Skip to Content

Errors

Failures always use the standard envelope with an HTTP error status:

{ "status": "fail", "error": { "code": "V1_RESOURCE_NOT_FOUND", "message": "Resource not found" } }

error.code is stable — match on it, not on message.

v1 surface

StatusCodeMeaning
400V1_INVALID_REQUESTA parameter or body field is missing/invalid — the message names it
404V1_RESOURCE_NOT_FOUNDThe job/application doesn’t exist or is outside the key’s scope (deliberately indistinguishable — see scoping)
429V1_RATE_LIMITEDOver the per-key limit (default 120/min). Wait Retry-After seconds

Authentication

StatusCodeMeaning
401API_KEY_MISSINGNo X-API-Key header
401API_KEY_INVALIDUnknown, malformed, or revoked key
401API_KEY_EXPIREDKey is past its expiresAt

Key management (/api/orgs/:orgId/api-keys)

StatusCodeMeaning
400API_KEY_NAME_REQUIREDname missing or empty
400API_KEY_INVALID_CLAIMSclaims.teams/claims.jobs not arrays of ID strings
400API_KEY_INVALID_EXPIRYexpiresAt not a future ISO-8601 date
404API_KEY_NOT_FOUNDNo such key in this workspace (or already revoked)
401/403Caller is not signed in / not an owner or admin

Handling advice

  • Treat 404 on a known-good ID as a scoping problem first — check the key’s claims before assuming the resource is gone.
  • On 429, honor Retry-After; the window is short (one minute).
  • 4xx other than 429 will not succeed on retry without changing the request.