Our standard REST services come with standard exception handling. This means that all server-side exceptions will send the http status code 400 (Bad Request) to the client. The implementation already checks some exception types and returns custom http status codes:

Exception http status
UnknownObjectException 404 (Not found)
SecurityException 403 (Forbidden)
InvalidPasswordException 401 (Unauthorized)

If you want custom status codes, it's possible to throw RestServiceException. This exception class supports custom status codes and error details.

if (!isBookingAvailable())
{
    IBean details = new Bean();
    details.put("id", errorId);
    details.put("message", "The booking feature isn't yet implemented!");
 
    throw new RestServiceException(501, details);
}
 
...