This page is the global error-code dictionary for the API. Every error response carries a stable, machine-readable code your client must use to branch logic. The detail is human-readable and translated; the code never changes and is never translated.

For a gentle intro to the error envelope, see Errors. For related flows, see Idempotency, Rate limits, and Webhooks architecture.

Response shape

Every error response follows the standard JSON:API envelope — an errors array and a meta object. A single response can carry several errors when applicable (typically for field validation).

{
  "errors": [
    {
      "status": "422",
      "code": "phone_not_verified",
      "detail": "Phone is not verified.",
      "source": { "pointer": "/data/attributes/phone" },
      "meta": { "masked_phone": "+52 55 ••••1234" }
    }
  ],
  "meta": {
    "version": "1.47.0",
    "api_version": "v1",
    "request_id": "a1b2c3d4e5f6",
    "datetime": { "timezone": "UTC", "format": "ISO 8601" }
  }
}

Global rules

  • code is stable, snake_case ASCII, and never translated. Branch client logic on this field.
  • detail is human-readable and translated per Accept-Language (es / en).
  • status is the HTTP status code as a string (matches the response status).
  • source.pointer (optional) is a JSON Pointer (RFC 6901) to the request-body field that failed.
  • Per-error meta is optional — some codes attach context (e.g. masked_phone, retry_after_seconds).
  • A 422 response may include several errors — one per invalid field.
  • meta.request_id correlates with server logs — always include it when reporting a bug.

Common HTTP statuses

StatusMeaning in this API
400 Bad RequestRequest is malformed — invalid JSON, missing query param, wrong format. Don't retry without fixing.
401 UnauthorizedAuthentication missing, token expired, or invalid credentials. Re-auth before retrying.
403 ForbiddenAuthenticated but lacking permission for this resource or action. Don't retry — the caller lacks the role or auth method.
404 Not FoundThe resource doesn't exist or isn't visible to the caller.
405 Method Not AllowedCorrect path, wrong HTTP method.
409 ConflictState conflict — typically in-flight idempotency, resource already terminal, or race condition. May be worth retrying after Retry-After.
410 GoneResource existed but was deleted.
413 Payload Too LargeBody or upload exceeds the endpoint cap.
422 Unprocessable EntityRequest parsed correctly but failed business validation. A single response may list multiple errors.
429 Too Many RequestsRate limit exceeded. Wait Retry-After seconds before retrying.
500 Internal Server ErrorUnexpected server failure. Retry with exponential backoff.
502 Bad GatewayUpstream service (Banxico, Stripe) is down or returned malformed data. Retry with backoff.
503 Service UnavailableSubsystem temporarily disabled or overloaded. Retry after Retry-After.

Taxonomy by category

Authentication & session

codeStatusWhen firedEndpointsClient should
unauthorized401Missing, invalid, or expired credentials.All protectedRe-authenticate (relogin or rotate API key)
invalid_credentials401Wrong email or password.POST /v1/auth/login, POST /v1/auth/request-verification-otpShow a generic message — don't reveal which failed
auth_header_empty401The Authorization header is empty.All protectedSend Authorization: Bearer ...
unrecognized_auth_format401Authorization doesn't parse as Bearer <token>.All protectedUse Bearer mxcep_... (API key) or cookie JWT
invalid_api_key401API key prefix or format is invalid.M2M endpointsRegenerate from /uso or POST /v1/users/me/api-key/regenerate
invalid_encrypted_api_key401API key doesn't decrypt against the server secret.M2M endpointsRegenerate
api_key_decryption_failed401Cryptographic failure decrypting the API key.M2M endpointsRegenerate
auth_method_denied403Endpoint requires cookie (UI) but request used API key, or vice versa.Audience-restrictedUse the correct auth method — see Authentication
dashboard_token_misuse401A dashboard token was used against an M2M endpoint./v1/* M2MUse API key, not cookie
token_expired401JWT has expired.Cookie endpointsRenew (re-login) or clear the cookie
token_lifetime_exceeded401JWT exceeds the server's absolute max lifetime.Cookie endpointsRe-login
invalid_token_format401JWT doesn't have 3 segments.Cookie endpointsRe-login
invalid_token_encoding401JWT doesn't decode as base64url.Cookie endpointsRe-login
invalid_token_signature401JWT signature doesn't verify.Cookie endpointsRe-login
invalid_token_payload401JWT payload doesn't parse as JSON.Cookie endpointsRe-login
invalid_token_issuer401JWT iss is unexpected.Cookie endpointsRe-login
invalid_token_audience401JWT aud is unexpected.Cookie endpointsRe-login
unsupported_token_algorithm401JWT uses an alg outside the whitelist.Cookie endpointsRe-login
session_invalidated401Session was manually invalidated (force-logout, 2FA reset).Cookie endpointsRe-login
csrf_missing401X-CSRF-Token header missing on a cookie-only mutation.UI mutationsRefresh the cookie and retry
csrf_mismatch401CSRF token doesn't match the cookie.UI mutationsRefresh the cookie and retry
forbidden403RBAC permission denied.AnyAsk your account admin for the permission
permission_denied403Variant of forbidden for admin endpoints./v1/admin/*Check the user's role
account_suspended403Caller's account is suspended.All authenticatedContact support
account_deleted403Account was soft-deleted.All authenticatedContact support
registration_disabled403Global flag registration.enabled is OFF.POST /v1/auth/registerWait until re-enabled

