Errors
In this guide, we will talk about what happens when something goes wrong while you work with the API. Mistakes happen, and mostly they will be yours, not ours. Let's look at some status codes and error types you might encounter.
You can tell if your request was successful by checking the status code when receiving an API response. If a response comes back unsuccessful, you can use the error type and error message to figure out what has gone wrong and do some rudimentary debugging (before contacting support).
Before reaching out to support with an error, please be aware that 99% of all reported errors are, in fact, user errors. Therefore, please carefully check your code before contacting Signet support.
Status codes
Here is a list of the different categories of status codes returned by the Signet API. Use these to understand if a request was successful.
- Name
2xx- Description
A 2xx status code indicates a successful response.
- Name
4xx- Description
A 4xx status code indicates a client error — this means it's a you problem.
- Name
5xx- Description
A 5xx status code indicates a server error — you won't be seeing these.
Error types
Whenever a request is unsuccessful, the Signet API will return an error response with an error type and message. You can use this information to understand better what has gone wrong and how to fix it. Most of the error messages are pretty helpful and actionable.
Here is a list of the error types supported by the Signet API — use these to understand what has gone wrong and how to fix it.
- Name
api_error- Description
This means that we made an error, which is highly speculative and unlikely.
- service_unavailable: The authentication service is temporarily unavailable due to internal service errors.
- internal_error: An unexpected server error occurred during request processing.
- report_retrieval_failed: A report was created but could not be retrieved due to a system error.
- Name
invalid_request- Description
This means that you made an error, which is much more likely.
- missing_header: The Authorization header is missing or malformed. Must use Bearer scheme.
- invalid_format: The token format is invalid. Token must be provided in Bearer format.
- authentication_failed: The bearer token authentication failed. The token is invalid or expired.
- expired_request: The request timestamp is outside the acceptable time window for replay attack prevention.
- missing_signature: The webhook signature header is required but missing.
- invalid_signature: The webhook signature verification failed.
- missing_body: The raw request body is required for signature verification but is missing.
- validation_failed: The request body validation failed due to missing or invalid fields.
- verification_failed: Credential or presentation verification failed.
- duplicate_flag: The device is already flagged with the same reason.
- already_flagged: The IP address is already in flagged state.
- profile_required: A partner profile is required but does not exist.
- profile_inactive: The partner profile exists but is currently inactive.
- user_id_missing: The user ID is not found in the request context.
- Name
not_found- Description
This means that the requested resource was not found.
- not_found: The requested user, partnership, or resource does not exist or is not associated with the authenticated partner.
- Name
conflict- Description
This means that the request conflicts with the current state of the resource.
- conflict: A user with the same email already exists or there is a resource conflict.
- Name
forbidden- Description
This means that the request is forbidden due to insufficient permissions.
- forbidden: The request is forbidden due to insufficient permissions or authorization failure.
Error response
{
"success": false,
"message": "Error description",
"errors": {
"error_category": {
"code": "error_code",
"reason": "Detailed error reason",
"details": { /* Additional context */ }
}
}
}