HTTP Status Codes
HTTP status codes break down into the following categories:
- 100-199: Informational messages
- 200-200: The message was successful
- 300-399: Redirection
- 400-415: Error on the client side
- 500-599: Error on the server side
Recognizing the general numeric category could be helpful in tracking down the source of an error.
The table below provides information on some of the more common HTTP error codes you might encounter when working with the Akana OAuth API. For a full list of HTTP error code numbers and meanings, refer to the HTTP spec.
HTTP Code | Body | Cause/explanation/examples |
---|---|---|
Success codes: | ||
200 | OK | The request completed successfully. |
201 | Created | Successful create (add) request. |
204 | No Content | The server successfully processed the request, but is not returning any content. |
Redirect codes: | ||
302 | Redirect | Redirect found. The client should use the URL given in the Location header. |
Client error codes: | ||
400 | Bad Request | Returned if the client sends invalid parameters or body content. For example, you might get this response if there is a typo in the request URL, or if you send malformed XML in your request (if applicable). |
401 | Unauthorized | Authentication (login) is required for this operation. For example, perhaps a required cookie was not included. |
403 | Forbidden | Authentication is required. |
404 | Resource not found | The information in the path, parameters, or message header/body didn't match up to any available resource at the specified URL. For example, the message has the wrong content-type, a typo in the URL, or a wrong accept-header; or you might get this error if a specified resource, such as an app, API, or rating, does not exist. You would also get this if you were using the wrong HTTP verb. |
405 | Method Not Allowed | The request is attempting to do something not allowed by this operation. For example, an Accept header that's not valid for the operation might cause this error, or an HTTP verb that's not supported for the operation. |
406 | Unacceptable/Not Acceptable |
Returned if the response format, as specified in the accept header, does not match the content type specified in the request. For example, you might get this response if you set the Accept header to text/xml for an operation that only returns an application/json response. |
409 | Invalid action for current resource state | The action attempted was not valid for the current state. For example, the message is attempting to cancel an API contract that doesn't currently have a status of Approved. |
415 | Unsupported Media Type | Returned if the request is using a media type not supported by the method. |
Server error codes: | ||
500 | Internal Server Error | An error occurred while processing the call. This error is generally returned for any business logic failure that doesn't fit into any of the defined categories above. |
OAuth/auz/authorize error codes: | ||
400 | Invalid Request | The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. |
Unauthorized Client | The client is not authorized to request an authorization code. | |
Unsupported Grant Type | The authorization grant type is not supported by the authorization server. | |
Invalid Scope | The requested scope is invalid, unknown, or missing. | |
Unsupported Response Type | The authorization server does not support obtaining an authorization code using the response type parameter used in an authorization request. | |
500 | Server Error |
The authorization server encountered an unexpected condition that prevented it from fulfilling the request. Note: This error code is needed because a 500 Internal Server Error HTTP status code cannot be returned to the client via an HTTP redirect.) |
OAuth/oauth20/token error codes: | ||
400 | Invalid Request | The request is missing a required parameter or includes an invalid parameter value. |
Unsupported Grant Type | The authorization grant type is not supported by the authorization server. | |
Invalid Client | Client authentication failed. For example, client authentication failed due to an unknown client, no client authentication included, or an unsupported authentication method. | |
Invalid Grant | The authorization grant code is invalid, expired, or does not match the redirection URI used in the authorization request. | |
Invalid Scope | The requested scope is missing, invalid, or unknown. | |
500 | Server Error | The authorization server encountered an unexpected condition that prevented it from fulfilling the request. |