Errors

The RiskNavigator API uses the default HTTP response codes to signal errors to the API caller. The following HTTP response codes are supported:

HTTP Status Code Description
200 - OK The request completed successfully.
400 - Bad Request The request was malformed and could not be processed.
401 - Unauthorized There was an issue with authentication. Usually, this happens when the JWT has either expired or is invalid.
403 - Forbidden The JWT token does not have sufficient permissions to view this resource.
404 - Not Found The resource does not exist.
500, 502, 503, 504 - Server Errors The API backend ran into an error resolving the request and failed.

In addition to the HTTP status codes, most HTTP responses include a detail field that gives more details about which problem occured. For example, in case the user is not allowed to request a resource, the following JSON will be returned:

1
2
3
{
  "detail": "You do not have permission to perform this action."
}

Error responses can include even more (optional) fields. For example when the JWT token is expired:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
{
  "detail": "Given token not valid for any token type",
  "code": "token_not_valid",
  "messages": [
    {
      "message": "Token is invalid or expired",
      "token_class": "AccessToken",
      "token_type": "access"
    }
  ]
}