Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Update 403.30 to describe IAP instead of DOS


Excerpt

The complete list of HTTP status codes returned by the API.

 This list includes the standard ApiStatusSubCodes returned by the API, however some endpoints return other values. These are listed in the documentation for the specific endpoints.


200Success
201

Created successfully

The object or connection was successfully created.

202

Processing incomplete

The request is waiting on an asynchronous operation, which is not yet complete.

204

Operation successful but no content returned

The requested operation was carried out successfully but didn't return any data.

 303

Already exists

An attempt was made to create an object or connection which already exists. Along with the status code, a "location" URL pointing to a GET method for the existing object may be returned.

400

Invalid data

Even though the request was in the right format, the data within the request do not meet the validation rules.

Anchor
401
401
401
Bad signature

API authentication failed

The request authentication signature is invalid. The response header will contain a sub-code with more information about the specific error:

401.1

The "signature" header is missing

401.2

Multiple "signature" headers

401.3

Signature must be a correctly formatted JSON string

401.4

Signature is missing “AppKey” or it is invalid

401.5

Signature is missing “IssuedAt” or it is invalid

401.6

"IssuedAt" timestamp is not within 60 minutes of the server time

401.7

AppKey not found

401.8

Signature is missing "Token"

401.9

Signature has an incorrect "Token" hash

401.10

The "Token" was encrypted using an expired AppSecret

Token authentication failed.

401.20The javascript "sessionID" is not unique
401.21Invalid javascript session
401.22Unknown request domain
401.23Token not recognized
401.24Token expired

Public authentication failed.

401.30PublicID expired
401.31Unknown public IP address
401.32PublicID not recognized


Anchor
403
Authentication
403
403

Entity authentication failed

Credentials for a specific account were invalid.

In case Data Isolation is enabled, the following sub codes may be returned in the response header:

403.21The 'ApiSessionKey' header was missing
403.22The 'ApiSessionKey' header was not recognised
403.23The ApiSession session is expired
403.25Access denied. The ApiSession does not have access to this resource

In case

Denial of Service

Illegal Access Prevention (IAP) is enabled, the following sub codes may be returned in the response header:

403.30
Access to this endpoint
API access has temporarily been denied
for this IP address
due to
overuse
unusual request activity


404

Object not found

The requested object wasn't found.

Any endpoint that uses dpKey may return the following sub code in the response header:

404.1User not found

Any endpoint that uses extKey/extType may return the following sub code in the response header:

404.2External user could not be found


409

Duplicate request

A duplicate request is currently being processed.

409.1Duplicate functionality is being processed (OperationLock)


412

Operation not allowed

Even though the app was correctly authenticated, the requested operation is not permitted due to restrictions on the app.

500Server error
501

Malformed request

The data supplied in the request body is not in the expected format.