{
"shortMessage": "actor token has already been used",
"longMessage": "This actor token has already been used. Each token can only be used once.",
"code": "actor_token_already_used_code"
}{
"shortMessage": "not in sign in",
"longMessage": "Actor tokens can only be used during sign in.",
"code": "actor_token_not_in_sign_in_code"
}{
"shortMessage": "actor token cannot be used",
"longMessage": "This actor token cannot be used anymore. Please request a new one.",
"code": "actor_token_cannot_be_used_code"
}{
"shortMessage": "actor token has been revoked",
"longMessage": "This actor token has been revoked and cannot be used anymore.",
"code": "actor_token_revoked_code"
}{
"shortMessage": "user not found",
"longMessage": "The user of the actor token no longer exists. Please request a new one.",
"code": "actor_token_subject_not_found"
}Auth
IdentificationExists signifies an error when the identifier already exists
{
"shortMessage": "already exists",
"longMessage": "This <identifier> already exists.",
"code": ""
}{
"shortMessage": "Email subaddress not allowed.",
"longMessage": "Email address must not contain the characters '+', '=', or '#'.",
"code": "not_allowed_access",
"meta": {
"name": "email_address"
}
}{
"shortMessage": "Access not allowed.",
"longMessage": "<who> <pluralization> not allowed to access this application.",
"code": "not_allowed_access",
"meta": "{\"Identifiers\": identifiers}"
}
InvalidAuthentication signifies an error when the request is not authenticated
{
"shortMessage": "Invalid authentication",
"longMessage": "Unable to authenticate the request, you need to supply an active session",
"code": "authentication_invalid"
}
InvalidAuthorization signifies an error when the request is not authorized to perform the given operation
{
"shortMessage": "Unauthorized request",
"longMessage": "You are not authorized to perform this request",
"code": "authorization_invalid"
}
InvalidAuthorizationHeaderFormat signifies an error when the Authorization header has no proper format.
{
"shortMessage": "Invalid Authorization header format",
"longMessage": "Invalid Authorization header format. Must be 'Bearer <YOUR_API_KEY>'",
"code": "authorization_header_format_invalid"
}
InvalidCSRFToken signifies an error when the request does not contain a CSRF token or the given token is invalid
{
"shortMessage": "Invalid or missing CSRF token",
"longMessage": "To protect against CSRF attacks, the given request must include a valid CSRF token.",
"code": "csrf_token_invalid"
}{
"shortMessage": "invalid handshake",
"longMessage": "The handshake request is invalid: <reason>",
"code": "invalid_handshake"
}
InvalidHost signifies an error when the incoming request has an invalid host
{
"shortMessage": "Invalid host",
"longMessage": "We were unable to attribute this request to an instance running on Clerk. Make sure that your Clerk Publishable Key is correct.",
"code": "host_invalid"
}
InvalidOriginHeader signifies an error when the origin header of the incoming request is invalid
{
"shortMessage": "Invalid HTTP Origin header",
"longMessage": "The Request HTTP Origin header must be equal to or a subdomain of the requesting URL.",
"code": "origin_invalid"
}
InvalidRequestForEnvironment signifies an error when the incoming request is invalid for given environment(s)
{
"shortMessage": "Invalid request for environment",
"longMessage": "Request only valid for <envTypes> instances.",
"code": "request_invalid_for_environment"
}
InvalidUserSettings signifies an error where the auth settings of the instance
are not well configured, which results in sign in and sign up endpoints to be
restricted.
{
"shortMessage": "invalid auth configuration",
"longMessage": "The authentication settings are invalid.",
"code": "user_settings_invalid"
}
MissingRequestHeadersForNonStandardBrowsers signifies an error when the incoming request is missing mandatory headers
{
"shortMessage": "Invalid request headers",
"longMessage": "Your Clerk Frontend API is accessible from browsers and native applications. To protect against common web attacks, we require the HTTP Authorization header to be present in native application requests. Make sure the HTTP Authorization header is set a valid Clerk client JWT or set it to an empty string for your first Frontend API request that will return your Clerk client JWT.",
"code": "request_header_missing"
}
MissingRequestHeadersForStandardBrowsers signifies an error when the incoming request is missing mandatory headers
{
"shortMessage": "Invalid request headers",
"longMessage": "Your Clerk Frontend API is accessible from browsers and native applications. To protect against standard web attacks, the HTTP Origin header is required in browser requests. If you see this error, you probably accessed Clerk Frontend API directly from the address bar or a browser extension is intercepting your browser requests, removing the HTTP Origin header. For more information refer to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin.",
"code": "request_header_missing"
}{
"shortMessage": "Multiple 'Authorization' header values",
"longMessage": "Setting multiple values in the 'Authorization' header is forbidden",
"code": "multiple_authorization_header_values_forbidden"
}{
"shortMessage": "Multiple 'Origin' header values",
"longMessage": "Setting multiple values in the 'Origin' header is forbidden",
"code": "multiple_origin_header_values_forbidden"
}
NativeAPIDisabled signifies an error when the incoming request is from a native client (\_is\_native={1|true})
and the instance is not configured to allow native API requests.
{
"shortMessage": "Native API disabled",
"longMessage": "The Native API is disabled for this instance. Visit the Clerk Dashboard to enable it.",
"code": "native_api_disabled"
}{
"shortMessage": "Setting both the 'Origin' and 'Authorization' headers is forbidden",
"longMessage": "For security purposes, only one of the 'Origin' and 'Authorization' headers should be provided, but not both. In browser contexts, the 'Origin' header is set automatically by the browser. In native application contexts (e.g. mobile apps), set the 'Authorization' header.",
"code": "origin_authorization_headers_conflict"
}
SignedOut signifies an error when a user is signed out
{
"shortMessage": "Signed out",
"longMessage": "You are signed out",
"code": "signed_out"
}{
"shortMessage": "Unsupported country code",
"longMessage": "Phone numbers from this country (<countryName>) are currently not supported. For more information, please contact <support>.",
"code": "unsupported_country_code",
"meta": "{\"formParameter\": {\"Name\": \"param\"}, \"Alpha2\": alpha2, \"CountryCode\": countryCode}"
}
URLBasedSessionSyncingDisabled signifies an error when the incoming request attempts
to use an endpoint with URL-based session syncing, when the instance operates with
third-party cookies instead.