OTP, 2FA, and verification

codeStatusWhen firedEndpointsClient should
phone_not_verified403Phone hasn't been verified via OTP.POST /v1/auth/login, mutationsTrigger POST /v1/auth/request-verification-otp
phone_already_verified409Phone is already verified.POST /v1/auth/request-verification-otpContinue with the normal flow
otp_not_found404No active OTP for that user + purpose.POST /v1/auth/verify-phone, GET /v1/auth/otp-statusRe-request OTP
otp_invalid_code422OTP code is wrong.POST /v1/auth/verify-phone, password resetRe-enter (capped at N attempts)
otp_expired422OTP expired before use.OTP confirmationRe-request OTP
otp_max_attempts422Attempts exhausted for this OTP.OTP confirmationRequest a brand-new OTP
otp_already_used422OTP was already consumed.OTP confirmationRequest another
otp_cooldown429Too many OTPs in a short window.POST /v1/auth/resend-otpWait the cooldown
invalid_otp_id422The otp_id isn't a UUID.OTP confirmationRe-request OTP and use the new otp_id
invalid_otp_parameters422OTP payload incomplete.OTP confirmationCheck required fields
missing_otp_id422otp_id missing from body.OTP confirmationAdd otp_id
invalid_verification_token422Verification token invalid or malformed.POST /v1/auth/reset-passwordRestart the verification flow
invalid_reset_context422Reset context (purpose, audience, expiry) doesn't match.POST /v1/auth/reset-passwordRestart the flow
purpose_mismatch422OTP was issued for a different purpose.password-reset endpointsRe-request OTP with the correct purpose
confirmation_token_missing422confirmation_token missing in a step-up call.step-up endpointsAdd confirmation_token
confirmation_token_invalid422Malformed step-up token.step-upRe-request the token
confirmation_token_malformed422Token doesn't have the expected structure.step-upRe-request
confirmation_token_mismatch422Token corresponds to a different action.step-upRe-request for the correct action
confirmation_token_already_used409Token already consumed (single-use).step-upRequest a new one
confirmation_token_slug_mismatch422Token was issued for a different plan/slug.step-up billing/plansRe-issue for the correct slug
twofa_required401The user has 2FA enabled — solve the challenge.POST /v1/auth/loginTrigger POST /v1/auth/2fa/verify-challenge
twofa_invalid_challenge422Wrong 2FA challenge code.POST /v1/auth/2fa/verify-challengeRe-enter
twofa_invalid_context4222FA context (purpose / audience) doesn't match.2FA endpointsRestart the flow
twofa_not_enabled422Tried to verify 2FA but the user doesn't have it on.2FA endpointsEnable 2FA first
twofa_already_disabled4222FA disable requested but already off.POST /v1/auth/2fa/confirm-disableIgnore — state is correct
twofa_already_enabled4222FA enable requested but already on.POST /v1/auth/2fa/confirm-enableIgnore — state is correct
twofa_method_same422Method change requested but new method equals current.POST /v1/auth/2fa/confirm-method-changePick a different method
twofa_method_unsupported422Requested 2FA method isn't supported.2FA endpointsUse sms or email
twofa_action_mismatch422Resolved challenge doesn't match the requested action.2FA step-upRestart the step-up

