchases makes sense to me. If there is no concept like authorised account, 400 with a explanatory message will do. But I would insist to go with 403 in this case.