{
"shortMessage": "URL-based session syncing is disabled for this instance",
"longMessage": "This is a development instance operating with legacy, third-party cookies. To enable URL-based session syncing refer to https://clerk.com/docs/upgrade-guides/url-based-session-syncing.",
"code": "url_based_session_syncing_disabled"
}{
"shortMessage": "Backup codes not available",
"longMessage": "In order to use backup codes, you have to enable any other Multi-factor method",
"code": "backup_codes_not_available"
}{
"shortMessage": "Client not found",
"longMessage": "No client was found with id <clientID>",
"code": "resource_not_found"
}
ClientNotFoundInRequest signifies an error when no client is found in an incoming request
{
"shortMessage": "No client found",
"longMessage": "This request is expecting a client and did not find one",
"code": "client_not_found"
}{
"shortMessage": "Annual plan period not supported",
"longMessage": "Annual plan period not supported",
"code": "annual_plan_period_not_supported"
}{
"shortMessage": "access denied",
"longMessage": "The billing feature is not enabled for this instance. You can enable it at https://dashboard.clerk.com.",
"code": "billing_not_enabled"
}{
"shortMessage": "Another checkout is already in progress",
"longMessage": "Another checkout is already in progress",
"code": "checkout_already_in_progress"
}{
"shortMessage": "Checkout not found",
"longMessage": "Checkout not found",
"code": "checkout_not_found"
}{
"shortMessage": "External payments not setup",
"longMessage": "External payments not setup",
"code": "external_payments_not_setup"
}{
"shortMessage": "Invalid gateway type",
"longMessage": "Gateway type is invalid",
"code": "invalid_gateway_type"
}{
"shortMessage": "Invalid plan change",
"longMessage": "Please choose a different plan or billing interval, or contact support.",
"code": "invalid_plan_change",
"meta": "{\"Plan\": {\"ID\": \"planID\", \"Name\": \"planName\", \"CurrencySymbol\": \"currencySymbol\", \"AmountFormatted\": \"amountFormatted\", \"AnnualAmountFormatted\": \"annualMonthlyAmountFormatted\"}, \"Period\": period}"
}{
"shortMessage": "Invalid use of test card",
"longMessage": "Test card cannot be used in production environment.",
"code": "invalid_use_of_test_card"
}{
"shortMessage": "Missing payer email",
"longMessage": "Payer email is required to perform this operation",
"code": "missing_payer_email"
}{
"shortMessage": "Missing plan ID",
"longMessage": "Plan ID is required to perform this operation",
"code": "missing_plan_id"
}{
"shortMessage": "Payee not active",
"longMessage": "Payee is not active",
"code": "payee_not_active"
}{
"shortMessage": "Payee not found",
"longMessage": "Payee not found",
"code": "payee_not_found"
}{
"shortMessage": "Payer not found",
"longMessage": "Payer not found",
"code": "payer_not_found"
}{
"shortMessage": "Payment attempt failed",
"longMessage": "Payment attempt failed<optionalReason>",
"code": "payment_attempt_failed"
}{
"shortMessage": "Your card was declined",
"longMessage": "The card was declined.",
"code": "payment_attempt_failed_card_declined"
}{
"shortMessage": "Card expired",
"longMessage": "The card has expired.",
"code": "payment_attempt_failed_card_expired"
}{
"shortMessage": "Insufficient funds",
"longMessage": "The card has insufficient funds.",
"code": "payment_attempt_failed_card_insufficient_funds"
}{
"shortMessage": "Processing error",
"longMessage": "There was a processing error with the payment method.",
"code": "payment_attempt_failed_processing_error"
}{
"shortMessage": "Payment method is expired",
"longMessage": "Payment method is expired",
"code": "payment_source_expired"
}{
"shortMessage": "Payment source in use",
"longMessage": "Payment source is in use, as you have active subscriptions. Please cancel those subscriptions before deleting the payment source.",
"code": "payment_source_in_use"
}{
"shortMessage": "Payment source not found",
"longMessage": "Payment source not found",
"code": "payment_source_not_found"
}{
"shortMessage": "Plan not found",
"longMessage": "Plan not found",
"code": "plan_not_found"
}{
"shortMessage": "Subscription not found",
"longMessage": "Subscription not found",
"code": "subscription_not_found"
}{
"shortMessage": "operation not allowed",
"longMessage": "This operation is not allowed on a satellite domain. Try again using the primary domain of your instance.",
"code": "operation_not_allowed_on_satellite_domain"
}
SyncNonceAlreadyConsumed signifies an error when the nonce that was given
during the sync flow is already consumed.
{
"shortMessage": "sync nonce already consumed",
"longMessage": "The given sync nonce has already been consumed and cannot be re-used.",
"code": "sync_nonce_already_consumed"
}{
"shortMessage": "Identifications creation disabled by your enterprise account",
"longMessage": "You cannot create identifications because your enterprise account does not allow it.",
"code": "enterprise_sso_additional_identifications_disabled"
}{
"shortMessage": "Enterprise Connection email address domain mismatch",
"longMessage": "The email address returned by the provider <received> does not match the domain of the enterprise connection <expected> that initiated the authentication.",
"code": "enterprise_sso_email_address_domain_mismatch"
}{
"shortMessage": "Hosted domain mismatch",
"longMessage": "The Enterprise Connection domain does not match the user's hosted domain from the OAuth provider.",
"code": "enterprise_sso_hosted_domain_mismatch"
}{
"shortMessage": "No Enterprise Connection for this sign-in",
"longMessage": "The current sign-in does not have a corresponding Enterprise Connection. Please check the domain of the provided email address.",
"code": "enterprise_sso_sign_in_connection_missing"
}{
"shortMessage": "No Enterprise Connection for this sign-up",
"longMessage": "The current sign-up does not have a corresponding Enterprise Connection. Please check the domain of the provided email address.",
"code": "enterprise_sso_sign_up_connection_missing"
}{
"shortMessage": "Enterprise Connection user attribute missing",
"longMessage": "This account does not have an associated '<attrName>' attribute. Contact your IdP administrator for resolution.",
"code": "enterprise_sso_user_attribute_missing"
}{
"shortMessage": "not enabled",
"longMessage": "This feature is not enabled on this instance",
"code": "feature_not_enabled"
}{
"shortMessage": "dynamic client registration is not enabled",
"longMessage": "Dynamic client registration is not enabled on this instance. Please enable it in the instance settings to use this feature",
"code": "feature_requires_dynamic_oauth_client_registration"
}{
"shortMessage": "not an OAuth 2.0 edge access token storage",
"longMessage": "You are using the legacy OAuth 2.0 provider. Please migrate to the new OAuth 2.0 edge access token storage to use this feature",
"code": "feature_requires_oauth2_edge_access_token_storage"
}{
"shortMessage": "not an OIDC provider",
"longMessage": "You are using the legacy OAuth 2.0 provider. Please migrate to the new OIDC compatible provider to use this feature",
"code": "feature_requires_oidc_provider"
}Forms
FormAtLeastOneItemInArrayRequired signifies an error when at least one item in an array is required
{
"shortMessage": "at least one item must be provided",
"longMessage": "at least one item must be provided for `<param>`",
"code": "form_param_missing",
"meta": {
"name": "param"
}
}