Registration & account

codeStatusWhen firedEndpointsClient should
email_already_registered422Email already has a verified account.POST /v1/auth/registerShow a generic anti-enum message
email_already_taken422Variant: email isn't available.Email changePick another
email_already_verified409Email is already verified.POST /v1/auth/email/request-verifyContinue normally
email_same_as_current422New email matches the current one.POST /v1/auth/email/request-changeUse a different email
email_delivery_failed502Email provider rejected the send.Email change/verifyRetry; contact support if persistent
phone_taken422Phone is on another verified account.Registration / phone changeUse a different phone
phone_required_for_email_change422Verified phone required before changing email.POST /v1/auth/email/request-changeVerify phone first
password_mismatch422password and password_confirmation don't match.Registration / resetRe-enter matching values
password_too_short422Password below min length.Registration / reset / changeUse a longer password
password_too_weak422Password fails complexity rules.Registration / reset / changeStrengthen the password
new_password_too_short422Variant: in password change, the new value is too short.Password changeUse more characters
current_password_required422current_password missing in a password change.Password changeAdd the field
current_password_incorrect422current_password is wrong.Password changeRe-enter correctly
invalid_email_change_context422Email-change context invalid (purpose mismatch).Email change applyRestart the flow
sms_delivery_failed502SMS provider rejected the OTP send.Re-OTP / registerRetry; contact support if persistent
unsupported_locale422Submitted locale isn't whitelisted.PUT /v1/users/meUse es or en
language_unsupported422Variant of unsupported_locale.PUT /v1/users/meUse es or en

Generic field validation

These codes are emitted by Support\Validator and may appear on any endpoint with a body.

codeStatusWhen firedClient should
required422Required field missing.Include the field
missing_field422Variant of required for specific fields.Include the field
invalid_format422Field doesn't match expected format.Fix the format
invalid_value422Value outside allowed set.Use a value from the enum
invalid_type422PHP/JSON type doesn't match.Adjust the type
invalid_email422Email doesn't parse.Fix it
invalid_phone422Phone doesn't parse as E.164.Use +52... format
invalid_uuid422Not a UUID v4.Pass a valid UUID
invalid_url422URL is malformed.Fix it
invalid_url_scheme422Only https accepted.Use https://
url_ssrf_blocked422URL points to a private IP / DNS rebind.Use a public host
url_dns_failed422DNS couldn't resolve the host.Verify the host
max_length_exceeded422Exceeds field max length.Shorten
invalid_amount422Amount doesn't parse as positive decimal.Fix it
invalid_date422Date malformed or out of range.Use ISO 8601
invalid_account_format422Account isn't CLABE 18 / card 16 / phone E.164.Fix per account_type
invalid_clabe_checksum422CLABE check digit fails.Verify the CLABE
invalid_card_luhn422Card Luhn check fails.Verify the PAN
invalid_account_length422Wrong length for the type (18 CLABE / 16 card / 10 phone).Adjust length
invalid_bank_code422Bank code not in the catalog.Use GET /v1/public/banks
invalid_image422Image doesn't decode.Re-send
invalid_image_format422Format outside JPEG/PNG/WEBP.Convert to JPEG/PNG
image_too_large422Image over the cap.Reduce size
validation_error422Generic validation error.Check source.pointer and meta
validation_failed422Variant for combined failures.Check the detail
invalid_request_body400JSON doesn't parse.Send valid JSON
invalid_payload400Payload shape doesn't match the contract.Check endpoint spec
payload_too_large413Whole body over the cap.Shrink
payload_corrupt422Payload arrived truncated or malformed.Re-send
message_build_failed422Server couldn't build the message to dispatch.Retry

Idempotency

See Idempotency for the full contract.

codeStatusWhen firedClient should
invalid_idempotency_key400Idempotency-Key header fails [A-Za-z0-9_-]{1,255}.Generate a new key with valid characters
idempotency_key_in_progress409Another in-flight request shares this key.Wait Retry-After seconds and retry
idempotency_key_reused422Same key used previously with a different body.Generate a new key or replay the exact body

SPEI transfer validation

Applies to POST /v1/validate, POST /v1/validate-ocr, and the bulk validation pipeline.

