Our API responses use standard HTTP status codes: 2xx status codes indicate success, 4xx status codes indicate invalid input or invalid action on current state, and 5xx status codes indicate a rare error on Truv's servers.

HTTP Responses

Code Title Description
200 OK The request was successful.
201 Created The request was successful and a resource was created.
400 Bad Request The request was unacceptable.
401 Unauthorized Missing or invalid credentials.
403 Forbidden Permission denied.
404 Not Found The resource does not exist.
405 Method Not Allowed The request method is known by the server but is not supported by the target resource.
406 Not Acceptable The server cannot produce a response matching the list of acceptable values defined in the request's content negotiation headers.
410 Gone Bridge token is expired.
415 Unsupported Media Type The request's payload format is in an unsupported format.
429 Too Many Requests Too many requests have been sent in a given period of time.
50X Internal Server Error An error occurred with our API.

Error message format

The response body contains the following fields:

  • code is used to pass the source of the error.
  • message is used to communicate to the end-user what went wrong.
  • invalid-params is a list of form fields and related errors to show to the end user. field parameter indicates UI where the form field error occurred.
Response
    application/json

    400 Bad request
    {
        "error":
        {
            "code": "validation_error",
            "message": "Validation error",
            "extra":
            {
                "invalid-params":
                [
                    {
                        "field": "first_name",
                        "message": "First name is required"
                    },
                    {
                        "field": "last_name",
                        "message": "Last name is required"
                    }
                ]
            }
        }
    }
Response
    application/json

    401 Unauthorized
    {
        "error":
        {
            "code": "expired_token",
            "message": "Public token expired: 48427a36d43c4d5aa6324bc06c692456"
        }
    }
Response
  application/json

403 Forbidden
    {
        "error":
        {
            "code": "incorrect_token",
            "message": "Token is invalid"
        }
    }

Error codes

  • validation_error - any type of erroneous input to the API, including incorrect data format or missing fields
  • expired_token - used when a public token expires after 6 hours.
  • incorrect_token - used when any token (public or access) cannot be matched with internal storage