Our API responses use standard HTTP status codes: 2xx status codes indicate success, 4xx status codes indicate invalid input or invalid action on current state, and 5xx status codes indicate a rare error on Truv's servers.
HTTP Responses
Code | Title | Description |
---|---|---|
200 | OK | The request was successful. |
201 | Created | The request was successful and a resource was created. |
400 | Bad Request | The request was unacceptable. |
401 | Unauthorized | Missing or invalid credentials. |
403 | Forbidden | Permission denied. |
404 | Not Found | The resource does not exist. |
405 | Method Not Allowed | The request method is known by the server but is not supported by the target resource. |
406 | Not Acceptable | The server cannot produce a response matching the list of acceptable values defined in the request's content negotiation headers. |
410 | Gone | Bridge token is expired. |
415 | Unsupported Media Type | The request's payload format is in an unsupported format. |
429 | Too Many Requests | Too many requests have been sent in a given period of time. |
50X | Internal Server Error | An error occurred with our API. |
Error message format
The response body contains the following fields:
code
is used to pass the source of the error.message
is used to communicate to the end-user what went wrong.invalid-params
is a list of form fields and related errors to show to the end user.field
parameter indicates UI where the form field error occurred.
Response
application/json
400 Bad request
{
"error":
{
"code": "validation_error",
"message": "Validation error",
"extra":
{
"invalid-params":
[
{
"field": "first_name",
"message": "First name is required"
},
{
"field": "last_name",
"message": "Last name is required"
}
]
}
}
}
Response
application/json
401 Unauthorized
{
"error":
{
"code": "expired_token",
"message": "Public token expired: 48427a36d43c4d5aa6324bc06c692456"
}
}
Response
application/json
403 Forbidden
{
"error":
{
"code": "incorrect_token",
"message": "Token is invalid"
}
}
Error codes
validation_error
- any type of erroneous input to the API, including incorrect data format or missing fieldsexpired_token
- used when a public token expires after 6 hours.incorrect_token
- used when any token (public or access) cannot be matched with internal storage