codeStatusWhen firedClient should
clabe_prefix_not_recognized422First 3 digits of the CLABE don't map to any bank.Verify the CLABE — may not be SPEI
bank_code_required_for_phone422account_type=phone requires an explicit bank_code.Add bank_code
bank_code_unresolvable_for_phoneterminalAsync: bank couldn't be resolved from the phone via DiMo.Wait — terminal state is error
intra_bank_no_cepterminalAsync: intra-bank transfer; Banxico doesn't issue CEP.Look for the bank's internal receipt
clave_or_ref_required422Need clave_rastreo or referencia_numerica.Include one
image_or_image_url_required422OCR: neither image nor image_url.Send one
image_not_readable422OCR couldn't read the image.Send a clearer image
image_not_readable_receipt422OCR read it but it doesn't look like an SPEI receipt.Send the right receipt
image_not_spei_receipt422The receipt isn't SPEI (another transfer type).Send an SPEI receipt

Async-validation terminal codes

These codes appear in validations.error_code when an async validation lands in terminal state error or failed. See Async validations and Retry policy.

codeWhen firedTriggers validation.error webhook
networkBanxico unreachable after network retries exhausted.Yes
captchaBanxico returned an active captcha.Yes
max_retries_exceededPlan's retry cap was hit.Yes
ttl_expiredJob TTL elapsed before reaching terminal state.No
preflight_failedPre-dispatch validation failed.No
rate_limit_exhaustedProxy/rate slots exhausted.No
dispatch_failedHandler couldn't dispatch the job.No
bank_code_unresolvable_for_phonePhone account_type with no resolvable bank.No
intra_bank_no_cepIntra-bank — Banxico doesn't issue CEP.No
banxico_rate_limitBanxico returned a punctual rate-limit.(internal, retries)
banxico_rate_limit_exhaustedRate-limit retries exhausted.(internal)
banxico_captcha_activeBanxico has a global captcha active.(internal, retries)
rate_limit_batchBatch lot hit rate-limit.No
ocr_errorOCR upstream (Gemini) failed.No
banxico_errorGeneric Banxico error.No

Beneficiaries

codeStatusWhen firedEndpointsClient should
query_param_account_required400Missing ?account= in the query.GET /v1/beneficiaries/lookup, /validate-accountAdd the param
query_param_last_digits_required400Missing ?last_digits= in the query.GET /v1/account-directory/lookupAdd the param
invalid_last_digits_length422last_digits isn't 4 digits.GET /v1/account-directory/lookupPass 4 digits
account_number_required422Missing account_number in body.POST /v1/beneficiariesAdd the field
beneficiary_already_registered422Account is already in your beneficiaries.POST /v1/beneficiariesReuse the existing one
beneficiary_not_found_for_account404No beneficiary linked to this account.GET /v1/beneficiaries/lookupCreate it
account_not_in_catalog404Account doesn't appear in the cross-tenant directory.GET /v1/account-directory/lookupTreat as "no info"

Bulk imports (validations + beneficiaries)

codeStatusWhen firedEndpointsClient should
file_required422No file in the upload.POST /v1/{validations,beneficiaries}/importsAttach the file
multi_upload_not_allowed_for_text422Multi-select but the files are plain text.POST /v1/validations/importsUpload one by one, or use images/ZIP
parse_failed422Parser couldn't extract rows.Imports (preview)Check the file format
commit_failed422Import commit failed mid-way.POST /v1/{validations,beneficiaries}/imports/{id}/commitCheck detail; retry if idempotent
job_not_editable422Edit attempted on a job in terminal state.PATCH /v1/validations/imports/{id}/rows/{row_id}The job is already committed
job_not_cancellable409Cancel requested on a non-cancellable job.Imports adminJob already terminal
no_valid_fields422Edit payload has no valid fields.PATCH import rowInclude at least one field
zip_pack_failed422Failed to repack a ZIP of images.POST /v1/validations/imports with ZIPRetry with a standard ZIP
no_valid_test_files422No processable file in the upload.Admin testsCheck the set
duplicate_clave_rastreo(row)Same clave_rastreo across rows of the same import.preview rowsEdit or discard the duplicate
duplicate_tuple(row)Duplicate tuple (sender, receiver, date, amount).preview rowsEdit or discard
account_duplicate(row)Beneficiary import: repeated account_number.preview rowsEdit/discard
alias_duplicate(row)Beneficiary import: repeated alias.preview rowsEdit/discard
alias_missing(row)Beneficiary import: alias missing.preview rowsAdd it
clabe_checksum_failed(row)Row's CLABE fails checksum.preview rowsFix
card_luhn_failed(row)Row's card fails Luhn.preview rowsFix
bin_unknown(row)Card BIN doesn't map to a bank.preview rowsVerify the PAN
masked_account_unresolved(row)Account arrived masked and didn't resolve.preview rowsEdit with the full account
no_match(row)Free-form parser didn't detect fields.preview rowsEdit manually
no_usable_data(row)Row has insufficient data.preview rowsEdit or discard
tracking_missing(row)clave_rastreo missing.preview rowsAdd
clabe_missing(row)CLABE/account missing.preview rowsAdd
fecha_missing(row)Date missing.preview rowsAdd
fecha_invalid(row)Date doesn't parse.preview rowsFix
monto_missing(row)Amount missing.preview rowsAdd
monto_invalid(row)Amount doesn't parse.preview rowsFix

