...
| Error code | Error Message | Description | Example |
|---|---|---|---|
| API blocked | This API has been blocked temporarily. Please try again later or contact the system administrators. | Invoke an API which is in the BLOCKED lifecycle state |
900800 | Message throttled out | The maximum number of requests that can be made to the API within a designated time period is reached and the API is throttled for the user. | Invoke an API exceeding the tier limit |
900801 | Hard limit exceeded | Hard throttle limit has been reached | Invoke an API exceeding the hard throttle limit |
900802 | Resource level throttle out | Message is throttled out because resource level has exceeded | Sending/Receiving messages beyond authorized resource level |
900803 | Application level throttle out | Message is throttled out because application level is exceeded | Sending/Receiving messages beyond authorized application level |
900804 | Subscription level throttled out | Message throttled out due to subscription level throttling limit reached. | Sending/Receiving messages beyond configured throttling limit of subscription level policy. |
900805 | Message blocked | Accessing an API which is blocked on user, IP, application, or API Context. | An admin user can block API invocations in real time by user, IP, application, or API context. The API invocation meets the blocked condition. |
900806 | Custom policy throttled out | Message throttled out due to exceeding the limit configured through the custom throttling policy rules. | The API invocations meet custom throttle policy rules, exceeding the limits of the configured custom policy. |
900807 | Message throttled out | Messaged throttled out because of exceeding the burst control/rate limit (requests per second) in the subscription level policy. | Sending/Receiving messages exceeding the configured burst control/rate limit within second. |
900900 | Unclassified authentication failure | An unspecified error has occurred | Backend service for key validation is not accessible when trying to invoke an API |
900901 | Invalid credentials | Invalid authentication information provided | Using an older access token after an access token has been renewed. |
900902 | Missing credentials | No authentication information provided | Accessing an API without Authorization: Bearer header |
900905 | Incorrect access token type is provided | The access token type used is not supported when invoking the API. The supported access token types are application and user accesses tokens. See Access Tokens. | Invoke an API with application token, where the resource only allows application user tokens |
900906 | No matching resource found in the API for the given request | A resource with the name in the request can not be found in the API. | Invoke an API resource that is not available |
900907 | The requested API is temporarily blocked | Happens when the API user is blocked. | Invoke API resource with a subscription that has been blocked by the API publisher |
900908 | Resource forbidden | The user invoking the API has not been granted access to the required resource. | Invoke an unsubscribed API |
900909 | The subscription to the API is inactive | The status of the API has changed to an inaccessible/unavailable state. | Invoke an API resource with a subscription that has not yet been approved by the administrator. |
900910 | The access token does not allow you to access the requested resource | Can not access the required resource with the provided access token. Check the valid resources that can be accessed with this token. | Invoke API resource with an access token that is not generated to be used with the resource's scope. |
102511 | Incomplete payload | The payload sent with the request is too large and the client is unable to keep the connection alive until the payload is completely transferred to the API Gateway | Sending a large PDF file with the POST request |
...
| Fault Sequence | Description |
|---|---|
fault.xml | This is the primary fault sequence that gets invoked when an error occurs during the execution of an API resources |
main.xml | This sequence is called when the endpoint being called does not exist |
_auth_failure_handler.xml | This sequence is called when an API authentication error is encountered |
_production_key_error.xml | This sequence is called when a Production key is used to invoke an API that does not have a Production endpoint defined |
_sandbox_key_error.xml | This sequence is called when a Sandbox key is used to invoke an API that does not have a Sandbox endpoint defined |
_throttle_out_handler.xml | This sequence is called when a given request to an API gets throttled out |
_token_fault.xml | This sequence is called when there is an error in invoking the token API |
_resource_mismatch_handler.xml | This sequence is called when a matching resource cannot be found by the gateway to the corresponding resource being invoked |
| This sequence enables sending CORS specific headers when the CORS specific configuration (CORSConfiguration) is enabled in WSO2 API Manager in the <API-M_HOME>/repository/conf/api-manager.xml file. |
_threat_fault_.xml | This sequence is called to send error messages with regard to threat detection. |
dispatchSeq.xml | This sequence is defined as a default handler for any inbound WebSocket calls. |
outDispatchSeq.xml | This sequence is defined to handle any outbound WebSocket calls. |
| Info |
|---|
The default sequences can also be customized as shown in the section above. |