Standard status codes

Owned by Troels Nielsen
Last updated: Dec 15, 2017 by Nick JensenVersion comment
2 min read
The complete list of HTTP status codes returned by the API.

 This list includes the standard ApiStatusSubCodes returned by the API, however some endpoints return other values. These are listed in the documentation for the specific endpoints.

200Success
201

Created successfully

The object or connection was successfully created.

202

Processing incomplete

The request is waiting on an asynchronous operation, which is not yet complete.

204

Operation successful but no content returned

The requested operation was carried out successfully but didn't return any data.

 303

Already exists

An attempt was made to create an object or connection which already exists. Along with the status code, a "location" URL pointing to a GET method for the existing object may be returned.

400

Invalid data

Even though the request was in the right format, the data within the request do not meet the validation rules.

401

API authentication failed

The request authentication signature is invalid. The response header will contain a sub-code with more information about the specific error:

401.1

The "signature" header is missing

401.2

Multiple "signature" headers

401.3

Signature must be a correctly formatted JSON string

401.4

Signature is missing “AppKey” or it is invalid

401.5

Signature is missing “IssuedAt” or it is invalid

401.6

"IssuedAt" timestamp is not within 60 minutes of the server time

401.7

AppKey not found

401.8

Signature is missing "Token"

401.9

Signature has an incorrect "Token" hash

401.10

The "Token" was encrypted using an expired AppSecret

Token authentication failed.

401.20The javascript "sessionID" is not unique
401.21Invalid javascript session
401.22Unknown request domain
401.23Token not recognized
401.24Token expired

Public authentication failed.

401.30PublicID expired
401.31Unknown public IP address
401.32PublicID not recognized
403

Entity authentication failed

Credentials for a specific account were invalid.

In case Data Isolation is enabled, the following sub codes may be returned in the response header:

403.21The 'ApiSessionKey' header was missing
403.22The 'ApiSessionKey' header was not recognised
403.23The ApiSession session is expired
403.25Access denied. The ApiSession does not have access to this resource

In case Illegal Access Prevention (IAP) is enabled, the following sub codes may be returned in the response header:

403.30API access has temporarily been denied due to unusual request activity
404

Object not found

The requested object wasn't found.

Any endpoint that uses dpKey may return the following sub code in the response header:

404.1User not found

Any endpoint that uses extKey/extType may return the following sub code in the response header:

404.2External user could not be found
409

Duplicate request

A duplicate request is currently being processed.

409.1Duplicate functionality is being processed (OperationLock)
412

Operation not allowed

Even though the app was correctly authenticated, the requested operation is not permitted due to restrictions on the app.

500Server error
501

Malformed request

The data supplied in the request body is not in the expected format.