FormDisabledParameterValue signifies an error when the given parameter has an invalid value because it is not enabled in the settings
{
"shortMessage": "is disabled",
"longMessage": "<value> is disabled. Please verify you're using the correct instance, or see our docs to learn how to enable this value.",
"code": "form_param_value_disabled",
"meta": {
"name": "param"
}
}
FormDuplicateParameter signifies an error when a duplicate parameter is found in a form
{
"shortMessage": "is duplicate",
"longMessage": "<param> included multiple times. There should only be one.",
"code": "form_param_duplicate",
"meta": {
"name": "param"
}
}
FormIdentifierExists signifies an error when given identifier already exists
{
"shortMessage": "",
"code": "form_identifier_exists",
"meta": {
"name": "param"
}
}
FormIdentifierNotFound signifies an error when a required identifier is not found
{
"shortMessage": "",
"code": "form_identifier_not_found",
"meta": {
"name": "param"
}
}
FormIncorrectCode signifies an error when the given code is incorrect
{
"shortMessage": "is incorrect",
"longMessage": "Incorrect code",
"code": "form_code_incorrect",
"meta": {
"name": "param"
}
}{
"shortMessage": "is incorrect",
"longMessage": "Incorrect signature",
"code": "form_incorrect_signature"
}{
"shortMessage": "is invalid",
"longMessage": "<param> must be a valid email address.",
"code": "form_param_format_invalid",
"meta": {
"name": "param"
}
}{
"shortMessage": "invalid email addresses",
"longMessage": "The following email addresses are invalid: <emailAddresses>",
"code": "form_param_format_invalid",
"meta": {
"emailaddresses": "invalidemailaddresses"
}
}
FormInvalidEncodingParameterValue signifies an error when the given parameter has an invalid encoding
{
"shortMessage": "invalid character encoding",
"longMessage": "<param> contains invalid UTF-8 characters",
"code": "form_param_value_invalid",
"meta": {
"name": "param"
}
}
FormInvalidParameterFormat signifies an error when the given parameter has an invalid format
{
"shortMessage": "",
"code": "form_param_format_invalid",
"meta": {
"name": "param"
}
}
FormInvalidParameterValue signifies an error when the given parameter has an invalid value
{
"shortMessage": "is invalid",
"longMessage": "<value> does not match one of the allowed values for parameter <param>",
"code": "form_param_value_invalid",
"meta": {
"name": "param"
}
}
FormInvalidParameterValueWithAllowed signifies an error when the given parameter has an invalid value.
The difference with FormInvalidParameterValue is that this error also includes the allowed values
{
"shortMessage": "is invalid",
"longMessage": "<value> does not match the allowed values for parameter <param>. Allowed values: <allowedValues>",
"code": "form_param_value_invalid",
"meta": {
"name": "param"
}
}
FormInvalidPasswordLengthTooLong signifies an error when the password is invalid because of its length
{
"shortMessage": "",
"code": "form_password_length_too_long",
"meta": {
"name": "param"
}
}
FormInvalidPasswordLengthTooShort signifies an error when the password is invalid because of its length
{
"shortMessage": "",
"code": "form_password_length_too_short",
"meta": {
"name": "param"
}
}{
"shortMessage": "Passwords must contain at least one lowercase character.",
"longMessage": "Passwords must contain at least one lowercase character.",
"code": "form_password_no_lowercase",
"meta": {
"name": "param"
}
}{
"shortMessage": "Passwords must contain at least one number.",
"longMessage": "Passwords must contain at least one number.",
"code": "form_password_no_number",
"meta": {
"name": "param"
}
}{
"shortMessage": "",
"code": "form_password_no_special_char",
"meta": {
"name": "param"
}
}{
"shortMessage": "Given password is not strong enough.",
"longMessage": "Given password is not strong enough.",
"code": "form_password_not_strong_enough"
}{
"shortMessage": "Passwords must contain at least one uppercase character.",
"longMessage": "Passwords must contain at least one uppercase character.",
"code": "form_password_no_uppercase",
"meta": {
"name": "param"
}
}
FormInvalidPasswordSizeInBytesExceeded signifies that the size in bytes was exceeded.
Note that the maximum character length constraint may fail to detect this case,
if multi-byte characters are included in the password.
For example, bcrypt limit https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.8.0:bcrypt/bcrypt.go;l=87
{
"shortMessage": "Your password has exceeded the maximum number of bytes allowed, please shorten it or remove some special characters.",
"longMessage": "Your password has exceeded the maximum number of bytes allowed, please shorten it or remove some special characters.",
"code": "form_password_size_in_bytes_exceeded",
"meta": {
"name": "param"
}
}{
"shortMessage": "is invalid",
"longMessage": "<param> must be a valid phone number according to E.164 international standard.",
"code": "form_param_format_invalid",
"meta": {
"name": "param"
}
}
FormInvalidTypeParameter signifies an error when a form parameter has the wrong type
{
"shortMessage": "is invalid",
"longMessage": "`<param>` must be a `<paramType>`.",
"code": "form_param_type_invalid",
"meta": {
"name": "param"
}
}
FormInvalidUsernameCharacter signifies an error when the given username does not match username regex
{
"shortMessage": "",
"code": "form_username_invalid_character",
"meta": {
"name": "param"
}
}
FormInvalidUsernameLength signifies an error when the given username does not have required length
{
"shortMessage": "",
"code": "form_username_invalid_length",
"meta": {
"name": "param"
}
}
FormInvalidUsernameNeedsNonNumberCharCode signifies an error when the given username does not match username regex
{
"shortMessage": "",
"code": "form_username_needs_non_number_char",
"meta": {
"name": "param"
}
}
FormInvalidWeb3Wallet signifies an error when the given web3 wallet address is invalid
{
"shortMessage": "is invalid",
"longMessage": "<param> must be a valid web3 wallet address that starts with 0x and contains 40 hexadecimal characters.",
"code": "form_param_format_invalid",
"meta": {
"name": "param"
}
}
FormDisabledParameterValue signifies an error when the legal consent value has not been filled
{
"shortMessage": "legal not accepted",
"longMessage": "Legal consent must be accepted in order to continue.",
"code": "legal_not_accepted",
"meta": {
"name": "param"
}
}
FormMaximumParametersExceeded signifies an error when more than 100 of the same param is included.
{
"shortMessage": "",
"longMessage": "<param> is included more than the maximum of 100 times.",
"code": "form_param_duplicate",
"meta": {
"name": "param"
}
}
FormMetadataInvalidType signifies an error when the given metadata is not a valid key-value object
{
"shortMessage": "",
"code": "form_param_value_invalid",
"meta": {
"name": "param"
}
}
FormMissingParameter signifies an error when an expected form parameter is missing
{
"shortMessage": "is missing",
"longMessage": "<param> must be included.",
"code": "form_param_missing",
"meta": {
"name": "param"
}
}
FormMissingResource signifies an error when the form parameter is referring to a missing resource
{
"shortMessage": "is missing",
"longMessage": "The resource associated with the supplied <param> was not found.",
"code": "form_resource_not_found",
"meta": {
"name": "param"
}
}
FormNilParameter signifies an error when a nil parameter is found in a form
{
"shortMessage": "",
"code": "form_param_nil",
"meta": {
"name": "param"
}
}
FormNilParameterWithCustomText signifies an error when a nil parameter is found in a form.
