The Authentication API reports the success or failure of an operation by using on Identity Cloud's Registration error system. This system reports errors by using status codes similar to HTTP status codes. Note, however, that the Registration status codes aren't identical to their HTTP counterparts. Registration error 415 (the authorization code has expired) is not the same as the HTTP status code 415 (unsupported media type). See the table below for information about the Registration error codes and what they mean.
A Registration error response always contains at least the following fields:
- code: an integer error code.
- error: a machine-readable string code.
- error_description: a text description of the error.
Request token
Whenever an operation fails the response includes the request_token field, a generated string of 16 characters. The request token is recorded in Identity Cloud's internal API logs. If you submit a support ticket, you should include the request_token value so support personnel can check logs and find the exact operation and error.
Error codes
Error codes are grouped into the following categories:
- 100. Missing argument.
- 200-399. An argument is invalid.
- 300-399. Occurs when creating, updating or querying records.
- 340-369. Occurs when a record value violates the schema. Errors 340-359 are for data type errors and 360-379 are for constraint errors.
- 400-499. Authentication and permission errors, including expired tokens and codes, and OAuth errors.
- 500+. Unexpected internal errors.
A code that is a multiple of 100 or 10 is a catch-all for the codes below it, and may be split off into more specific codes in the future.
100
missing_argument. A required argument wasn't supplied.
200
invalid_argument. The argument was malformed or its value was invalid.
201
duplicate_argument. Two or more conflicting arguments were included in the same operation. For example, you typically can't use id and uuid in the same operation.
205
invalid_auth_method. The request used an invalid authentication method. Different operations support different authentication methods.
210
invalid_credentials. The supplied email address or password was incorrect.
211
no_password. The user tried to log in with an email address and password, but the account only supports social login.
212
no_such_account. The user tried to log in with an email address and password, but the email address doesn't exist.
213
password_incorrect. The user tried to log in with an email address and password. The email address was valid, but the password wasn't.
214
password_unacceptable. Occurs when password history is enabled and you try to reuse a previously-used password.
221
unknown_application. The application ID doesn't exist.
222
unknown_entity_type. The entity type doesn't exist.
223
unknown_attribute. A specified attribute doesn't exist. This can occur when trying to create or update a record, or when modifying an attribute.
224
application_not_found. The application can't be found on the specified domain.
226
flow_error. The flow is misconfigured and needs to be updated.
232
entity_type_exists. You tried to create an identity type that already exists. Entity type names must be unqiue within an application.
233
attribute_exists. Your to create an attribute that already exists. Attribute names must be unique within an entity type schema.
234
reserved_attribute. You attempted to modify a reserved attribute. Some attributes -- such as uuid and created -- can't be modified.
300
error_creating_record. An error occurred while creating a new record.
310
record_not_found. You referenced an entity or plural element that doesn't exist.
320
id_in_new_record. You tried to add an ID to a new entity or plural element.
330
timestamp_mismatch. The created or lastUpdated value doesn't match the supplied argument.
340
invalid_data_format. A JSON value wasn't formatted correctly.
341
invalid_json_type. A value didn't match the expected JSON type.
342
invalid_date_time. A date or dateTime value wasn't valid. For example, ithe value wasn't formatted correctly or was out of range.
352
unknown_application. Occurs if password history is enabled and you try to reuse a previously-used password.
360
constraint_violation. An attribute constraint was violated. For example, you tried to write string data to an attribute that can only hold integer data.
361
unique_violation. A unique or locally-unique constraint was violated.
362
missing_required_attribute. An attribute with the required constraint was either missing or set to null. Required attributes can't have null values.
363
length_violation. A string value violated an attribute’s length constraint. For example, you tried to save the string ABCD to an attribute that can contain a maximum of 2 characters.
380
email_address_in_use. You tried to register a new user, but an existing user already has that email address.
390
invalid_form_fields. The data submitted did not pass form validation. This error is also generated if you exceed the allowed number of login attempts. In that case, you'll get the error message "Too many attempts. Please try again later."
402
invalid_client_credentials. The client ID doesn't exist or the client secret is wrong.
403
client_permission_error. The client doesn't have permission to perform the action.
413
no_access_grant. The supplied authorization code is not valid because the user’s access grant has been deleted.
414
access_token_expired. The supplied access token has expired.
415
authorization_code_expired. The supplied authorization code has expired.
416
verification_code_expired. The supplied verification code has expired.
417
creation_token_expired. The supplied creation token has expired.
420
redirect_uri_mismatch. The redirect URL is invalid.
480
api_feature_disabled. The operation has been temporarily disabled for maintenance, and should be available again shortly.
500
unexpected_error. An unexpected internal error occurred.
510
api_limit_error. Generated any time your request exceeds rate limits such as the allowed number of registration requests.
540
triggered_error. An error was triggered in the flow.