Error Handling

For all APIs, in case of insufficient privileges the response will be HTTP code 403 Forbidden or 401 Unauthorized (no response body).

The User APIs' validation errors have HTTP code 400 and a body as shown below:

{
    "message": [
        {
            "errorName": "VALIDATION_GENERAL_FAILURE",
            "code": "10001",
            "description": "Invalid username: finance1234 already exists"
        }
    ]
}

The description can vary according to the offending field:

Invalid first name <name>
Invalid last name <name>
Invalid email <email>
Invalid password

During SSO generation, you may get an HTTP 403 Forbidden error in the following cases:

1. If you try to generate too many tokens:

{
    "message": [
        {
            "errorName": "Failed to generate SSO token",
            "code": "50500",
            "description": "Exceeded limit of SSO token generations per minute"
        }
    ]
}

2. If you try to generate a user ID that does not belong to your user:

{
    "message": [
        {
            "errorName": "Failed to generate SSO token",
            "code": "50500",
            "description": "Insufficient Privileges: not allowed to call this API"
        }
    ]
}

🚧

Multiple Validation Errors

It's possible for you to receive multiple validation errors, as shown in the example below:

{
  "message": [
        {
            "errorName": "VALIDATION_GENERAL_FAILURE",
            "code": "10001",
            "description": "Invalid first name "
        },
        {
            "errorName": "VALIDATION_GENERAL_FAILURE",
            "code": "10001",
            "description": "Invalid last name "
        },
        {
            "errorName": "VALIDATION_GENERAL_FAILURE",
            "code": "10001",
            "description": "Invalid email @bls.com"
        }
  ]
}