This variant also accepts a custom text to be displayed.
{
"shortMessage": "",
"code": "form_param_nil",
"meta": {
"name": "param"
}
}
FormParameterMaxLengthExceeded signifies an error when the given param value exceeds the maximum allowed length
{
"shortMessage": "exceeds maximum length",
"longMessage": "<parameter> should not exceed %d characters.",
"code": "form_param_max_length_exceeded",
"meta": {
"name": "param"
}
}
FormParameterNotAllowedConditionally signifies an error when parameter is not allowed based on condition
{
"shortMessage": "is not allowed",
"longMessage": "`<param>` isn't allowed when `<leftCondition>` is <rightCondition>.",
"code": "form_conditional_param_disallowed",
"meta": {
"name": "param"
}
}
FormParameterSizeTooLarge signifies an error when a parameter exceeds the max allowed size
{
"shortMessage": "",
"code": "form_param_exceeds_allowed_size",
"meta": {
"name": "param"
}
}
FormPasswordIncorrect signifies an error when given password is incorrect
{
"shortMessage": "Password is incorrect. Try again, or use another method.",
"longMessage": "Password is incorrect. Try again, or use another method.",
"code": "form_password_incorrect",
"meta": {
"name": "param"
}
}
FormPasswordValidationFailed signifies a generic error when the password validation failed
{
"shortMessage": "Incorrect password. Please try again.",
"longMessage": "Incorrect password. Please try again.",
"code": "form_password_validation_failed",
"meta": {
"name": "param"
}
}
FormPwnedPassword signifies an error when the chosen password has been found in the pwned list
{
"shortMessage": "",
"code": "form_password_pwned",
"meta": {
"name": "param"
}
}
FormUnknownParameter signifies an error when an unexpected parameter is found in a form
{
"shortMessage": "is unknown",
"longMessage": "<param> is not a valid parameter for this request.",
"code": "form_param_unknown",
"meta": {
"name": "param"
}
}
FormValidationFailed converts validator.ValidationErrors to Error.
{
"shortMessage": "is invalid",
"longMessage": "<sanitizedField> is invalid",
"code": "form_param_value_invalid",
"meta": {
"name": "sanitizedfield"
}
}{
"shortMessage": "CAPTCHA verification is required",
"longMessage": "CAPTCHA verification is required",
"code": "requires_captcha"
}{
"shortMessage": "device attestation challenge client mismatch",
"longMessage": "The device attestation challenge provided is not valid for the client.",
"code": "device_attestation_challenge_client_mismatch"
}{
"shortMessage": "device attestation is misconfigured",
"longMessage": "Device attestation is misconfigured for this instance.",
"code": "device_attestation_misconfigured"
}{
"shortMessage": "device attestation not configured",
"longMessage": "Device attestation is not configured for this instance.",
"code": "device_attestation_not_configured"
}{
"shortMessage": "unsupported native client platform",
"longMessage": "Device attestation is not supported for the client platform.",
"code": "device_attestation_unsupported_platform"
}{
"shortMessage": "device attestation verification failed",
"longMessage": "Failed to verify the provided device attestation.",
"code": "device_attestation_verification_failed"
}{
"shortMessage": "Action blocked",
"longMessage": "This action was detected as suspicious and has been blocked. If you believe this was a mistake, please contact support.",
"code": "action_blocked"
}{
"shortMessage": "Device blocked",
"longMessage": "This device was detected as suspicious and has been blocked. It will no longer be able to perform actions. If you believe this was by mistake, please contact support.",
"code": "device_blocked"
}{
"shortMessage": "Unusual activity was detected",
"longMessage": "Unusual activity was detected. Please try again later or contact our support if you continue to experience issues.",
"code": "captcha_invalid"
}{
"shortMessage": "invalid device attestation assertion",
"longMessage": "The device attestation assertion provided is invalid.",
"code": "invalid_device_attestation_assertion"
}{
"shortMessage": "invalid device attestation challenge",
"longMessage": "The device attestation challenge provided is either invalid or has expired.",
"code": "invalid_device_attestation_challenge"
}{
"shortMessage": "assertion required",
"longMessage": "An assertion is required to verify your device.",
"code": "requires_assertion"
}{
"shortMessage": "Device attestation is required",
"longMessage": "A valid device attestation could not be found for the client.",
"code": "requires_device_attestation"
}{
"shortMessage": "Google One Tap token is invalid",
"longMessage": "The provided Google One Tap token is invalid. Make sure you're using a valid token generated by Google.",
"code": "google_one_tap_token_invalid"
}Identifications
IdentificationNotFound signifies an error when comm is not found
{
"shortMessage": "Resource not found",
"longMessage": "Resource not found",
"code": "resource_not_found"
}{
"shortMessage": "Identification not found",
"longMessage": "No primary identification was found for user <userID>",
"code": "primary_identification_not_found"
}{
"shortMessage": "too many unverified contacts",
"longMessage": "There are too many unverified contacts for this user.",
"code": "too_many_unverified_identifications"
}{
"shortMessage": "Image not found",
"longMessage": "Image not found",
"code": "image_not_found"
}
RequestWithoutImage signifies an error when no image was present in the request.
{
"shortMessage": "Image file missing",
"longMessage": "There was no image file present in the request",
"code": "form_param_missing"
}Instances
InstanceTypeInvalid signifies an error when a request cannot be applied to the given instance
{
"shortMessage": "This request isn't valid for this instance type.",
"longMessage": "This request isn't valid for this instance type.",
"code": "instance_type_invalid"
}{
"shortMessage": "Bad request",
"longMessage": "Bad request",
"code": "bad_request"
}{
"shortMessage": "",
"code": "bad_request"
}
Unexpected is used for all unexpected errors
{
"shortMessage": "Oops, an unexpected error occurred",
"longMessage": "There was an internal error on our servers. We've been notified and are working on fixing it.",
"code": "internal_clerk_error"
}Invitations
InvitationAccountAlreadyExists denotes an error when there is an existing
user identification with the same email as the invitation.
{
"shortMessage": "account exists",
"longMessage": "An account already exists for this invitation. Sign in instead.",
"code": "invitation_account_exists"
}
InvitationAlreadyAccepted denotes an error when someone tries to use
an invitation which is already accepted.
{
"shortMessage": "Invitation is already accepted, try signing in instead.",
"longMessage": "Invitation is already accepted, try signing in instead.",
"code": "invitation_already_accepted"
}{
"shortMessage": "identification not found",
"longMessage": "This invitation refers to a non-existing identification.",
"code": "invitation_account_not_exists"
}
InvitationNotFound denotes an error when there is no invitation with
the given id
{
"shortMessage": "not found",
"longMessage": "No invitation was found with id <invitationID>.",
"code": "resource_not_found"
}
RevokedInvitation denotes an error when the given invitation token
does not correspond to any invitations, which means that the invitation
has been removed.