Plan & billing

codeStatusWhen firedEndpointsClient should
plan_not_found404Referenced plan doesn't exist./v1/billing/*, /v1/plans/{slug}List plans via GET /v1/plans/public
billing_plan_not_found422Variant: slug doesn't resolve to an active plan.POST /v1/billing/checkout-sessionVerify the slug
billing_plan_is_free422Attempted to subscribe to a free plan via Stripe checkout.CheckoutFree plans are assigned without Stripe
billing_plan_not_self_service422Plan isn't assignable via self-service.CheckoutContact support
billing_plan_slug_required422Missing plan_slug in body.CheckoutAdd the field
billing_plan_slug_too_long422Slug exceeds max length.Checkout / adminShorten
billing_plan_slug_invalid422Slug doesn't match ^[a-z0-9-]+$.Checkout / adminFix it
billing_intent_invalid_shape422app_checkout_intent cookie is corrupt.CheckoutClear the cookie and restart
billing_invalid_interval422interval isn't month or year.Checkout / admin pricesUse an allowed value
billing_invalid_kind422Price kind isn't base or metered.Admin pricesUse an allowed value
billing_disabled503Billing module is disabled in this deploy./v1/billing/*Wait until enabled
no_active_subscription404User has no active subscription./v1/billing/subscription/*Start checkout
subscription_race_retry409Race condition mutating the subscription — retry./v1/billing/subscription/*Retry after 1-2s
subscription_not_found404Subscription doesn't exist.Admin subsVerify user_id
stripe_cancel_failed502Stripe rejected the cancel./v1/billing/subscription/cancelRetry
stripe_checkout_failed502Stripe rejected the session creation.CheckoutRetry
stripe_unreachable502Stripe API timeout / connection error.Any billingRetry
stripe_invoice_malformed422Stripe invoice arrived incomplete in the webhook.(internal)(logged & resync)
stripe_subscription_malformed422Stripe subscription arrived incomplete.(internal)(logged & resync)
stripe_meter_lookup_failed502Stripe meter lookup failed.Metered billingRetry
stripe_meter_missing422Expected meter not in Stripe.Metered billingCreate the meter or disable metered
stripe_product_create_failed502Stripe Product creation failed.Admin plansRetry
stripe_price_not_found404stripe_price_id doesn't exist in Stripe.Admin pricesVerify the ID
stripe_price_archive_failed502Stripe rejected price archive.Admin pricesRetry
stripe_price_id_required422Missing stripe_price_id.Admin pricesAdd
stripe_price_id_format_invalid422stripe_price_id doesn't match price_*.Admin pricesFix
price_not_found404Local price doesn't exist.Admin pricesVerify the ID
price_local_id_required422Missing price_local_id.Admin pricesAdd
price_not_active422Price is archived.Checkout / adminActivate first
price_already_in_catalog422stripe_price_id already used by another price.Admin pricesReuse the existing
price_combo_already_exists422Duplicate (plan, interval, currency, kind) combo.Admin pricesEdit the existing one
price_plan_mismatch422Referenced price doesn't belong to this plan.Admin pricesUse the correct plan
source_price_id_required422Missing source_price_id in migrate.Admin price migrateAdd
unit_amount_required422Missing unit_amount.Admin pricesAdd
overage_update_failed422Overage toggle failed./v1/billing/overage/{enable,disable}Retry
overage_not_applicable422Current plan doesn't support overage.Overage toggleUpgrade plan
refund_amount_invalid422Invalid refund amount (negative or > invoice).Admin refundFix
refund_invoice_not_found404Referenced invoice doesn't exist in Stripe.Admin refundVerify invoice_id
admin_grant_failed422Admin-side plan grant failed.Admin grant-planCheck the detail
comp_amount_invalid422Invalid comp amount.Admin compFix
comp_user_missing422Target user missing in comp.Admin compAdd
comp_user_not_found404Comp target user doesn't exist.Admin compVerify

