Error Reference

All errors are returned in the standard envelope format.

HTTP Status Codes

Code	When
200	Successful request
201	Resource created
401	Not authenticated (no token / expired / invalid)
403	Insufficient permissions (Pundit)
404	Resource not found
422	Validation error

401 Unauthorized

{
  "success": false,
  "status": "401",
  "message": "Token expired",
  "errors": null,
  "data": null
}

Possible message values:

"Token expired" — token has expired, refresh via /auth/refresh
"Invalid token" — token is invalid or missing
"Invalid credentials" — wrong email/password
"Invalid Google token" — id_token failed Google verification

403 Forbidden

{
  "success": false,
  "status": "403",
  "message": "Forbidden",
  "errors": null,
  "data": null
}

User is authenticated but does not have permission for the action (Pundit).

404 Not Found

{
  "success": false,
  "status": "404",
  "message": "Salon not found",
  "errors": null,
  "data": null
}

422 Unprocessable Entity

The only status where the errors field contains an error hash:

{
  "success": false,
  "status": "422",
  "message": "Validation failed",
  "errors": {
    "email": ["has already been taken", "is invalid"],
    "password": ["is too short (minimum is 6 characters)"]
  },
  "data": null
}

errors structure: { "field_name": ["error message", ...] }.

Important

The field is always called errors (plural), never error.
On all responses except 422 the errors field is null.
On all error responses the data field is null.

HTTP Status Codes​

401 Unauthorized​

403 Forbidden​

404 Not Found​

422 Unprocessable Entity​

Important​