{
"shortMessage": "The invitation was revoked.",
"longMessage": "The invitation was revoked.",
"code": "revoked_invitation"
}Jwt Templates
JWTTemplateNotFound signifies an error when a JWT template was not found by the provided attribute
{
"shortMessage": "JWT template not found",
"longMessage": "No JWT template exists with <attribute>: <val>",
"code": "resource_not_found"
}{
"shortMessage": "System under maintenance",
"longMessage": "We are currently undergoing maintenance and only essential operations are permitted. We will be back shortly.",
"code": "maintenance_mode"
}Oauth
ExternalAccountEmailAddressVerificationRequired signifies an error when the external account requires email address verification
{
"shortMessage": "Email address verification required",
"longMessage": "Your associated email address is required to be verified, because it was initially created as unverified.",
"code": "external_account_email_address_verification_required"
}{
"shortMessage": "Missing refresh token",
"longMessage": "We cannot refresh your OAuth access token because the server didn't provide a refresh token. Please re-connect your account.",
"code": "external_account_missing_refresh_token"
}
ExternalAccountNotFound signifies an error when the external account of the oauth callback is not found
{
"shortMessage": "Invalid external account",
"longMessage": "The External Account was not found.",
"code": "external_account_not_found"
}
InvalidOAuthCallback signifies an error when the form of OAuth callback is invalid
{
"shortMessage": "Invalid OAuth callback",
"longMessage": "invalid form for oauth_callback",
"code": "oauth_callback_invalid"
}
MisconfiguredOAuthProvider signifies an error when there is a misconfiguration for an OAuth provider
{
"shortMessage": "Misconfigured OAuth provider",
"longMessage": "Misconfigured OAuth provider. Please make sure you have set it correctly",
"code": "misconfigured_oauth_provider"
}
NonAuthenticatableOauthProvider signifies an error when an oauth flow step is attempted for a provider that is not
enabled for authentication.
{
"shortMessage": "",
"longMessage": "%v OAuth is not supported for authentication. Please contact us if you think this error should not appear.",
"code": "oauth_non_authenticatable_provider"
}{
"shortMessage": "",
"longMessage": "You did not grant access to your <providerName> account",
"code": "oauth_access_denied"
}
OAuthAccountAlreadyConnected signifies an error when an OAuth account if already connected for a specific provider
{
"shortMessage": "Already connected",
"longMessage": "Another account is already connected for this particular provider (<providerTitle>)",
"code": "oauth_account_already_connected"
}
OAuthConfigMissing signifies an error when an application does not have
SSO credentials set, for a particular SSO provider.
{
"shortMessage": "",
"longMessage": "The application does not have <provider> OAuth keys set in its settings.",
"code": "oauth_config_missing"
}{
"shortMessage": "Fetch user error",
"longMessage": "Fetch user error",
"code": "oauth_fetch_user_error"
}
OAuthIdentificationClaimed signifies an error when the requested oauth identification is already claimed by another user
{
"shortMessage": "Identification claimed by another user",
"longMessage": "The email address associated with this OAuth account is already claimed by another user.",
"code": "oauth_identification_claimed"
}{
"shortMessage": "",
"longMessage": "Your <providerName> account configuration is invalid. Make sure you register this endpoint in the list of allowed callback URLs.",
"code": "redirect_uri_mismatch"
}{
"shortMessage": "malformed redirect uri provided",
"longMessage": "malformed redirect uri provided",
"code": "redirect_uri_mismatch"
}{
"shortMessage": "Missing OAuth access token",
"longMessage": "OAuth access token is missing",
"code": "oauth_missing_access_token"
}{
"shortMessage": "Cannot refresh OAuth access token",
"longMessage": "The current access token has expired and we cannot refresh it, because the authorization server hasn't provided us with a refresh token",
"code": "oauth_missing_refresh_token"
}{
"shortMessage": "",
"longMessage": "Single-sign on with <providerTitle> OAuth provider is not enabled in the instance settings.",
"code": "oauth_provider_not_enabled"
}
OAuthSharedCredentialsNotSupported signifies an error when an OAuth provider uses our shared credentials, but those are not supported anymore.
{
"shortMessage": "Shared credentials not supported",
"longMessage": "Shared credentials are no longer supported for this provider. Please update via the Clerk Dashboard.",
"code": "oauth_shared_credentials_not_supported"
}{
"shortMessage": "Token exchange error",
"longMessage": "Token exchange error",
"code": "oauth_token_exchange_error"
}
UnsupportedOauthProvider signifies an error when an instance tries to enable
an OAuth external provider which is not supported.
{
"shortMessage": "",
"longMessage": "%v OAuth is not supported. Please contact us if you think this error should not appear.",
"code": "oauth_unsupported_provider"
}Oauth2 Idp
OAuthFetchUserInfo signifies an error when user info cannot be retrieved with the access token
{
"shortMessage": "unable to fetch user info",
"longMessage": "Unable to fetch user info. Check if access token is present and valid.",
"code": "oauth_fetch_user_error"
}{
"shortMessage": "duplicate redirect URI",
"longMessage": "the redirect URI already exists",
"code": "duplicate_record"
}Organizations
400 - User with given identifier is already a member of the organization and cannot be added again
{
"shortMessage": "already a member",
"longMessage": "<user> is already a member of the organization.",
"code": "already_a_member_in_organization"
}{
"shortMessage": "missing permission",
"longMessage": "Current user is missing an organization permission.",
"code": "missing_organization_permission",
"meta": {
"permissions": "permissions"
}
}
403 - Only for organization members Deprecated: This error reveals the existence of an organization to an unauthorized user. Use OrganizationNotFoundOrUnauthorized instead, and ensure other pathways that error when the organization isn't found also use OrganizationNotFoundOrUnauthorized
{
"shortMessage": "not a member",
"longMessage": "Current user is not a member of the organization. Only organization members can perform this action.",
"code": "not_a_member_in_organization"
}{
"shortMessage": "admin delete not enabled",
"longMessage": "Deletion by admin is not enabled for this organization.",
"code": "organization_admin_delete_not_enabled"
}{
"shortMessage": "organizaton domain already exists",
"longMessage": "This domain is already used by another organization.",
"code": "organization_domain_already_exists",
"meta": {
"name": "param"
}
}{
"shortMessage": "blocked email domain",
"longMessage": "This is a blocked email provider domain. Please use a different one.",
"code": "organization_domain_blocked",
"meta": {
"name": "param"
}
}{
"shortMessage": "common email domain",
"longMessage": "This is a common email provider domain. Please use a different one.",
"code": "organization_domain_common",
"meta": {
"name": "param"
}
}{
"shortMessage": "organization enrollment mode not enabled",
"longMessage": "Enrollment mode <enrollmentMode> is not enabled for this instances's organizations.",
"code": "organization_domain_enrollment_mode_not_enabled"
}{
"shortMessage": "Organization domain mismatch",
"longMessage": "The provided email address doesn't match the organization domain name.",
"code": "organization_domain_mismatch",
"meta": {
"name": "param"
}
}{
"shortMessage": "organization domains quota exceeded",
"longMessage": "You have reached your limit of %d domains per organization.",
"code": "organization_domain_quota_exceeded"
}{
"shortMessage": "invitation has already been accepted",
"longMessage": "This invitation has already been accepted. Sign in instead.",
"code": "organization_invitation_already_accepted"
}{
"shortMessage": "email address already exists",
"longMessage": "The email address in this invitation already exists. If it belongs to you, try signing in instead.",
"code": "organization_invitation_identification_already_exists"
}{
"shortMessage": "identification not found",
"longMessage": "User not found. If you don't have an account, sign up first to accept this invitation.",
"code": "organization_invitation_identification_not_exist"
}
404 - Invitation not found.
