HTTP status codes
|
Error code |
Description |
Possible Causes |
How to fix? |
|---|---|---|---|
|
400 Bad Request |
The request could not be understood or was missing required parameters. |
Incorrect or missing parameters (e.g., client_id, client_secret, grant_type, etc.). Invalid request format or content type. |
Verify the request body and parameters. Make sure all required fields are present and valid. |
|
401 Unauthorized |
The request lacks valid authentication credentials. |
Missing or invalid Access Token in the request. Incorrect client_id or client_secret. The token has expired or been revoked. |
Ensure the Access Token is valid and not expired. Re-generate an Access Token if necessary. Double-check client_id and client_secret. |
|
403 Forbidden |
The authenticated user does not have permission to access the requested resource. |
Insufficient permissions or scopes associated with the Access Token. The user or client app is not authorized for this specific action. |
Ensure that the correct scopes are requested during the authorization process. Check if the resource requires additional permissions. |
|
404 Not Found |
The requested resource could not be found. |
Incorrect API endpoint or resource URL. The resource has been deleted or does not exist. |
Verify the API endpoint URL and ensure it is correct. |
|
405 Method Not Allowed |
The HTTP method used in the request is not supported for this endpoint. |
Using GET instead of POST for token requests. Using an unsupported method for an API resource. |
Check the documentation to ensure the correct HTTP method is used. |
|
500 Internal Server Error |
An unexpected server error occurred. |
A problem on the API provider's server side. Temporary service downtime. |
Retry the request later or contact support if the issue persists. |
|
503 Service Unavailable |
The server is temporarily unable to handle the request. |
Server overload or maintenance. Rate-limiting or throttling issues. |
Wait for some time and retry the request. |
OAuth 2.0 & OpenID Connect-specific error codes
|
Error code |
Description |
Possible Causes |
How to fix? |
|---|---|---|---|
|
invalid_request |
The request is missing a required parameter or includes an invalid parameter. |
Required parameters like client_id, grant_type, or scope are missing or invalid. Malformed request or incorrect encoding. |
Review the request and add the missing or correct parameters. |
|
invalid_client |
The client authentication failed (e.g., incorrect client_id or client_secret). |
Wrong client_id or client_secret. Client credentials are invalid, revoked, or missing. |
Double-check the client credentials and make sure they are correct and properly included in the request. |
|
invalid_grant |
The provided authorization grant or refresh token is invalid, expired, or revoked. |
Incorrect or expired authorization code. Invalid refresh token. Mismatched redirect URI. |
Re-authenticate the user and request a new authorization grant or refresh token. |
|
unauthorized_client |
The client is not authorized to use this grant type. |
The client is not allowed to use a specific grant type (e.g., password, client_credentials). The client is not authorized to request certain scopes. |
Verify that the client is registered to use the grant type and requested scopes. |
|
unsupported_grant_type |
The authorization server does not support the requested grant type. |
The grant_type parameter in the request is unsupported or misspelled. |
Check if the grant type is supported by the server and correct any misspellings in the request. |
|
invalid_scope |
The requested scope is invalid, unknown, or malformed. |
The requested scope does not exist or is misspelled. The client is not allowed to request certain scopes. |
Verify the scope names and ensure they match the allowed scopes. |
|
access_denied |
The resource owner or authorization server denied the request. |
The user declined to grant permission to the application. The authorization server is denying access to the requested resource. |
Check the authorization flow and ensure that the user has granted permission. If the issue persists, contact the authorization provider. |
|
server_error |
The authorization server encountered an unexpected condition. |
Internal server error on the provider's side. |
Retry the request later, and if the problem persists, contact the service provider. |
|
temporarily_unavailable |
The authorization server is temporarily unable to handle the request. |
Server maintenance or service outage. |
Retry the request later. |
Token-related errors
|
Error code |
Description |
Possible Causes |
How to fix? |
|---|---|---|---|
|
invalid_token |
The provided token is invalid or expired. |
Access Token or Refresh Token is malformed, expired, or revoked. The token was issued for a different client or resource. |
Request a new token and ensure it is used within its validity period. |
|
insufficient_scope |
The token does not have sufficient scope to access the requested resource. |
Re-authenticate with the correct scope or request a new token with the required permissions. |
Re-authenticate with the correct scope or request a new token with the required permissions. |
OAuth does not return token
To use OAuth, you need to create an app and obtain the key and secret for that app as these are used to produce the authorisation string. The authorisation string is the base64-encoded version of the app's client ID, ':' and password. 64 bit encoding tools are freely available on the internet. When calling the OAuth API, prefix this string with 'Basic ' (separated by a space).
Sandbox API does not give expected response
For each API that is supported in the sandbox, we provide a table of codes to trigger the response alongside the expected responses. Typically this means changing the last few characters of either the tracking header or the MSISDN that is used to call the API. You cannot use live data such as your own mobile number with the sandbox.
I can’t see my product when building an app
When you view your app, all of the products that you've used to create your app are listed. You can add another product to that app by using the edit button.
I’m getting an unexpected error code
All of the errors that the API creates are listed in the relevant API documentation. If you encounter an error code that's not documented, please contact the support team.