Finance

codeStatusWhen firedEndpointsClient should
invalid_month400month param missing or not YYYY-MM./v1/finance/*, /v1/api-usage/*Pass YYYY-MM
invalid_period400period doesn't match the convention.Finance / usageFix
invalid_range400from/to range incoherent.Finance / usageFix
range_required400range or from/to missing.Finance / usagePass one
pdf_render_failed500dompdf failed to render.Finance PDFRetry; report if persistent
xlsx_render_failed500PhpSpreadsheet failed.Finance XLSXRetry
csv_stream_failed500CSV stream failed.Finance / exports CSVRetry
invalid_export_format422Format outside json/csv/xlsx/pdf.ExportsPick a supported one
no_ceps404No CEPs in the range.GET /v1/finance/cepsAdjust the range

Webhooks & notifications

codeStatusWhen firedEndpointsClient should
webhook_url_required422url missing.POST /v1/webhooksAdd
webhook_url_empty422url sent but empty.PATCH /v1/webhooks/{id}Add a real URL
webhook_url_too_long422url over 2048 chars.Webhooks CRUDShorten
webhook_url_invalid_format422url doesn't parse.Webhooks CRUDFix
webhook_url_not_https422Scheme isn't https.Webhooks CRUDUse HTTPS
webhook_events_required422events array missing.Webhooks CRUDAdd at least one
webhook_events_too_many422More events than the cap.Webhooks CRUDReduce
webhook_event_invalid422Event outside the registry.Webhooks CRUDSee events in docs
webhook_status_invalid422status isn't active/disabled.Webhooks CRUDFix
webhook_limit_reached422Plan webhook cap hit.POST /v1/webhooksUpgrade plan or delete one
signature_invalid401Incoming webhook signature mismatch — Stripe ingress.POST /v1/webhooks/stripeVerify the secret and timestamp
push_subscription_invalid_shape422PushSubscription object is invalid.POST /v1/notifications/push/subscribeRe-subscribe from the SW
push_subscription_endpoint_required422endpoint missing.POST /v1/notifications/push/testAdd
push_subscription_endpoint_not_https422Endpoint isn't HTTPS.Push subscribeCheck the provider
push_subscription_endpoint_too_long422Endpoint exceeds the cap.Push subscribe(provider issue)
push_subscription_none_active422No active push subscriptions.POST /v1/notifications/push/testSubscribe first
push_not_configured503Server has no VAPID configured.Push endpointsContact support
notifications_event_unknown422Event outside the registry./v1/notifications/preferencesCheck valid events
notifications_channel_unknown422Channel outside the registry.PreferencesUse email/sms/push/in_app/telegram
notifications_preference_invalid422Preference shape invalid.PreferencesCheck the body
notifications_preference_locked422Preference is forced by the server (broadcast).PreferencesNot user-editable
notifications_preferences_empty422Body has no preferences.PreferencesAdd at least one
notification_not_found404Referenced notification doesn't exist.GET /v1/notifications/{id}Verify the id
invalid_notification_id422id isn't a UUID.NotificationsFix
telegram_bot_not_configured503Telegram bot isn't configured server-side./v1/notifications/telegram/linkContact support
quiet_hours_invalid_timezone422Timezone doesn't exist.PUT /v1/notifications/quiet-hoursUse an IANA TZ
quiet_hours_minutes_out_of_range422Minutes outside [0, 1440].Quiet hoursFix

Rate limit

See Rate limits for the full headers + buckets convention.

codeStatusWhen firedClient should
rate_limited429Generic rate-limit bucket exceeded.Wait Retry-After seconds
rate_limit_exceeded429Variant for internal buckets (e.g. login).Wait and retry
too_many_requests429Semantic variant of the standard 429.Wait

Generic resources

codeStatusWhen firedClient should
not_found404Requested resource doesn't exist or isn't visible.Verify the id
user_not_found404Referenced user doesn't exist.Verify the id
key_not_available404User's API key isn't displayable.Regenerate
cep_not_available404CEP for the validation isn't available yet.Retry later
image_not_available404Original image isn't accessible.Re-upload (if applicable)
changelog_not_found404Requested version doesn't exist.List via GET /v1/public/changelog
changelog_empty404No changelog published.Wait for publication
method_not_allowed405HTTP method not supported for this path.Use an allowed one
internal_error500Unexpected failure.Retry with backoff
dispatch_failed500/503Job couldn't be dispatched to the worker.Retry

