REST (HTTP)
Unless an endpoint documents otherwise, expect JSON error bodies on failure. The precise schema is defined per response in openapi.json (4xx / 5xx entries and components.schemas).
Common status codes
| Status | When it usually appears |
|---|---|
| 400 | Malformed request, invalid query or path parameters, or failed basic validation. |
| 401 | Missing or invalid credentials, signature, or auth context (see OpenAPI / deployment; not a generic “API key header”). |
| 403 | Authenticated but not allowed to perform the action. Signing or scope may be wrong. |
| 404 | Unknown path or resource id. |
| 409 | Conflict with current state (when the API uses this code). |
| 422 | Well-formed JSON but business-rule or semantic validation failed. |
| 429 | Rate limit exceeded — back off and retry; see Rate limits. |
| 500 | Unexpected server error — retry with idempotency care; contact support if persistent. |
Parsing errors in clients
- Read HTTP status first.
- Parse the response body if present (often an object with
message,code, or nestederrorfields — confirm against OpenAPI). - Log request id or trace headers if the API exposes them (names vary by deployment).
WebSocket application errors
The AsyncAPI contract includes aServerMessage::Error variant: a JSON text frame shaped like an object with an Error string field carrying a human-readable message.
Example shape (conceptual):
Where to debug quickly
- REST: Swagger UI for raw responses.
- Schemas: live OpenAPI and AsyncAPI.