{
"shortMessage": "not found",
"longMessage": "No invitation found with id <invitationID>.",
"code": "organization_invitation_not_found"
}
404 - Invitation is not pending.
{
"shortMessage": "not pending",
"longMessage": "The organization invitation is not in the 'pending' status.",
"code": "organization_invitation_not_pending"
}{
"shortMessage": "organization invitation not unique",
"longMessage": "Organizations cannot have duplicate pending invitations for an email address.",
"code": "organization_invitation_not_unique"
}{
"shortMessage": "invitation has been revoked",
"longMessage": "This invitation has been revoked and cannot be used anymore.",
"code": "organization_invitation_revoked_code"
}{
"shortMessage": "organization invitation to deleted organization",
"longMessage": "This invitation refers to an organization that has been deleted.",
"code": "organization_invitation_to_deleted_organization"
}{
"shortMessage": "cannot remove enterprise connection organization membership",
"longMessage": "Cannot remove an organization membership that is tied to an enterprise connection.",
"code": "organization_membership_enterprise_connection_cannot_remove"
}{
"shortMessage": "organization membership quota exceeded",
"longMessage": "You have reached the limit of %d organization memberships allowed by the subscription plan. Please upgrade your subscription to add more.",
"code": "organization_membership_plan_quota_exceeded"
}{
"shortMessage": "organization membership quota exceeded",
"longMessage": "You have reached your limit of %d organization memberships, including outstanding invitations.",
"code": "organization_membership_quota_exceeded"
}{
"shortMessage": "organization membership quota exceeded for sso per org",
"longMessage": "The organization you are trying to join is full. Please contact support.",
"code": "organization_membership_quota_exceeded_for_sso"
}{
"shortMessage": "invalid organization name",
"longMessage": "The organization name %q is invalid: <name>",
"code": "form_param_value_invalid",
"meta": {
"name": "name"
}
}{
"shortMessage": "access denied",
"longMessage": "The organizations feature is not enabled for this instance. You can enable it at https://dashboard.clerk.com.",
"code": "organization_not_enabled_in_instance"
}
404 - Organization not found
WARNING: This is safe to use for endpoints where the caller is authorized to be
aware of every organization. But if the endpoint errors if the caller is not
authorized on the organization, do not use this, because it leaks the existence
of the organization! Use OrganizationNotFoundOrUnauthorized instead.
{
"shortMessage": "not found",
"longMessage": "Given organization not found.",
"code": "resource_not_found"
}
404 - Used for any case
{
"shortMessage": "not found or unauthorized",
"longMessage": "Given organization not found, or you don't have permission to access the organization",
"code": "organization_not_found_or_unauthorized"
}{
"shortMessage": "not found",
"longMessage": "Organization role not found",
"code": "resource_not_found",
"meta": {
"name": "paramname"
}
}{
"shortMessage": "suggestion has already been accepted",
"longMessage": "This organization suggestion has already been accepted.",
"code": "organization_suggestion_already_accepted"
}{
"shortMessage": "organization has limited memberships",
"longMessage": "This feature is not supported because organization membership is limited. You can remove the limit by enabling unlimited memberships.",
"code": "organization_unlimited_membership_required"
}{
"shortMessage": "organization has limited memberships",
"longMessage": "This feature is not supported because organization membership is limited. You can remove the limit by upgrading your subscription plan.",
"code": "organization_unlimited_membership_required"
}{
"shortMessage": "authentication failed",
"longMessage": "Passkey authentication failed",
"code": "passkey_authentication_failure"
}{
"shortMessage": "passkey identification not verified",
"longMessage": "Passkey identification not verified. Registration is incomplete.",
"code": "passkey_identification_not_verified"
}{
"shortMessage": "is invalid",
"longMessage": "Invalid passkey public key credential",
"code": "passkey_invalid_public_key_credential",
"meta": {
"name": "param"
}
}{
"shortMessage": "invalid verification",
"longMessage": "Passkey verification contains invalid nonce",
"code": "passkey_invalid_verification"
}{
"shortMessage": "not registered",
"longMessage": "Passkey is not registered.",
"code": "passkey_not_registered"
}Redirect Urls
InvalidRedirectURL signifies an error when a RedirectURL is in invalid format
{
"shortMessage": "Redirect url invalid",
"longMessage": "The provided redirect url is not in a valid format",
"code": "invalid_redirect_url"
}{
"shortMessage": "Redirect url does not belong to your domain",
"longMessage": "The provided redirect URL must belong to your instance's domain",
"code": "redirect_url_domain_mismatch"
}
RedirectURLMismatch signifies an error when the RedirectURL that was passed during an OAuth flow is not included in the redirect_urls whitelist for that instance.
{
"shortMessage": "Redirect url mismatch",
"longMessage": "The current redirect url passed in the sign in or sign up request does not match an authorized redirect URI for this instance. Review authorized redirect urls for your instance. <val>",
"code": "resource_missmatch"
}{
"shortMessage": "",
"longMessage": "<value> does not match one of the allowed values for parameter <param>",
"code": "invalid_query_parameter_value"
}
InvalidRequestBody signifies an error when the body of the request does not conform to the expected format
{
"shortMessage": "Request body invalid",
"longMessage": "The request body is invalid. Please consult the API documentation for more information.",
"code": "request_body_invalid"
}
MalformedRequestParameters signifies an error when the request parameters are malformed and result in parsing errors
{
"shortMessage": "Malformed request parameters",
"longMessage": "The request parameters are malformed and could not be parsed",
"code": "malformed_request_parameters"
}
MissingQueryParameter denotes that the required query parameter, param, was
not provided by the request.