Admin (internal operation)

These codes come from /v1/admin/* endpoints and require a permissioned role. The complete list covers queues, scheduled tasks, services, migrations, seeders, tests, plans, security, and i18n panels. The most recurring ones are listed below; the rest follow the convention <domain>_<action>_failed for 5xx and <domain>_<action>_invalid for 4xx.

codeStatusDomain
permission_denied403Any admin
admin_self_target_forbidden403Actions on the caller's own user (force-logout, reset-2fa)
cannot_delete_self / cannot_suspend_self / cannot_change_own_role / cannot_change_own_status / cannot_force_logout_self / cannot_reset_own_2fa403Foot-gun guardrails
cannot_suspend_owner / cannot_suspend_admin / only_owner_can_*403RBAC role hierarchy
cannot_deactivate_default_plan / cannot_set_inactive_as_default / plan_cannot_delete_default422Default plan invariants
queues_*_failed500/admin/queues family — overview, states, stats, pause, resume, start, stop, restart, cancel, retry, discard, dlq, batches, jobs, workers, config. Each has its _failed and, where applicable, its _prepare_failed (step-up phase 1).
scheduled_task_*_failed500/admin/scheduled-tasks family — create, update, delete, detail, run_now, executions, drift, list.
migration_*422 / 404migration_not_found, migration_file_missing, migration_filename_required, migration_filename_format, migration_target_version_format, migration_target_invalid_type, migration_mark_bulk_limit.
seeder_*422 / 404seeder_not_found, seeder_invalid, seeder_bulk_limit, seeder_filename_format, seeder_filename_required.
test_*422 / 404test_file_not_found, test_filename_format, test_files_limit, test_files_must_be_array, test_name_invalid, test_suite_empty, test_suite_invalid, compare_runs_must_differ.
worker_not_found / instance_not_found / scheduled_task_not_found / dlq_entry_not_found / execution_not_found / run_not_found404Queues subresources
worker_not_running / job_not_cancellable / run_not_cancellable409Conflict — terminal state
dlq_entry_unreadable422DLQ entry malformed
payload_corrupt / payload_too_large / invalid_payload400 / 413Admin step-up payloads
invalid_action / invalid_instance / invalid_service / invalid_stream / invalid_user_id / invalid_audit_id / invalid_event_id / invalid_delivery_id / invalid_otp_id / invalid_run_id / invalid_id / invalid_param / invalid_status_filter / invalid_source_filter / invalid_target_user_id / invalid_bucket_target / invalid_version / missing_version400Param validation across admin panels
bulk_action_invalid / bulk_slugs_required / bulk_slugs_too_many422Admin bulk endpoints
name_already_exists422Naming collision (broadcasts, plans)
broadcast_not_found / broadcast_empty_audience404 / 422/admin/notifications/broadcasts
logs_read_failed / heartbeat_persist_failed / execution_failed503/admin/services
openapi_spec_missing / openapi_spec_invalid_yaml500/admin/i18n bundle generator
target_required / probe_label_required422/admin/banxico probes
retry_policy_invalid422Per-plan retry caps
permissions_must_be_object422/admin/roles editor
plan_*422 / 404Plan CRUD: plan_name_required, plan_name_too_long, plan_slug_required, plan_slug_format_invalid, plan_duplicate_same_slug, plan_currency_invalid, plan_features_invalid_shape, plan_included_validations_negative, plan_limit_negative, plan_sort_order_negative, plan_trial_days_out_of_range, plan_tax_behavior_invalid, plan_free_cannot_have_initial_prices, plan_stripe_product_missing, plan_price_* (migrate, archive, range).
initial_price_base_required / initial_price_metered_required422Plan create with initial prices
out_of_range / invalid_type422/admin/queues worker config validator
worker_failed / run (queues)500Generic
recent_executions_failed / scheduled_tasks_drift_failed / scheduled_tasks_list_failed500Scheduler
i18nplaceholder_parity_drift, icu_malformed, html_unsafe, brand_removed422/admin/i18n lint

Reporting an error

When something fails unexpectedly:

  1. Capture meta.request_id from the response.
  2. Note the code and the status.
  3. If it's a repeatable 5xx, open a support ticket including both.

The request_id correlates with server-side logs and lets the team trace the exact cause without you having to reproduce it.