{
"shortMessage": "",
"longMessage": "The query parameter '<param>' is missing from the request. Please consult the API documentation for more information.",
"code": "missing_query_parameter"
}
OriginHeaderMissing
{
"shortMessage": "Origin header missing",
"longMessage": "This request requires an Origin header to be set, but it is missing",
"code": "origin_missing"
}{
"shortMessage": "invalid secret key",
"longMessage": "The secret key given with this proxy request is invalid.",
"code": "proxy_request_invalid_secret_key"
}{
"shortMessage": "missing secret key",
"longMessage": "When using a proxy, it's required to also pass the instance secret key in the Clerk-Secret-Key header.",
"code": "proxy_request_missing_secret_key"
}
UnsupportedContentType signifies an error when provided content type is unsupported
{
"shortMessage": "Content-Type is unsupported",
"longMessage": "Content-Type <actual> is unsupported. You should use <expected> instead.",
"code": "unsupported_content_type"
}{
"shortMessage": "not found",
"longMessage": "No active SAML Connection found with id <connectionID>.",
"code": "saml_connection_active_not_found"
}{
"shortMessage": "Email address domain mismatch",
"longMessage": "The email address domain of the provider's account does not match the domain of the connection.",
"code": "saml_email_address_domain_mismatch"
}{
"shortMessage": "email address domain is used for SAML SSO",
"longMessage": "You can't use this email address, as SAML SSO is enabled for the specific domain.",
"code": "saml_email_address_domain_reserved"
}{
"shortMessage": "Email address mismatch",
"longMessage": "The provided email address differs from the one in the SAML response.",
"code": "saml_email_address_domain_mismatch"
}{
"shortMessage": "SAML SSO not enabled",
"longMessage": "SAML SSO is not enabled for this email address.",
"code": "saml_connection_not_found",
"meta": {
"name": "param"
}
}{
"shortMessage": "Invalid SAML response",
"longMessage": "The SAML response is invalid.<optionalReason>",
"code": "saml_response_invalid"
}{
"shortMessage": "RelayState parameter missing",
"longMessage": "The RelayState parameter is missing from the SAML Response. Note that RelayState is not required if you are using the IdP-initiated flow. See https://clerk.com/docs/authentication/saml/authentication-flows",
"code": "saml_response_relaystate_missing"
}{
"shortMessage": "SAML SSO user attribute missing",
"longMessage": "This account does not have an associated '<attrName>' attribute. Contact your IdP administrator for resolution.",
"code": "saml_user_attribute_missing"
}{
"shortMessage": "unable to create session",
"longMessage": "Unable to create new session when an impersonation session is present. Please sign out first.",
"code": "session_creation_not_allowed"
}{
"shortMessage": "account deprovisioned",
"longMessage": "Your account is deprovisioned",
"code": "deprovisioned"
}
InvalidActionForSession signifies an error occurred when user tries to perform invalid action on a session
{
"shortMessage": "Invalid action for user session",
"longMessage": "Unable to <action> session <sessionID>",
"code": "invalid_action_for_session"
}{
"shortMessage": "Invalid action for session reverification",
"longMessage": "We were unable to <action> for this session, as it's not ready for <resolution>.",
"code": "invalid_action_for_session_reverification"
}
SessionNotFound signifies an error when no session with given sessionID was found
{
"shortMessage": "Session not found",
"longMessage": "No session was found with id <sessionID>",
"code": "resource_not_found"
}{
"shortMessage": "is missing",
"longMessage": "You need to start a new session verification flow first",
"code": "session_reverification_missing"
}{
"shortMessage": "Reverification required",
"longMessage": "You need to provide additional verification to perform this operation",
"code": "session_reverification_required"
}
UnauthorizedActionForSession signifies an error occurred when the requestor is not authorized to perform the
requested action to the respective session.
{
"shortMessage": "Unauthorized action for session",
"longMessage": "Not authorized to perform requested action on session <sessionID>",
"code": "action_for_session_not_authorized"
}Sign In
AccountTransferInvalid signifies an error when no account was found to transfer
{
"shortMessage": "Invalid account transfer",
"longMessage": "There is no account to transfer",
"code": "account_transfer_invalid"
}
AlreadySignedIn signifies an error when given session ID is already signed in
{
"shortMessage": "You're already signed in",
"longMessage": "You're already signed in",
"code": "identifier_already_signed_in",
"meta": "session"
}
IdentificationClaimed signifies an error when the requested identification is already claimed by another user
{
"shortMessage": "Identification claimed by another user",
"longMessage": "One or more identifiers on this sign up have since been connected to a different User. Please sign up again.",
"code": "identification_claimed"
}
InvalidClientStateForAction signifies an error when trying to perform an invalid action for the current client state
{
"shortMessage": "Invalid action",
"longMessage": "We were unable to complete <action> for this Client. <resolution>",
"code": "client_state_invalid"
}
InvalidStrategyForUser signifies an error when the supplied verification strategy is not valid for the account
{
"shortMessage": "Invalid verification strategy",
"longMessage": "The verification strategy is not valid for this account",
"code": "strategy_for_user_invalid"
}
MutationOnOlderSignInNotAllowed signifies an error when trying to mutate an older sign in
{
"shortMessage": "Update operations are not allowed on older sign ins",
"longMessage": "Update operations are not allowed on older sign ins",
"code": "resource_forbidden"
}{
"shortMessage": "no second factors",
"longMessage": "No second factors were found for strategy <strategy>.",
"code": "no_second_factors"
}{
"shortMessage": "email link sign in cannot be completed",
"longMessage": "Email link sign in cannot be completed because it originates from a different client",
"code": "sign_in_email_link_not_same_client"
}{
"shortMessage": "identification or user deleted",
"longMessage": "Either the user or the selected identification were deleted. Please start over.",
"code": "sign_in_identification_or_user_deleted"
}{
"shortMessage": "no identification for user",
"longMessage": "The given token doesn't have an associated identification for the user who created it.",
"code": "sign_in_no_identification_for_user"
}
UserNotFound signifies an error when no user is found with userID
{
"shortMessage": "not found",
"longMessage": "No sign in was found with id <signInID>",
"code": "resource_not_found"
}
SingleModeSessionExists signifies an error when session already exists but we are in single session mode
{
"shortMessage": "Session already exists",
"longMessage": "You're already signed in.",
"code": "session_exists"
}{
"shortMessage": "sign in token has already been used",
"longMessage": "This sign in token has already been used. Each token can only be used once.",
"code": "sign_in_token_already_used_code"
}{
"shortMessage": "not in sign in",
"longMessage": "Sign in tokens can only be used during sign in.",
"code": "sign_in_token_not_in_sign_in_code"
}{
"shortMessage": "sign in token cannot be used",
"longMessage": "This sign in token cannot be used anymore. Please request a new one.",
"code": "sign_in_token_cannot_be_used_code"
}{
"shortMessage": "sign in token has been revoked",
"longMessage": "This sign in token has been revoked and cannot be used anymore.",
"code": "sign_in_token_revoked_code"
}{
"shortMessage": "Error loading CAPTCHA",
"longMessage": "The CAPTCHA failed to load. This may be due to an unsupported browser or a browser extension. Please try a different browser or disabling extensions. If this issue persists, please contact support.",
"code": "captcha_invalid"
}{
"shortMessage": "Sign up unsuccessful due to failed security validations.",
"longMessage": "Sign up unsuccessful due to failed security validations. Please try using a different browser or disabling browser extensions. If issues persist, contact support for assistance.",
"code": "captcha_invalid"
}{
"shortMessage": "Sign up unsuccessful due to failed security validations.",
"longMessage": "Sign up unsuccessful due to failed security validations. Please refresh the page to try again or reach out to support for more assistance.",
"code": "captcha_missing_token"
}{
"shortMessage": "CAPTCHA not enabled",
"longMessage": "You attempted to complete a CAPTCHA, but they are not enabled. If this issue persists, please contact support.",
"code": "captcha_not_enabled"
}{
"shortMessage": "email link sign up cannot be completed",
"longMessage": "Email link sign up cannot be completed because it originates from a different client",
"code": "sign_up_email_link_not_same_client"
}{
"shortMessage": "Sign up forbidden",
"longMessage": "Access to this sign up is forbidden",
"code": "resource_forbidden"
}{
"shortMessage": "Sign-ups restricted",
"longMessage": "New sign-ups are currently restricted.",
"code": "sign_up_mode_restricted"
}{
"shortMessage": "Sign-ups restricted with waitlist",
"longMessage": "Sign-ups are currently unavailable. Join the waitlist, and you will be notified when access becomes available.",
"code": "sign_up_restricted_waitlist"
}
SignUpNotFound returns an API error where no sign up could be found with
the requested ID.
{
"shortMessage": "Sign up not found",
"longMessage": "No sign up was found with id <id>",
"code": "resource_not_found"
}Sms
DevMonthlySMSLimitExceeded signifies an error when an SMS sending attempt is made while the development limit has already been reached
{
"shortMessage": "Development monthly SMS limit exceeded",
"longMessage": "Operation cannot be completed because the monthly limit for SMS messages in development (%d) has been reached.",
"code": "dev_monthly_sms_limit_exceeded",
"meta": "{\"limit\"}"
}{
"shortMessage": "Sending SMS failed",
"longMessage": "Sending SMS failed. Please contact support or try again later.",
"code": "sms_send_error"
}{
"shortMessage": "ticket has expired",
"longMessage": "This ticket has expired and cannot be used anymore.",
"code": "ticket_expired_code"
}{
"shortMessage": "ticket is invalid",
"longMessage": "This ticket is invalid. Make sure you're using a valid ticket generated by Clerk.",
"code": "ticket_invalid_code"
}{
"shortMessage": "invalid TOTP secret",
"longMessage": "The TOTP secret is invalid, please provide a valid one base32 encoded",
"code": "invalid_totp_secret_code"
}
TOTPAlreadyEnabled signifies an error when a user attempts to enable TOTP, but it's already enabled.
{
"shortMessage": "TOTP already enabled",
"longMessage": "TOTP is already enabled on your account",
"code": "totp_already_enabled"
}{
"shortMessage": "Invalid URL scheme",
"longMessage": "Please provide a URL with one of the following schemes: <schemes>",
"code": "invalid_url_scheme",
"meta": {
"name": "paramname"
}
}{
"shortMessage": "Account locked",
"longMessage": "Your account is locked. You will be able to try again in <timeRemaining>. For more information, please contact <support>.",
"code": "user_locked"
}{
"shortMessage": "Account locked",
"longMessage": "Your account is locked. For more information, please contact <support>.",
"code": "user_locked"
}{
"shortMessage": "forbidden",
"longMessage": "Resource forbidden",
"code": "resource_forbidden"
}{
"shortMessage": "not found",
"longMessage": "Resource not found",
"code": "resource_not_found"
}{
"shortMessage": "no password set",
"longMessage": "This user does not have a password set for their account",
"code": "no_password_set"
}{
"shortMessage": "password required",
"longMessage": "Settings for this instance require a password to be set. Cannot remove the user's password.",
"code": "password_required"
}{
"shortMessage": "deprecated feature",
"longMessage": "Password is not a valid parameter and can only be updated via /v1/me/change_password",
"code": "updating_user_password_deprecated"
}
UserBanned signifies an error when a user is banned
{
"shortMessage": "User banned",
"longMessage": "You have been banned. If you think this was by mistake, please contact support.",
"code": "user_banned"
}{
"shortMessage": "create organization not enabled",
"longMessage": "Organization creation is not enabled for this user",
"code": "user_create_organization_not_enabled"
}{
"shortMessage": "delete self not enabled",
"longMessage": "Self deletion is not enabled for this user",
"code": "user_delete_self_not_enabled"
}
UserNotFound signifies an error when no user is found with userID
{
"shortMessage": "not found",
"longMessage": "No user was found with id <userID>",
"code": "resource_not_found"
}{
"shortMessage": "user quota exceeded",
"longMessage": "You have reached your limit of %d users. <maxAllowed>",
"code": "user_quota_exceeded"
}Verification
VerificationAlreadyVerified signifies an error when verification has already been verified
{
"shortMessage": "already verified",
"longMessage": "This verification has already been verified.",
"code": "verification_already_verified"
}{
"shortMessage": "Too many verification code requests",
"longMessage": "Too many verification code requests. Please wait at least 30 seconds to receive your code before trying again.",
"code": "verification_code_too_many_requests"
}
VerificationExpired signifies an error when verification has expired
{
"shortMessage": "expired",
"longMessage": "This verification has expired. You must create a new one.",
"code": "verification_expired"
}
VerificationFailed signifies an error when verification fails
{
"shortMessage": "failed",
"longMessage": "Too many failed attempts. You have to try again with the same or another method.",
"code": "verification_failed"
}
VerificationInvalidLinkToken means that the provided JWT token from the
link cannot be parsed.
{
"shortMessage": "invalid link token",
"longMessage": "Verification link token is invalid",
"code": "verification_link_token_invalid"
}
VerificationInvalidLinkTokenSource means that the provided JWT token from
the link has an invalid source type.
{
"shortMessage": "invalid link token source",
"longMessage": "Verification link token source is invalid",
"code": "verification_link_token_source_invalid"
}
VerificationInvalidStrategy signifies an error when the given strategy is not valid for current verification
{
"shortMessage": "has invalid strategy",
"longMessage": "The strategy is not valid for the current verification.",
"code": "verification_strategy_invalid"
}
VerificationLinkTokenExpired means that the provided JWT token from the
link has expired.
{
"shortMessage": "expired link token",
"longMessage": "Verification link token has expired",
"code": "verification_link_token_expired"
}
VerificationMissing signifies an error when the verification is missing
{
"shortMessage": "is missing",
"longMessage": "This strategy requires verification preparation before attempting to validate it.",
"code": "verification_missing"
}
VerificationNotSent signifies an error when verification email was not sent
{
"shortMessage": "not sent",
"longMessage": "You need to send a verification code before attempting to verify.",
"code": "verification_not_sent"
}
VerificationUnknownStatus signifies an unexpected error when unknown verification status is found
{
"shortMessage": "Unknown verification status",
"longMessage": "Found unknown verification status <status>",
"code": "verification_status_unknown"
}{
"shortMessage": "Waitlist not accepting entries",
"longMessage": "The waitlist is not accepting new entries at this time. Please try again later.",
"code": "waitlist_not_accepting_entries"
}Feedback
Last updated on